Support alrogithms other than sha1

neutron-vpnaas now supports sha1, sha256, sha384, sha512
for IKE policy auth_algorithm and IPsec policy auth_algorithm.

Change-Id: I7d8f3116500230113f66de71a781d13f3ca7b2d9
Closes-Bug: #1803386
This commit is contained in:
Akihiro Motoki 2018-12-17 04:25:03 +09:00
parent f0c89106fd
commit 5157219107
5 changed files with 30 additions and 10 deletions

View File

@ -92,11 +92,12 @@ class UpdateIKEPolicy(forms.SelfHandlingForm):
name = forms.CharField(max_length=80, label=_("Name"), required=False)
description = forms.CharField(
required=False, max_length=80, label=_("Description"))
# Currently this field has only one choice, so mark it as readonly.
auth_algorithm = forms.ThemableChoiceField(
label=_("Authorization algorithm"),
choices=[('sha1', _('sha1'))],
widget=forms.TextInput(attrs={'readonly': 'readonly'}),
choices=[('sha1', _('sha1')),
('sha256', _('sha256')),
('sha384', _('sha384')),
('sha512', _('sha512'))],
required=False)
encryption_algorithm = forms.ThemableChoiceField(
label=_("Encryption algorithm"),
@ -171,8 +172,10 @@ class UpdateIPsecPolicy(forms.SelfHandlingForm):
# Currently this field has only one choice, so mark it as readonly.
auth_algorithm = forms.ThemableChoiceField(
label=_("Authorization algorithm"),
choices=[('sha1', _('sha1'))],
widget=forms.TextInput(attrs={'readonly': 'readonly'}),
choices=[('sha1', _('sha1')),
('sha256', _('sha256')),
('sha384', _('sha384')),
('sha512', _('sha512'))],
required=False)
encapsulation_mode = forms.ThemableChoiceField(
label=_("Encapsulation mode"),

View File

@ -5,8 +5,9 @@
<dl class="dl-readable">
<dt>{% trans 'Authorization algorithm' %}</dt>
<dd>{% trans 'Auth algorithm limited to SHA1 only.' %}</dd>
<dd>{% trans 'Valid algorithms are sha1, sha256, sha384 and sha512.' %}</dd>
<dt>{% trans 'Encryption algorithm' %}</dt>
<dd>{% trans 'The type of algorithm (3des, aes-128, aes-192, aes-256) used in the IKE policy.' %}</dd>
<dd>{% trans 'Valid algorithms are 3des, aes-128, aes-192 and aes-256.' %}</dd>
<dt>{% trans 'IKE version' %}</dt>
<dd>{% trans 'The type of version (v1/v2) that needs to be filtered.' %}</dd>
<dt>{% trans 'Lifetime' %}</dt>

View File

@ -4,11 +4,11 @@
<p>{% trans 'An IPsec policy is an association of the following attributes' %}</p>
<dl class="dl-readable">
<dt>{% trans 'Authorization algorithm' %}</dt>
<dd>{% trans 'Auth algorithm limited to SHA1 only.' %}</dd>
<dd>{% trans 'Valid algorithms are sha1, sha256, sha384 and sha512.' %}</dd>
<dt>{% trans 'Encapsulation mode' %}</dt>
<dd>{% trans 'The type of IPsec tunnel (tunnel/transport) to be used.' %}</dd>
<dt>{% trans 'Encryption algorithm' %}</dt>
<dd>{% trans 'The type of algorithm (3des, aes-128, aes-192, aes-256) used in the IPsec policy.' %}</dd>
<dd>{% trans 'Valid algorithms are 3des, aes-128, aes-192 and aes-256.' %}</dd>
<dt>{% trans 'Lifetime' %}</dt>
<dd>{% trans "Life time consists of units and value. Units in 'seconds' and the default value is 3600." %}</dd>
<dt>{% trans 'Perfect Forward Secrecy' %}</dt>

View File

@ -249,7 +249,12 @@ class AddIKEPolicyAction(workflows.Action):
def __init__(self, request, *args, **kwargs):
super(AddIKEPolicyAction, self).__init__(request, *args, **kwargs)
auth_algorithm_choices = [("sha1", "sha1")]
auth_algorithm_choices = [
("sha1", "sha1"),
('sha256', _('sha256')),
('sha384', _('sha384')),
('sha512', _('sha512')),
]
self.fields['auth_algorithm'].choices = auth_algorithm_choices
# Currently this field has only one choice, so mark it as readonly.
self.fields['auth_algorithm'].widget.attrs['readonly'] = True
@ -352,7 +357,12 @@ class AddIPsecPolicyAction(workflows.Action):
def __init__(self, request, *args, **kwargs):
super(AddIPsecPolicyAction, self).__init__(request, *args, **kwargs)
auth_algorithm_choices = [("sha1", "sha1")]
auth_algorithm_choices = [
("sha1", "sha1"),
('sha256', _('sha256')),
('sha384', _('sha384')),
('sha512', _('sha512')),
]
self.fields['auth_algorithm'].choices = auth_algorithm_choices
# Currently this field has only one choice, so mark it as readonly.
self.fields['auth_algorithm'].widget.attrs['readonly'] = True

View File

@ -0,0 +1,6 @@
---
features:
- |
neutron-vpnaas-dashboard now supports all auth algorithms.
neutron-vpnaas supports sha1, sha256, sha384, sha512
for IKE policy auth_algorithm and IPsec policy auth_algorithm.