)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"f2e3cabd779a73da5c3297ec026c8fa1c9880cf1","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":9,"id":"4ecc8f72_592a35aa","updated":"2022-08-22 13:24:34.000000000","message":"recheck slow package downloads in image build.","commit_id":"d262bc34b36d8200f14b8555f5f4b9cd7cac8e04"}],"doc/source/admin/drivers/redfish.rst":[{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"6f6e04354e64c52485dd00a4a21d407fb5f01958","unresolved":false,"context_lines":[{"line_number":633,"context_line":"Internal Session Cache"},{"line_number":634,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":635,"context_line":""},{"line_number":636,"context_line":"The ``redfish`` hardware type, and derived interfaces, utilizes a built in"},{"line_number":637,"context_line":"session cache which prevents Ironic from re-authenticating every time"},{"line_number":638,"context_line":"the ``ironic-conductor`` attempts to connect to the BMC for any reason."},{"line_number":639,"context_line":""}],"source_content_type":"text/x-rst","patch_set":7,"id":"07e2ddb3_acabb2b3","line":636,"updated":"2022-08-10 10:24:34.000000000","message":"nit: built-in (not sure)","commit_id":"246288842269a1a2f1735feec1a68c76466a17af"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"d0247564cb16c587dbc11cd22be48afa6cbf4214","unresolved":false,"context_lines":[{"line_number":633,"context_line":"Internal Session Cache"},{"line_number":634,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":635,"context_line":""},{"line_number":636,"context_line":"The ``redfish`` hardware type, and derived interfaces, utilizes a built in"},{"line_number":637,"context_line":"session cache which prevents Ironic from re-authenticating every time"},{"line_number":638,"context_line":"the ``ironic-conductor`` attempts to connect to the BMC for any reason."},{"line_number":639,"context_line":""}],"source_content_type":"text/x-rst","patch_set":7,"id":"db46720f_d9777146","line":636,"in_reply_to":"07e2ddb3_acabb2b3","updated":"2022-08-11 17:09:29.000000000","message":"Done.","commit_id":"246288842269a1a2f1735feec1a68c76466a17af"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"6f6e04354e64c52485dd00a4a21d407fb5f01958","unresolved":false,"context_lines":[{"line_number":635,"context_line":""},{"line_number":636,"context_line":"The ``redfish`` hardware type, and derived interfaces, utilizes a built in"},{"line_number":637,"context_line":"session cache which prevents Ironic from re-authenticating every time"},{"line_number":638,"context_line":"the ``ironic-conductor`` attempts to connect to the BMC for any reason."},{"line_number":639,"context_line":""},{"line_number":640,"context_line":"This consists of cached connectors objects which are used and tracked by"},{"line_number":641,"context_line":"a unique consideration of ``redfish_username``, ``redfish_password``,"}],"source_content_type":"text/x-rst","patch_set":7,"id":"c65a1fe7_3e9e66cc","line":638,"updated":"2022-08-10 10:24:34.000000000","message":"very nit: I\u0027d like us to stop talking about the ``ironic-conductor`` executable since some deployments, including our own Bifrost, don\u0027t have it.","commit_id":"246288842269a1a2f1735feec1a68c76466a17af"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"d0247564cb16c587dbc11cd22be48afa6cbf4214","unresolved":false,"context_lines":[{"line_number":635,"context_line":""},{"line_number":636,"context_line":"The ``redfish`` hardware type, and derived interfaces, utilizes a built in"},{"line_number":637,"context_line":"session cache which prevents Ironic from re-authenticating every time"},{"line_number":638,"context_line":"the ``ironic-conductor`` attempts to connect to the BMC for any reason."},{"line_number":639,"context_line":""},{"line_number":640,"context_line":"This consists of cached connectors objects which are used and tracked by"},{"line_number":641,"context_line":"a unique consideration of ``redfish_username``, ``redfish_password``,"}],"source_content_type":"text/x-rst","patch_set":7,"id":"89887fe3_80b824fd","line":638,"in_reply_to":"c65a1fe7_3e9e66cc","updated":"2022-08-11 17:09:29.000000000","message":"Done.","commit_id":"246288842269a1a2f1735feec1a68c76466a17af"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"6f6e04354e64c52485dd00a4a21d407fb5f01958","unresolved":false,"context_lines":[{"line_number":647,"context_line":""},{"line_number":648,"context_line":"The session cache default size is ``1000`` sessions per conductor."