1623224 – PEP8 test fails

Bug 1623224 - PEP8 test fails

Summary: PEP8 test fails

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	openstack-octavia
Sub Component:
Version:	13.0 (Queens)
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	zstream
Target Release:	13.0 (Queens)
Assignee:	Carlos Goncalves
QA Contact:	Alexander Stafeyev
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1629466
TreeView+	depends on / blocked

Reported:	2018-08-28 19:17 UTC by Arie Bregman
Modified:	2019-09-10 14:10 UTC (History)
CC List:	6 users (show)
Fixed In Version:	openstack-octavia-2.0.1-7.bb99c7fgit.el7ost
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Clones:	1629466 (view as bug list)
Environment:
Last Closed:	2018-10-04 11:44:01 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
OpenStack gerrit	593112	0	None	stable/queens: MERGED	octavia: "Resolve" bandit issue with sha1 hashes (Ic337c32020e12183e2246b844ded07a83c6d3ad8)	2018-08-30 17:35:31 UTC

Description Arie Bregman 2018-08-28 19:17:37 UTC

Description of problem:

Test results:
>> Issue: [B303:blacklist] Use of insecure MD2, MD4, MD5, or SHA1 hash function.
   Severity: Medium   Confidence: High
   Location: octavia/common/tls_utils/cert_parser.py:364
   More Info: https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b303-md5
363	    return data_models.TLSContainer(
364	        id=hashlib.sha1(cert.get_certificate()).hexdigest(),
365	        primary_cn=get_primary_cn(cert),

--------------------------------------------------
>> Issue: [B303:blacklist] Use of insecure MD2, MD4, MD5, or SHA1 hash function.
   Severity: Medium   Confidence: High
   Location: octavia/common/utils.py:41
   More Info: https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b303-md5
40	def base64_sha1_string(string_to_hash):
41	    hash_str = hashlib.sha1(string_to_hash.encode('utf-8')).digest()
42	    b64_str = base64.b64encode(hash_str, str.encode('_-', 'ascii'))

Version-Release number of selected component (if applicable): Latest 10


How reproducible: 100%


Steps to Reproduce:
1. Clone repo
2. Checkout 13 branch and run 'tox -e pep8'

Comment 2 Carlos Goncalves 2018-08-28 19:26:43 UTC

Fixed in https://review.openstack.org/#/c/593112/

Queens 2.0.2 (pending release approval https://review.openstack.org/#/c/593954/) will include this fix.

Note You need to log in before you can comment on or make changes to this bug.