pulsar-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From zhai...@apache.org
Subject [pulsar] branch master updated: Suggest use sha-512 in SaslRoleTokenSigner for security concern (#6447)
Date Tue, 31 Mar 2020 01:18:01 GMT
This is an automated email from the ASF dual-hosted git repository.

zhaijia pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar.git


The following commit(s) were added to refs/heads/master by this push:
     new b5e9be62 Suggest use sha-512 in SaslRoleTokenSigner for security concern (#6447)
b5e9be62 is described below

commit b5e9be6290f76586d1e497b19c7b5aef26add4bc
Author: YYTVicky <61596169+YYTVicky@users.noreply.github.com>
AuthorDate: Mon Mar 30 21:17:51 2020 -0400

    Suggest use sha-512 in SaslRoleTokenSigner for security concern (#6447)
    
    Suggest use sha-512 in SaslRoleTokenSigner for security concern #6447
---
 .../org/apache/pulsar/broker/authentication/SaslRoleTokenSigner.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pulsar-broker-auth-sasl/src/main/java/org/apache/pulsar/broker/authentication/SaslRoleTokenSigner.java
b/pulsar-broker-auth-sasl/src/main/java/org/apache/pulsar/broker/authentication/SaslRoleTokenSigner.java
index dee320f..ccd2547 100644
--- a/pulsar-broker-auth-sasl/src/main/java/org/apache/pulsar/broker/authentication/SaslRoleTokenSigner.java
+++ b/pulsar-broker-auth-sasl/src/main/java/org/apache/pulsar/broker/authentication/SaslRoleTokenSigner.java
@@ -93,7 +93,7 @@ public class SaslRoleTokenSigner {
      */
     protected String computeSignature(String str) {
         try {
-            MessageDigest md = MessageDigest.getInstance("SHA");
+            MessageDigest md = MessageDigest.getInstance("SHA-512");
 
             md.update(str.getBytes());
 


Mime
View raw message