)]}'
{"id":"openstack%2Fkeystone~893549","triplet_id":"openstack%2Fkeystone~stable%2Fwallaby~I8d0bb2438b23227b5a66b94af6f8e198084fcd8d","project":"openstack/keystone","branch":"stable/wallaby","topic":"bug/1901891","attention_set":{},"removed_from_attention_set":{"8313":{"account":{"_account_id":8313,"name":"Lajos Katona","display_name":"lajoskatona","email":"katonalala@gmail.com","username":"elajkat","status":"Ericsson Software Technology"},"last_update":"2023-09-06 15:56:52.000000000","reason":"Change was submitted"}},"hashtags":[],"change_id":"I8d0bb2438b23227b5a66b94af6f8e198084fcd8d","subject":"Force algo specific maximum length \u0026 Properly trimm bcrypt hashed passwords","status":"MERGED","created":"2023-09-04 09:00:55.000000000","updated":"2023-09-06 15:58:48.000000000","submitted":"2023-09-06 15:56:52.000000000","submitter":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"total_comment_count":1,"unresolved_comment_count":0,"has_review_started":true,"submission_id":"893549-bug/1901891","cherry_pick_of_change":892865,"cherry_pick_of_patch_set":1,"meta_rev_id":"37f395b776a0867921009f5aaed2e1e5ee9897f2","_number":893549,"virtual_id_number":893549,"owner":{"_account_id":8313,"name":"Lajos Katona","display_name":"lajoskatona","email":"katonalala@gmail.com","username":"elajkat","status":"Ericsson Software Technology"},"actions":{},"labels":{"Verified":{"approved":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"all":[{"tag":"autogenerated:zuul:gate","value":2,"date":"2023-09-06 15:56:52.000000000","permitted_voting_range":{"min":2,"max":2},"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},{"value":0,"_account_id":17685,"name":"Elod Illes","email":"elod.illes@est.tech","username":"elod.illes"},{"value":0,"_account_id":7414,"name":"David Wilde","email":"dwilde@redhat.com","username":"d34dh0r53"}],"values":{"-2":"Fails","-1":"Doesn\u0027t seem to work"," 0":"No score","+1":"Works for me","+2":"Verified"},"description":"","default_value":0,"optional":true},"Code-Review":{"approved":{"_account_id":17685,"name":"Elod Illes","email":"elod.illes@est.tech","username":"elod.illes"},"all":[{"value":0,"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},{"value":2,"date":"2023-09-04 11:11:06.000000000","permitted_voting_range":{"min":2,"max":2},"_account_id":17685,"name":"Elod Illes","email":"elod.illes@est.tech","username":"elod.illes"},{"value":2,"date":"2023-09-06 14:10:51.000000000","permitted_voting_range":{"min":2,"max":2},"_account_id":7414,"name":"David Wilde","email":"dwilde@redhat.com","username":"d34dh0r53"}],"values":{"-2":"Do not merge","-1":"This patch needs further work before it can be merged"," 0":"No score","+1":"Looks good to me, but someone else must approve","+2":"Looks good to me (core reviewer)"},"description":"","default_value":0,"optional":true},"Workflow":{"approved":{"_account_id":7414,"name":"David Wilde","email":"dwilde@redhat.com","username":"d34dh0r53"},"all":[{"value":0,"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},{"value":0,"_account_id":17685,"name":"Elod Illes","email":"elod.illes@est.tech","username":"elod.illes"},{"value":1,"date":"2023-09-06 14:10:51.000000000","permitted_voting_range":{"min":1,"max":1},"_account_id":7414,"name":"David Wilde","email":"dwilde@redhat.com","username":"d34dh0r53"}],"values":{"-1":"Work in progress"," 0":"Ready for reviews","+1":"Approved"},"description":"","default_value":0,"optional":true}},"removable_reviewers":[],"reviewers":{"REVIEWER":[{"_account_id":7414,"name":"David Wilde","email":"dwilde@redhat.com","username":"d34dh0r53"},{"_account_id":17685,"name":"Elod Illes","email":"elod.illes@est.tech","username":"elod.illes"},{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]}]},"pending_reviewers":{},"reviewer_updates":[{"updated":"2023-09-04 