},{"line_number":649,"context_line":"If you are operating a deployment with a larger number of Redfish"},{"line_number":650,"context_line":"BMCs, it is advised that you do appropriately tune that number."},{"line_number":651,"context_line":""},{"line_number":652,"context_line":"Session Cache Expiration"},{"line_number":653,"context_line":"~~~~~~~~~~~~~~~~~~~~~~~~"}],"source_content_type":"text/x-rst","patch_set":7,"id":"2eb1dfb6_7e8e3743","line":650,"updated":"2022-08-10 10:24:34.000000000","message":"nit: mention how?","commit_id":"246288842269a1a2f1735feec1a68c76466a17af"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"d0247564cb16c587dbc11cd22be48afa6cbf4214","unresolved":false,"context_lines":[{"line_number":647,"context_line":""},{"line_number":648,"context_line":"The session cache default size is ``1000`` sessions per conductor."},{"line_number":649,"context_line":"If you are operating a deployment with a larger number of Redfish"},{"line_number":650,"context_line":"BMCs, it is advised that you do appropriately tune that number."},{"line_number":651,"context_line":""},{"line_number":652,"context_line":"Session Cache Expiration"},{"line_number":653,"context_line":"~~~~~~~~~~~~~~~~~~~~~~~~"}],"source_content_type":"text/x-rst","patch_set":7,"id":"1d19017b_25068036","line":650,"in_reply_to":"2eb1dfb6_7e8e3743","updated":"2022-08-11 17:09:29.000000000","message":"Done","commit_id":"246288842269a1a2f1735feec1a68c76466a17af"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"6f6e04354e64c52485dd00a4a21d407fb5f01958","unresolved":false,"context_lines":[{"line_number":654,"context_line":""},{"line_number":655,"context_line":"By default, sessions remain cached for as long as possible in"},{"line_number":656,"context_line":"memory, as long as they have not experienced an Authentication,"},{"line_number":657,"context_line":"Connection, or other unexplained error."},{"line_number":658,"context_line":""},{"line_number":659,"context_line":"Under normal circumstances, the sessions will only be rolled out"},{"line_number":660,"context_line":"of the cache in order of oldest first when the cache becomes full."}],"source_content_type":"text/x-rst","patch_set":7,"id":"58447f42_301d9dfc","line":657,"updated":"2022-08-10 10:24:34.000000000","message":"nit: any reason to upper-case authentication and connection?","commit_id":"246288842269a1a2f1735feec1a68c76466a17af"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"d0247564cb16c587dbc11cd22be48afa6cbf4214","unresolved":false,"context_lines":[{"line_number":654,"context_line":""},{"line_number":655,"context_line":"By default, sessions remain cached for as long as possible in"},{"line_number":656,"context_line":"memory, as long as they have not experienced an Authentication,"},{"line_number":657,"context_line":"Connection, or other unexplained error."},{"line_number":658,"context_line":""},{"line_number":659,"context_line":"Under normal circumstances, the sessions will only be rolled out"},{"line_number":660,"context_line":"of the cache in order of oldest first when the cache becomes full."}],"source_content_type":"text/x-rst","patch_set":7,"id":"eef8d5b9_fea042d9","line":657,"in_reply_to":"58447f42_301d9dfc","updated":"2022-08-11 17:09:29.000000000","message":"None, fixing.","commit_id":"246288842269a1a2f1735feec1a68c76466a17af"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"6f6e04354e64c52485dd00a4a21d407fb5f01958","unresolved":false,"context_lines":[{"line_number":658,"context_line":""},{"line_number":659,"context_line":"Under normal circumstances, the sessions will only be rolled out"},{"line_number":660,"context_line":"of the cache in order of oldest first when the cache becomes full."},{"line_number":661,"context_line":"There is no time based expiration to entries in the Session Cache."