Description of problem: The ticket.py module uses SHA-1 for signatures/verification. This should be replaced with SHA-256. It should be done in coordination with updating the equivalent java code, and users of both of them.
Can this bug be verified according to https://bugzilla.redhat.com/show_bug.cgi?id=1912691#c2?
(In reply to Qin Yuan from comment #1) > Can this bug be verified according to > https://bugzilla.redhat.com/show_bug.cgi?id=1912691#c2? I think so, yes. I didn't check the changes for the other bug, which is for Java code. For current bug, about the python code, we kept the option of using SHA-1 - we generate both SHA-1 and SHA-256, and for signature verification use SHA-256 if it's included, otherwise SHA-1. We do want to remove SHA-1 eventually, but decided it's safer to not this these in a single step, but separate - add SHA-256 support in one version (current) and remove SHA-1 in a later version (the next one, likely). I now opened bug 1954041 to track this.
Didi, thank you for your explanation. Move this bug to VERIFIED according to comment #2 and https://bugzilla.redhat.com/show_bug.cgi?id=1912691#c2
This bugzilla is included in oVirt 4.4.6 release, published on May 4th 2021. Since the problem described in this bug report should be resolved in oVirt 4.4.6 release, it has been closed with a resolution of CURRENT RELEASE. If the solution does not work for you, please open a new bug report.