Skip to content

sso: remove old cipher fallback #54

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Sep 18, 2018
Merged

sso: remove old cipher fallback #54

merged 2 commits into from
Sep 18, 2018

Conversation

jphines
Copy link
Contributor

@jphines jphines commented Sep 17, 2018
edited
Loading

Problem

There is a legacy fallback cipher that was used when we migrated session encryption schemas. This legacy fallback is no longer used and adds needless complexity.

Solution

We should remove the legacy fallback cipher.

Notes

This removes the legacy fallback cipher in both sso proxy and authenticator.

Fixes #41
Fixes #42

@jphines
Copy link
Contributor Author

jphines commented Sep 17, 2018

Ready For Review @shrayolacrayon
cc/ @buzzfeed/infra-security

@loganmeetsworld loganmeetsworld mentioned this pull request Sep 17, 2018
Closed
@shrayolacrayon
Copy link

This looks great! ✂️
You can also remove internal/pkg/payloads if it's not already gone.

@jphines jphines force-pushed the remove-old-cipher-fallback branch from f4dc8fe to 8e427e2 Compare September 18, 2018 13:29
@jphines
Copy link
Contributor Author

jphines commented Sep 18, 2018

@shrayolacrayon removed those pkgs

@jphines jphines mentioned this pull request Sep 18, 2018
Merged
shrayolacrayon
shrayolacrayon previously approved these changes Sep 18, 2018
View reviewed changes
@shrayolacrayon
Copy link

lgtm!

@jphines jphines force-pushed the remove-old-cipher-fallback branch 2 times, most recently from 42644c2 to cbdbe4e Compare September 18, 2018 20:55
@jphines jphines force-pushed the remove-old-cipher-fallback branch from cbdbe4e to 5d75d96 Compare September 18, 2018 22:10
@jphines jphines merged commit d5fed14 into master Sep 18, 2018
@jphines jphines deleted the remove-old-cipher-fallback branch September 19, 2018 14:04
@sporkmonger
Copy link
Contributor

Did this fix #29? Can that be closed now?

@notnmeyer
Copy link
Contributor

notnmeyer commented Oct 15, 2018
edited
Loading

@sporkmonger i don't think so, i can still replicate #29

edi: nope, nevermind. i was basing that opinion on the buzzfeed/sso:latest image which was last pushed a bit ago.

@mreiferson mreiferson mentioned this pull request Nov 26, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shrayolacrayon shrayolacrayon shrayolacrayon approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jphines @shrayolacrayon @sporkmonger @notnmeyer