},{"line_number":662,"context_line":""},{"line_number":663,"context_line":"Of course, the cache is only in memory, and restarting the"},{"line_number":664,"context_line":"``ironic-conductor`` will also cause the cache to be rebuilt"}],"source_content_type":"text/x-rst","patch_set":7,"id":"134750af_ecdca8af","line":661,"updated":"2022-08-10 10:24:34.000000000","message":"nit: you didn\u0027t upper-case session cache above","commit_id":"246288842269a1a2f1735feec1a68c76466a17af"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"d0247564cb16c587dbc11cd22be48afa6cbf4214","unresolved":false,"context_lines":[{"line_number":658,"context_line":""},{"line_number":659,"context_line":"Under normal circumstances, the sessions will only be rolled out"},{"line_number":660,"context_line":"of the cache in order of oldest first when the cache becomes full."},{"line_number":661,"context_line":"There is no time based expiration to entries in the Session Cache."},{"line_number":662,"context_line":""},{"line_number":663,"context_line":"Of course, the cache is only in memory, and restarting the"},{"line_number":664,"context_line":"``ironic-conductor`` will also cause the cache to be rebuilt"}],"source_content_type":"text/x-rst","patch_set":7,"id":"e30de435_41f18a94","line":661,"in_reply_to":"134750af_ecdca8af","updated":"2022-08-11 17:09:29.000000000","message":"Fixed.","commit_id":"246288842269a1a2f1735feec1a68c76466a17af"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"0db6f703740eb382dccf41176eec705c7f9e0845","unresolved":true,"context_lines":[{"line_number":87,"context_line":"                         The \"auto\" mode first tries \"session\" and falls back"},{"line_number":88,"context_line":"                         to \"basic\" if session authentication is not supported"},{"line_number":89,"context_line":"                         by the Redfish BMC. Default is set in ironic config"},{"line_number":90,"context_line":"                         as ``[redfish]auth_type``. Most Operators should not"},{"line_number":91,"context_line":"                         need to leverage this setting. Session based"},{"line_number":92,"context_line":"                         authentication should generally be used in most"},{"line_number":93,"context_line":"                         cases as it prevents re-authentication every time"}],"source_content_type":"text/x-rst","patch_set":9,"id":"7380d788_853441ae","line":90,"updated":"2022-08-23 16:21:25.000000000","message":"nit: operators?","commit_id":"d262bc34b36d8200f14b8555f5f4b9cd7cac8e04"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"6e9dcdadda11edc2d120c9fb79978abbb2ed67de","unresolved":false,"context_lines":[{"line_number":87,"context_line":"                         The \"auto\" mode first tries \"session\" and falls back"},{"line_number":88,"context_line":"                         to \"basic\" if session authentication is not supported"},{"line_number":89,"context_line":"                         by the Redfish BMC. Default is set in ironic config"},{"line_number":90,"context_line":"                         as ``[redfish]auth_type``. Most Operators should not"},{"line_number":91,"context_line":"                         need to leverage this setting. Session based"},{"line_number":92,"context_line":"                         authentication should generally be used in most"},{"line_number":93,"context_line":"                         cases as it prevents re-authentication every time"}],"source_content_type":"text/x-rst","patch_set":9,"id":"cf5034bd_b29ae52e","line":90,"in_reply_to":"7380d788_853441ae","updated":"2022-08-25 18:09:08.000000000","message":"Done","commit_id":"d262bc34b36d8200f14b8555f5f4b9cd7cac8e04"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"0db6f703740eb382dccf41176eec705c7f9e0845","unresolved":true,"context_lines":[{"line_number":97,"context_line":"   The ``redfish_address``, ``redfish_username``, ``redfish_password``,"},{"line_number":98,"context_line":"   and ``redfish_verify_ca`` fields, if changed, will trigger a new session"},{"line_number":99,"context_line":"   to be establsihed and cached with the BMC. The ``redfish_auth_type`` field"},{"line_number":100,"context_line":"   will only be used for the creeation of a new cached session, or should"},{"line_number":101,"context_line":"   one be rejected by the BMC."