summaryrefslogtreecommitdiff
path: root/keystone/tests/unit/fakeldap.py
diff options
context:
space:
mode:
authorDave Wilde (d34dh0r53) <dwilde@redhat.com>2022-10-13 15:37:53 -0500
committerDavid Wilde <dwilde@redhat.com>2022-10-30 02:27:25 +0000
commit164d9522b8a150892432dbaba681c95d91d9508c (patch)
tree486c331eb5ec7e2ae0b7cf7a41148382a5a339bf /keystone/tests/unit/fakeldap.py
parenta26b9c20de7103b1cb6cdd43bd2f2cca9a29fa2f (diff)
downloadkeystone-164d9522b8a150892432dbaba681c95d91d9508c.tar.gz
Limit token expiration to application credential expiration
If a token is issued with an application credential we need to check the expiration of the application credential to ensure that the token does not outlive the application credential. This ensures that if the token expiration is greaten than that of the application credential it is reset to the expiration of the application credential and a warning is logged. Please see CVE-2022-2447 for more information. Closes-Bug: 1992183 Change-Id: If6f9f72cf25769d022a970fac36cead17b2030f2 (cherry picked from commit 8f999d1c1f54a903c1da648ecaa2ce44acdb1fd1)
Diffstat (limited to 'keystone/tests/unit/fakeldap.py')
0 files changed, 0 insertions, 0 deletions
View Lorry Controller Status