09:00:55.000000000","updated_by":{"_account_id":8313,"name":"Lajos Katona","display_name":"lajoskatona","email":"katonalala@gmail.com","username":"elajkat","status":"Ericsson Software Technology"},"reviewer":{"_account_id":7414,"name":"David Wilde","email":"dwilde@redhat.com","username":"d34dh0r53"},"state":"CC"},{"updated":"2023-09-04 09:22:09.000000000","updated_by":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"reviewer":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"state":"CC"},{"updated":"2023-09-04 09:51:09.000000000","updated_by":{"_account_id":17685,"name":"Elod Illes","email":"elod.illes@est.tech","username":"elod.illes"},"reviewer":{"_account_id":17685,"name":"Elod Illes","email":"elod.illes@est.tech","username":"elod.illes"},"state":"CC"},{"updated":"2023-09-04 10:21:43.000000000","updated_by":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"reviewer":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"state":"REVIEWER"},{"updated":"2023-09-04 11:11:06.000000000","updated_by":{"_account_id":17685,"name":"Elod Illes","email":"elod.illes@est.tech","username":"elod.illes"},"reviewer":{"_account_id":17685,"name":"Elod Illes","email":"elod.illes@est.tech","username":"elod.illes"},"state":"REVIEWER"},{"updated":"2023-09-06 14:10:51.000000000","updated_by":{"_account_id":7414,"name":"David Wilde","email":"dwilde@redhat.com","username":"d34dh0r53"},"reviewer":{"_account_id":7414,"name":"David Wilde","email":"dwilde@redhat.com","username":"d34dh0r53"},"state":"REVIEWER"}],"messages":[{"id":"9d121f49b0d14f6404352b18d36aa7f79ae0d2d1","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":8313,"name":"Lajos Katona","display_name":"lajoskatona","email":"katonalala@gmail.com","username":"elajkat","status":"Ericsson Software Technology"},"date":"2023-09-04 09:00:55.000000000","message":"Patch Set 1: Cherry Picked from branch stable/xena.","accounts_in_message":[],"_revision_number":1},{"id":"50efdddb5fc0379d3067a6aa86906cfa774de026","tag":"autogenerated:zuul:check-arm64","author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"date":"2023-09-04 09:22:09.000000000","message":"Patch Set 1:\n\nBuild succeeded (ARM64 pipeline).\nhttps://zuul.opendev.org/t/openstack/buildset/297cfe41a3e54803a95bae275ded8d46\n\n- openstack-tox-py38-arm64 https://zuul.opendev.org/t/openstack/build/c5da4a7336774261bfdb80f5ca177e91 : SUCCESS in 19m 22s (non-voting)\n- openstack-tox-py39-arm64 https://zuul.opendev.org/t/openstack/build/87641a16fcea483390d323255993be4e : SUCCESS in 20m 09s (non-voting)","accounts_in_message":[],"_revision_number":1},{"id":"b3ad56a3df003ec04bc8d109fe40b53ae9c7f6aa","tag":"autogenerated:gerrit:setTopic","author":{"_account_id":8313,"name":"Lajos Katona","display_name":"lajoskatona","email":"katonalala@gmail.com","username":"elajkat","status":"Ericsson Software Technology"},"date":"2023-09-04 09:28:03.000000000","message":"Topic bug/1901891-stable/wallaby removed","accounts_in_message":[],"_revision_number":1},{"id":"f5b6bd0d81e6acad89d6d0ef138938dd20c4141e","tag":"autogenerated:gerrit:setTopic","author":{"_account_id":8313,"name":"Lajos Katona","display_name":"lajoskatona","email":"katonalala@gmail.com","username":"elajkat","status":"Ericsson Software Technology"},"date":"2023-09-04 09:28:15.000000000","message":"Topic set to bug/1901891","accounts_in_message":[],"_revision_number":1},{"id":"6ecafbda1b8bab7809e83e7e510c09c4c58e97d8","tag":"autogenerated:zuul:check","author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"date":"2023-09-04 10:21:43.000000000","message":"Patch Set 1: Verified+1\n\nBuild succeeded (check pipeline).