},{"line_number":102,"context_line":""},{"line_number":103,"context_line":"The ``baremetal node create`` command can be used to enroll"}],"source_content_type":"text/x-rst","patch_set":9,"id":"174c6a4e_c3c7bc90","line":100,"updated":"2022-08-23 16:21:25.000000000","message":"typo: creation","commit_id":"d262bc34b36d8200f14b8555f5f4b9cd7cac8e04"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"6e9dcdadda11edc2d120c9fb79978abbb2ed67de","unresolved":false,"context_lines":[{"line_number":97,"context_line":"   The ``redfish_address``, ``redfish_username``, ``redfish_password``,"},{"line_number":98,"context_line":"   and ``redfish_verify_ca`` fields, if changed, will trigger a new session"},{"line_number":99,"context_line":"   to be establsihed and cached with the BMC. The ``redfish_auth_type`` field"},{"line_number":100,"context_line":"   will only be used for the creeation of a new cached session, or should"},{"line_number":101,"context_line":"   one be rejected by the BMC."},{"line_number":102,"context_line":""},{"line_number":103,"context_line":"The ``baremetal node create`` command can be used to enroll"}],"source_content_type":"text/x-rst","patch_set":9,"id":"f44d75fe_be0538c2","line":100,"in_reply_to":"174c6a4e_c3c7bc90","updated":"2022-08-25 18:09:08.000000000","message":"Done","commit_id":"d262bc34b36d8200f14b8555f5f4b9cd7cac8e04"}],"ironic/drivers/modules/redfish/utils.py":[{"author":{"_account_id":10342,"name":"Jay Faulkner","display_name":"JayF","email":"jay@jvf.cc","username":"JayF","status":"youtube.com/@oss-gr / podcast.gr-oss.io"},"change_message_id":"cee34edf10056fcdd37a0a82b103e1ec20ce374e","unresolved":true,"context_lines":[{"line_number":205,"context_line":"            self._driver_info.get(key)"},{"line_number":206,"context_line":"            for key in (\u0027address\u0027, \u0027username\u0027, \u0027verify_ca\u0027)"},{"line_number":207,"context_line":"        )"},{"line_number":208,"context_line":"        pw_hash \u003d hashlib.new(\u0027sha512\u0027,"},{"line_number":209,"context_line":"                              str(driver_info.get(\u0027password\u0027)).encode(\u0027utf-8\u0027))"},{"line_number":210,"context_line":"        self._password_hash \u003d pw_hash.hexdigest()"},{"line_number":211,"context_line":""}],"source_content_type":"text/x-python","patch_set":2,"id":"c9a2e369_4a351fd9","line":208,"updated":"2022-07-19 19:10:42.000000000","message":"Are these guaranteed to be sha512 everywhere and/or do we already make this assumption?","commit_id":"401f6682a181992f601fe307434918cb09541016"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"d02bda54f2f2a4c7a66a6a6805c1061f3a0cfdc0","unresolved":false,"context_lines":[{"line_number":205,"context_line":"            self._driver_info.get(key)"},{"line_number":206,"context_line":"            for key in (\u0027address\u0027, \u0027username\u0027, \u0027verify_ca\u0027)"},{"line_number":207,"context_line":"        )"},{"line_number":208,"context_line":"        pw_hash \u003d hashlib.new(\u0027sha512\u0027,"},{"line_number":209,"context_line":"                              str(driver_info.get(\u0027password\u0027)).encode(\u0027utf-8\u0027))"},{"line_number":210,"context_line":"        self._password_hash \u003d pw_hash.hexdigest()"},{"line_number":211,"context_line":""}],"source_content_type":"text/x-python","patch_set":2,"id":"56758b17_4d92fa9f","line":208,"in_reply_to":"61c7610f_39c864f0","updated":"2022-08-10 02:58:08.000000000","message":"Done","commit_id":"401f6682a181992f601fe307434918cb09541016"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"30864d0666f1f3469942ada6958a69525af4ce9f","unresolved":true,"context_lines":[{"line_number":205,"context_line":"            self._driver_info.get(key)"},{"line_number":206,"context_line":"            for key in (\u0027address\u0027, \u0027username\u0027, \u0027verify_ca\u0027)"},{"line_number":207,"context_line":"        )"},{"line_number":208,"context_line":"        pw_hash \u003d hashlib.new(\u0027sha512\u0027,"},{"line_number":209,"context_line":"                              str(driver_info.get(\u0027password\u0027)).encode(\u0027utf-8\u0027))"},{"line_number":210,"context_line":"        self._password_hash \u003d pw_hash.hexdigest()"},{"line_number":211,"context_line":""}],"source_content_type":"text/x-python","patch_set":2,"id":"61c7610f_39c864f0","line":208,"in_reply_to":"c9a2e369_4a351fd9","updated":"2022-07-20 00:32:21.000000000","message":"it is just a table to de-duplicate the sessions so we don\u0027t explicitly save the hash and use it as an identifier that gets lost in the session tracking.","commit_id":"401f6682a181992f601fe307434918cb09541016"},{"author":{"_account_id":10342,"name":"Jay