openstack
/
manila
Code Issues Proposed changes

Adds "usedforsecurity=False" to veritas drivers 

The purpose of md5 was not specified.
Veritas drivers use mds hashes which pop on bandit as security issues
Putting "usedforsecurity=False" properly shows the hash function
is not use for security.

Change-Id: I78a5b708cd970dcb60f480d8e6a201d0768645fc
This commit is contained in:
Elvis Acheampong 2024-03-26 19:00:05 +00:00
parent 36549c8b97
commit 674c9c9e19
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
manila/share/drivers/veritas/veritas_isa.py
View File

@ -141,8 +141,10 @@ class ACCESSShareDriver(driver.ExecuteMixin, driver.ShareDriver):
index = int(length / 2)
name1 = name[:index]
name2 = name[index:]
crc1 = hashlib.md5(name1.encode('utf-8')).hexdigest()[:8]
crc2 = hashlib.md5(name2.encode('utf-8')).hexdigest()[:8]
crc1 = hashlib.md5(name1.encode('utf-8'),
usedforsecurity=False).hexdigest()[:8]
crc2 = hashlib.md5(name2.encode('utf-8'),
usedforsecurity=False).hexdigest()[:8]
return crc1 + '-' + crc2
def _get_va_snap_name(self, name):