\nhttps://zuul.opendev.org/t/openstack/buildset/bb98b895bd14409985a16111891c8f1e\n\n- openstack-tox-cover https://zuul.opendev.org/t/openstack/build/e2085b806e7d4898961336395f3e13c8 : SUCCESS in 18m 16s\n- openstack-tox-pep8 https://zuul.opendev.org/t/openstack/build/b4dad25c201848a595495d03546f0d8b : SUCCESS in 4m 48s\n- openstack-tox-py36 https://zuul.opendev.org/t/openstack/build/4f9aaa11e2db4dda9f456eba1d4fa272 : SUCCESS in 17m 08s\n- openstack-tox-py38 https://zuul.opendev.org/t/openstack/build/67be891850874d0aa87b989dea87f81c : SUCCESS in 14m 12s\n- openstack-tox-py39 https://zuul.opendev.org/t/openstack/build/18ff4197d70247c0a9dfb7d36fe185c4 : SUCCESS in 14m 27s (non-voting)\n- openstack-tox-docs https://zuul.opendev.org/t/openstack/build/5824cf40608640a8ac7d689153371a55 : SUCCESS in 14m 14s\n- grenade https://zuul.opendev.org/t/openstack/build/98e17c38927a4528b15e4c2a70d6bcd2 : SUCCESS in 1h 08m 16s\n- tempest-full-py3 https://zuul.opendev.org/t/openstack/build/2b600bc6bb8545a5b29d2ef50b553aee : SUCCESS in 1h 19m 33s\n- build-openstack-releasenotes https://zuul.opendev.org/t/openstack/build/6ac12cc1854941808179ef0c2110a7d3 : SUCCESS in 6m 57s\n- keystone-dsvm-py3-functional https://zuul.opendev.org/t/openstack/build/74042a95153c4b60842c2f522df07f60 : SUCCESS in 28m 05s\n- keystone-dsvm-py3-functional-fips https://zuul.opendev.org/t/openstack/build/70d782c65ff0435580aa70f1b39e73c8 : FAILURE in 22m 16s (non-voting)\n- keystone-dsvm-py3-functional-federation-ubuntu-focal https://zuul.opendev.org/t/openstack/build/de1ade0c808a4d75b744c30b9ef04e68 : FAILURE in 39m 07s (non-voting)\n- keystone-dsvm-py3-functional-federation-ubuntu-focal-k2k https://zuul.opendev.org/t/openstack/build/9724b21d2cc3418b8b2b37b29ce5492e : SUCCESS in 39m 35s\n- keystoneclient-devstack-functional https://zuul.opendev.org/t/openstack/build/8edb7adf800a45c0a580a0fa3f624204 : FAILURE in 22m 14s (non-voting)\n- keystone-dsvm-ldap-domain-specific-driver https://zuul.opendev.org/t/openstack/build/8f9f224d8d0f42dfb352dc59e79be613 : FAILURE in 19m 24s (non-voting)\n- tempest-ipv6-only https://zuul.opendev.org/t/openstack/build/b882ea5ddd624182948bcb7e668e0681 : SUCCESS in 1h 04m 31s\n- keystone-protection-functional https://zuul.opendev.org/t/openstack/build/ef2cb3f1553543a0a50b6e9df7b0af39 : SUCCESS in 49m 01s","accounts_in_message":[],"_revision_number":1},{"id":"784f2b4fcf2f9ac680358b11321f37cb8b6975f2","author":{"_account_id":17685,"name":"Elod Illes","email":"elod.illes@est.tech","username":"elod.illes"},"date":"2023-09-04 11:11:06.000000000","message":"Patch Set 1: Code-Review+2\n\n(1 comment)","accounts_in_message":[],"_revision_number":1},{"id":"e8d92b49ce05519856f614cd79555f0695b3e028","author":{"_account_id":7414,"name":"David Wilde","email":"dwilde@redhat.com","username":"d34dh0r53"},"date":"2023-09-06 14:10:51.000000000","message":"Patch Set 1: Code-Review+2 Workflow+1","accounts_in_message":[],"_revision_number":1},{"id":"3138be0fb3b5075b3a4db6e1ed0216ff94c25037","tag":"autogenerated:zuul:gate","author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"date":"2023-09-06 14:11:21.000000000","message":"Patch Set 1: -Verified\n\nStarting gate jobs.","accounts_in_message":[],"_revision_number":1},{"id":"52dcf6eac02f6b71a7320646d7ff9ef7095864dc","tag":"autogenerated:zuul:gate","author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"date":"2023-09-06 15:56:52.000000000","message":"Patch Set 1: Verified+2\n\nBuild succeeded (gate pipeline).