openstack/swift
Code Issues Proposed changes
118cf2ba8a
swift/etc
History
Tim Burke 118cf2ba8a tempurl: Deprecate sha1 signatures 
We've known this would eventually be necessary for a while [1], and
way back in 2017 we started seeing SHA-1 collisions [2].

[1] https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html
[2] https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html

UpgradeImpact:
==============
"sha1" has been removed from the default set of `allowed_digests` in the
tempurl middleware config. If your cluster still has clients requiring
the use of SHA-1,

- explicitly configure `allowed_digests` to include "sha1" and
- encourage your clients to move to more-secure algorithms.

Depends-On: https://review.opendev.org/c/openstack/tempest/+/832771
Change-Id: I6e6fa76671c860191a2ce921cb6caddc859b1066
Related-Change: Ia9dd1a91cc3c9c946f5f029cdefc9e66bcf01046
Closes-Bug: #1733634
2022-04-22 20:43:01 +10:00
..
account-server.conf-sample Allow floats for all intervals 2021-05-05 15:30:21 -07:00
container-reconciler.conf-sample container-reconciler: support multiple processes 2021-07-21 11:45:01 -07:00
container-server.conf-sample sharder: Make stats interval configurable 2021-10-01 14:35:09 -07:00
container-sync-realms.conf-sample Allow floats for all intervals 2021-05-05 15:30:21 -07:00
dispersion.conf-sample Fix swift-dispersion in multi-region setups 2016-06-01 15:35:47 +02:00
drive-audit.conf-sample py3: Fix swift-drive-audit 2019-10-13 21:55:58 -07:00
internal-client.conf-sample Modify log_name in internal clients' pipeline configs 2022-01-12 11:07:25 +00:00
keymaster.conf-sample py3: Work with proper native string paths in crypto meta 2020-07-29 17:33:54 -07:00
memcache.conf-sample memcache: Add an item_size_warning_threshold option 2022-02-15 16:54:17 +00:00
mime.types-sample PEP 8 compliance and small modification to mime.types file 2010-11-23 19:26:02 -06:00
object-expirer.conf-sample Allow floats for all intervals 2021-05-05 15:30:21 -07:00
object-server.conf-sample object-updater: defer ratelimited updates 2022-02-21 10:56:23 +00:00
proxy-server.conf-sample tempurl: Deprecate sha1 signatures 2022-04-22 20:43:01 +10:00
rsyncd.conf-sample Update SAIO & docker image to use 62xx ports 2020-07-20 15:17:12 -07:00
swift-rsyslog.conf-sample Add sample rsyslog.conf. 2013-06-25 10:24:26 +08:00
swift.conf-sample Update docs to discourage policy names being numbers 2021-03-26 09:17:34 +00:00