Faulkner","display_name":"JayF","email":"jay@jvf.cc","username":"JayF","status":"youtube.com/@oss-gr / podcast.gr-oss.io"},"change_message_id":"cee34edf10056fcdd37a0a82b103e1ec20ce374e","unresolved":true,"context_lines":[{"line_number":221,"context_line":"                # does not match what was on file in momory, then we need to"},{"line_number":222,"context_line":"                # start over with a new client connection. This is because the"},{"line_number":223,"context_line":"                # client connection is only re-used with the credentials it"},{"line_number":224,"context_line":"                # was luanched with, unless it raises an AccessError."},{"line_number":225,"context_line":"                LOG.debug(\u0027A password change has been detected for Redfish \u0027"},{"line_number":226,"context_line":"                          \u0027BMC at address %(endpoint)s. Initiating \u0027"},{"line_number":227,"context_line":"                          \u0027a new session.\u0027,"}],"source_content_type":"text/x-python","patch_set":2,"id":"f6474d6c_67762166","line":224,"updated":"2022-07-19 19:10:42.000000000","message":"spelling: launched","commit_id":"401f6682a181992f601fe307434918cb09541016"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"d02bda54f2f2a4c7a66a6a6805c1061f3a0cfdc0","unresolved":false,"context_lines":[{"line_number":221,"context_line":"                # does not match what was on file in momory, then we need to"},{"line_number":222,"context_line":"                # start over with a new client connection. This is because the"},{"line_number":223,"context_line":"                # client connection is only re-used with the credentials it"},{"line_number":224,"context_line":"                # was luanched with, unless it raises an AccessError."},{"line_number":225,"context_line":"                LOG.debug(\u0027A password change has been detected for Redfish \u0027"},{"line_number":226,"context_line":"                          \u0027BMC at address %(endpoint)s. Initiating \u0027"},{"line_number":227,"context_line":"                          \u0027a new session.\u0027,"}],"source_content_type":"text/x-python","patch_set":2,"id":"c1f7d579_ed08cefe","line":224,"in_reply_to":"7ed874c9_79c72f99","updated":"2022-08-10 02:58:08.000000000","message":"Done","commit_id":"401f6682a181992f601fe307434918cb09541016"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"30864d0666f1f3469942ada6958a69525af4ce9f","unresolved":true,"context_lines":[{"line_number":221,"context_line":"                # does not match what was on file in momory, then we need to"},{"line_number":222,"context_line":"                # start over with a new client connection. This is because the"},{"line_number":223,"context_line":"                # client connection is only re-used with the credentials it"},{"line_number":224,"context_line":"                # was luanched with, unless it raises an AccessError."},{"line_number":225,"context_line":"                LOG.debug(\u0027A password change has been detected for Redfish \u0027"},{"line_number":226,"context_line":"                          \u0027BMC at address %(endpoint)s. Initiating \u0027"},{"line_number":227,"context_line":"                          \u0027a new session.\u0027,"}],"source_content_type":"text/x-python","patch_set":2,"id":"7ed874c9_79c72f99","line":224,"in_reply_to":"f6474d6c_67762166","updated":"2022-07-20 00:32:21.000000000","message":"doh!","commit_id":"401f6682a181992f601fe307434918cb09541016"},{"author":{"_account_id":10342,"name":"Jay Faulkner","display_name":"JayF","email":"jay@jvf.cc","username":"JayF","status":"youtube.com/@oss-gr / podcast.gr-oss.io"},"change_message_id":"28d876bff26b36cbec87059aa02e431615b1e28a","unresolved":true,"context_lines":[{"line_number":201,"context_line":"    def __init__(self, driver_info):"},{"line_number":202,"context_line":"        # Hash the password in the data structure, so we can"},{"line_number":203,"context_line":"        # include it in the session key."