\nhttps://zuul.opendev.org/t/openstack/buildset/136e555bcb9f4c82b1eb3122880ba9fe\n\n- openstack-tox-pep8 https://zuul.opendev.org/t/openstack/build/07d40e8fe9e54341a498643e4838be53 : SUCCESS in 5m 33s\n- openstack-tox-py36 https://zuul.opendev.org/t/openstack/build/f466fa49617a466db86c0d6e4c7b8759 : SUCCESS in 16m 49s\n- openstack-tox-py38 https://zuul.opendev.org/t/openstack/build/6934341160af434fa4f9157d9e69fcfa : SUCCESS in 15m 21s\n- openstack-tox-docs https://zuul.opendev.org/t/openstack/build/aede39aa868a4bc29ca1a913134c6003 : SUCCESS in 13m 35s\n- grenade https://zuul.opendev.org/t/openstack/build/744b2b6a9c0648b097c44333e26aee03 : SUCCESS in 1h 01m 31s\n- tempest-full-py3 https://zuul.opendev.org/t/openstack/build/50914125aeac495a9dcbb2a2056e3b02 : SUCCESS in 1h 37m 45s\n- build-openstack-releasenotes https://zuul.opendev.org/t/openstack/build/28f0018134be4546b4391be422157bf0 : SUCCESS in 8m 55s\n- keystone-dsvm-py3-functional https://zuul.opendev.org/t/openstack/build/b61f39b55f0f43ec86afdf69c112f816 : SUCCESS in 37m 21s\n- keystone-dsvm-py3-functional-federation-ubuntu-focal-k2k https://zuul.opendev.org/t/openstack/build/1582ce040b2c40719b24054777fb0e39 : SUCCESS in 36m 21s\n- tempest-ipv6-only https://zuul.opendev.org/t/openstack/build/6eb2bdab4ce04e33b2b40676aa064042 : SUCCESS in 1h 03m 01s\n- keystone-protection-functional https://zuul.opendev.org/t/openstack/build/421a8bbd51ba490298781dc0d62cad00 : SUCCESS in 48m 17s","accounts_in_message":[],"_revision_number":1},{"id":"6da118a22e6b2f0285a64768659106a0a5ab66cb","tag":"autogenerated:gerrit:merged","author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"date":"2023-09-06 15:56:52.000000000","message":"Change has been successfully merged","accounts_in_message":[],"_revision_number":1},{"id":"37f395b776a0867921009f5aaed2e1e5ee9897f2","tag":"autogenerated:zuul:promote","author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"date":"2023-09-06 15:58:48.000000000","message":"Patch Set 1:\n\nBuild succeeded (promote pipeline).\nhttps://zuul.opendev.org/t/openstack/buildset/3d9593f4ad174cccb77c5ab81aa17e90\n\n- promote-openstack-tox-docs https://zuul.opendev.org/t/openstack/build/ffc1ed0dc05d421ea7cfc247133169f2 : SUCCESS in 1m 04s\n- promote-openstack-releasenotes https://zuul.opendev.org/t/openstack/build/c8a219a1ae094439865a4c3eea52cd84 : SUCCESS in 46s","accounts_in_message":[],"_revision_number":1}],"current_revision_number":1,"current_revision":"11e1258ccda688fd6f1414ac664c50df56ca2989","revisions":{"11e1258ccda688fd6f1414ac664c50df56ca2989":{"kind":"REWORK","_number":1,"created":"2023-09-04 09:00:55.000000000","uploader":{"_account_id":8313,"name":"Lajos Katona","display_name":"lajoskatona","email":"katonalala@gmail.com","username":"elajkat","status":"Ericsson Software Technology"},"ref":"refs/changes/49/893549/1","fetch":{"anonymous http":{"url":"https://review.opendev.org/openstack/keystone","ref":"refs/changes/49/893549/1","commands":{"Checkout":"git fetch https://review.opendev.org/openstack/keystone refs/changes/49/893549/1 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://review.opendev.org/openstack/keystone refs/changes/49/893549/1 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://review.opendev.org/openstack/keystone refs/changes/49/893549/1 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://review.opendev.org/openstack/keystone refs/changes/49/893549/1"}}},"commit":{"parents":[{"commit":"08bcd6c3b2eca2976893f3edf2a42d69026f0827","subject":"Merge \"Limit token expiration to application credential expiration\" into stable/wallaby","web_links":[{"name":"gitea","tooltip":"Open in GitWeb","url":"https://opendev.org/openstack/keystone/commit/08bcd6c3b2eca2976893f3edf2a42d69026f0827"}]}],"author":{"name":"Dave Wilde (d34dh0r53)","email":"dwilde@redhat.com","date":"2022-02-09 17:28:59.000000000","tz":-360},"committer":{"name":"Lajos Katona","email":"katonalala@gmail.com","date":"2023-09-04 09:00:55.000000000","tz":0},"subject":"Force algo specific maximum length \u0026 Properly trimm bcrypt hashed passwords","message":"Force algo specific maximum length \u0026 Properly trimm bcrypt hashed passwords\n\nThis is the squash of 2 patches related to bcrypt hashing settings.\n\n1.