On Wed, Mar 29, 2017 at 10:56:41AM -0400, Brian Rosmaita wrote:
> On 3/8/17 2:03 PM, Matthew Thode wrote:
> > So, pycrypto upstream is dead and has been for a while, we should look
> > at moving off of it for both bugfix and security reasons.
> >
> > Currently it's used by the following.
> >
> >
Actually - in lieu of writing specs for this work, we already have a
keystonemiddleware bug open for moving to oslo.cache [0].
I've opened another bug for moving to supported crypto library [1].
[0] https://bugs.launchpad.net/keystonemiddleware/+bug/1523375
[1]
With pycrypto removed from keystoneauth [0] (thanks Brant, Monty, and
Morgan!), I did some poking at the usage in keystonemiddleware [1].
The usage is built into auth_token middleware for encrypting and decrypting
things stored in cache [2], but it is conditional based on configuration
[3] and
On 3/8/17 2:03 PM, Matthew Thode wrote:
> So, pycrypto upstream is dead and has been for a while, we should look
> at moving off of it for both bugfix and security reasons.
>
> Currently it's used by the following.
>
> barbican, cinder, trove, glance, heat, keystoneauth, keystonemiddleware,
>
On 03/08/2017 05:38 PM, Amrith Kumar wrote:
> Sounds like a good candidate for a cross-project release goal.
>
> A non-controversial situation, the work is a no-op for most, a specific
> deliverable for a few, and a mechanism to close the loop and make sure it
> gets done in a specific timeframe?
-Original Message-
From: Davanum Srinivas [mailto:dava...@gmail.com]
Sent: Wednesday, March 8, 2017 2:30 PM
To: OpenStack Development Mailing List (not for usage questions)
<openstack-dev@lists.openstack.org>
Subject: Re: [openstack-dev] [requirements] pycrypto is dead, long live
pycryp
On Wed, Mar 8, 2017 at 8:03 PM, Matthew Thode wrote:
> So, pycrypto upstream is dead and has been for a while, we should look
> at moving off of it for both bugfix and security reasons.
>
> Currently it's used by the following.
>
> barbican, cinder, trove, glance, heat,
On Wed, Mar 8, 2017 at 1:03 PM, Matthew Thode
wrote:
> So, pycrypto upstream is dead and has been for a while, we should look
> at moving off of it for both bugfix and security reasons.
>
> Currently it's used by the following.
>
> barbican, cinder, trove, glance,
One of my goals for Barbican for this cycle is to migrate our code to use
pyca/cryptography exclusively. We currently depend on both because at one
point we needed things that were not available in early releases of
cryptography.
- Douglas Mendizábal (redrobot)
> On Mar 8, 2017, at 1:11 PM,
Ack thanks Matthew!
On Wed, Mar 8, 2017 at 2:24 PM, Matthew Thode wrote:
> I'm aware, iirc it was brought up when pysaml2 had to be fixed due to a
> CVE. This thread is more looking for a long term fix.
>
> On 03/08/2017 01:11 PM, Davanum Srinivas wrote:
>> Matthew,
I'm aware, iirc it was brought up when pysaml2 had to be fixed due to a
CVE. This thread is more looking for a long term fix.
On 03/08/2017 01:11 PM, Davanum Srinivas wrote:
> Matthew,
>
> Please see the last time i took inventory:
> https://review.openstack.org/#/q/pycryptodome+owner:dims-v
>
11 matches
Mail list logo