},{"line_number":204,"context_line":"        pw_hash \u003d hashlib.new(\u0027sha512\u0027,"},{"line_number":205,"context_line":"                              str(driver_info.get(\u0027password\u0027)).encode(\u0027utf-8\u0027))"},{"line_number":206,"context_line":"        self._driver_info \u003d driver_info"},{"line_number":207,"context_line":"        # Assemble the session key and append the hashed password to it,"}],"source_content_type":"text/x-python","patch_set":8,"id":"d1b6742a_37b8d8e6","line":204,"updated":"2022-08-17 17:53:05.000000000","message":"Lets add a salt to this? It\u0027s extremely unlikely it\u0027d ever be seen, but why risk it? Rainbow tables are just about the only possible SHA512 attack vector...","commit_id":"2b79262f9253fc5f9faab77035ed875e2364e58b"},{"author":{"_account_id":10342,"name":"Jay Faulkner","display_name":"JayF","email":"jay@jvf.cc","username":"JayF","status":"youtube.com/@oss-gr / podcast.gr-oss.io"},"change_message_id":"51b0bfaccaa966a0f0498d6d106cb2483becd5ca","unresolved":false,"context_lines":[{"line_number":201,"context_line":"    def __init__(self, driver_info):"},{"line_number":202,"context_line":"        # Hash the password in the data structure, so we can"},{"line_number":203,"context_line":"        # include it in the session key."},{"line_number":204,"context_line":"        pw_hash \u003d hashlib.new(\u0027sha512\u0027,"},{"line_number":205,"context_line":"                              str(driver_info.get(\u0027password\u0027)).encode(\u0027utf-8\u0027))"},{"line_number":206,"context_line":"        self._driver_info \u003d driver_info"},{"line_number":207,"context_line":"        # Assemble the session key and append the hashed password to it,"}],"source_content_type":"text/x-python","patch_set":8,"id":"83533982_f325b618","line":204,"in_reply_to":"d1b6742a_37b8d8e6","updated":"2022-08-17 18:50:26.000000000","message":"Done","commit_id":"2b79262f9253fc5f9faab77035ed875e2364e58b"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"0db6f703740eb382dccf41176eec705c7f9e0845","unresolved":true,"context_lines":[{"line_number":206,"context_line":"        pw_hash \u003d hashlib.pbkdf2_hmac("},{"line_number":207,"context_line":"            \u0027sha512\u0027,"},{"line_number":208,"context_line":"            driver_info.get(\u0027password\u0027).encode(\u0027utf-8\u0027),"},{"line_number":209,"context_line":"            str(driver_info.get(\u0027address\u0027) * 4).encode(\u0027utf-8\u0027), 500_000)"},{"line_number":210,"context_line":"        self._driver_info \u003d driver_info"},{"line_number":211,"context_line":"        # Assemble the session key and append the hashed password to it,"},{"line_number":212,"context_line":"        # which forces new sessions to be established when the saved password"}],"source_content_type":"text/x-python","patch_set":9,"id":"70213eaf_5f9884e7","line":209,"updated":"2022-08-23 16:21:25.000000000","message":"I wonder if this is a bit too much: the example in the hashlib docs uses sha256. I\u0027d not like it to add up to seconds for many nodes...\n\nAlso, isn\u0027t it a bit of overkill? If someone can dump the memory of the Ironic process, they can likely also access the raw redfish_address.","commit_id":"d262bc34b36d8200f14b8555f5f4b9cd7cac8e04"},{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"8f9d145bd7767afb7e4fa012be0ae47f121f73ae","unresolved":true,"context_lines":[{"line_number":206,"context_line":"        pw_hash \u003d hashlib.pbkdf2_hmac("},{"line_number":207,"context_line":"            \u0027sha512\u0027,"},{"line_number":208,"context_line":"            driver_info.get(\u0027password\u0027).encode(\u0027utf-8\u0027),"},{"line_number":209,"context_line":"            str(driver_info.get(\u0027address\u0027) * 4).encode(\u0027utf-8\u0027), 500_000)"},{"line_number":210,"context_line":"        self._driver_info \u003d driver_info"},{"line_number":211,"context_line":"        # Assemble the session key and append the hashed password to it,"},{"line_number":212,"context_line":"        # which forces new sessions to be established when the saved password"}],"source_content_type":"text/x-python","patch_set":9,"id":"6a7215ee_9fd4c71a","line":209,"in_reply_to":"70213eaf_5f9884e7","updated":"2022-08-23 16:28:04.000000000","message":"Likely overkill, but dynamically salting using the address does seem reasonable. We could use 256, but at the same time I wanted to lean towards something more secure given quantum computing is starting to see some use out there.","commit_id":"d262bc34b36d8200f14b8555f5f4b9cd7cac8e04"}]}