\nForce algo specific maximum length\n\nThe bcrypt algorithm that we use for password hashing silently\nlength limits the size of the password that is hashed giving the\nuser a false sense of security [0].  This patch adds a check\nin the verify_length_and_trunc_password function for the hash in\nuse and updates the max_length accordingly, this will override\nthe configured value and log a warning if the password is truncated.\n\nConflicts:\n* tox.ini\n\n[0]: https://passlib.readthedocs.io/en/stable/lib/passlib.hash.bcrypt.html#security-issues\n\n2.\nProperly trimm bcrypt hashed passwords\n\nbcrypt  hashing algorythm has a limitation on length of passwords it\ncan hash on 72 bytes. In [1] a password trimm to 54 symbols has been\nimplemented, which resulted in password being invalidated after the\nkeystone upgrade, since passwords are trimmed differently by bcrypt\nitself, as well as len(str()) is not always equal to\nlen(str().encode()) as trimming should be done based on bytes and not\nstring itself.\n\nWith the change we return a byte object from\n`verify_length_and_trunc_password`, so it does not need to\nbe encoded afterwards, since we need to strip based on bytes\nrather then on length of the string.\n\n[1] https://review.opendev.org/c/openstack/keystone/+/828595\n\nCloses-Bug: #2028809\nRelated-Bug: #1901891\noriginal change id: Iea95a3c2df041a0046647b3d3dadead1a6d054d1\n(cherry picked from commit 6730c761d18aa547998f2add833c13f45f257fe7)\n(cherry picked from commit 65f1fb6b4a54386f473369b05c8d10d77fb6710c)\n\nCloses-bug: #1901891\nChange-Id: I8d0bb2438b23227b5a66b94af6f8e198084fcd8d\n(cherry picked from commit 3288af579de8ee312c36fb78ac9309ce8c554827)\n(cherry picked from commit 1b3536a7a4d72e7f7b95cc1874a450accad3ec8d)\n(cherry picked from commit 7852ca24a4eb86cb271ef7ec5e07f8f9c97f926d)\n(cherry picked from commit a38ba2a70cdf7e72c0f17bb80d895ccc1e39a010)\n","web_links":[{"name":"gitea","tooltip":"Open in GitWeb","url":"https://opendev.org/openstack/keystone/commit/11e1258ccda688fd6f1414ac664c50df56ca2989"}],"resolve_conflicts_web_links":[{"name":"gitea","tooltip":"Open in GitWeb","url":"https://opendev.org/openstack/keystone/commit/11e1258ccda688fd6f1414ac664c50df56ca2989"}]},"branch":"refs/heads/stable/wallaby"}},"requirements":[],"submit_records":[{"rule_name":"gerrit~DefaultSubmitRule","status":"CLOSED","labels":[{"label":"Verified","status":"MAY","applied_by":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]}},{"label":"Code-Review","status":"MAY","applied_by":{"_account_id":7414,"name":"David Wilde","email":"dwilde@redhat.com","username":"d34dh0r53"}},{"label":"Workflow","status":"MAY","applied_by":{"_account_id":7414,"name":"David Wilde","email":"dwilde@redhat.com","username":"d34dh0r53"}}]}],"submit_requirements":[{"name":"Verified","description":"Verified in gate by CI","status":"SATISFIED","is_legacy":false,"submittability_expression_result":{"expression":"label:Verified\u003dMAX AND -label:Verified\u003dMIN","fulfilled":true,"status":"PASS","passing_atoms":["label:Verified\u003dMAX"],"failing_atoms":["label:Verified\u003dMIN"],"atom_explanations":{}}},{"name":"Code-Review","description":"Code reviewed by core reviewer","status":"SATISFIED","is_legacy":false,"submittability_expression_result":{"expression":"label:Code-Review\u003dMAX AND -label:Code-Review\u003dMIN","fulfilled":true,"status":"PASS","passing_atoms":["label:Code-Review\u003dMAX"],"failing_atoms":["label:Code-Review\u003dMIN"],"atom_explanations":{}}},{"name":"Workflow","description":"Approved for gate by core reviewer","status":"SATISFIED","is_legacy":false,"submittability_expression_result":{"expression":"label:Workflow\u003dMAX AND -label:Workflow\u003dMIN","fulfilled":true,"status":"PASS","passing_atoms":["label:Workflow\u003dMAX"],"failing_atoms":["label:Workflow\u003dMIN"],"atom_explanations":{}}}]}