Go to file

Ade Lee c82ce37635 Replace md5 with oslo version

md5 is not an approved algorithm in FIPS mode, and trying to
instantiate a hashlib.md5() will fail when the system is running in
FIPS mode.

md5 is allowed when in a non-security context.  There is a plan to
add a keyword parameter (usedforsecurity) to hashlib.md5() to annotate
whether or not the instance is being used in a security context.

In the case where it is not, the instantiation of md5 will be allowed.
See https://bugs.python.org/issue9216 for more details.

Some downstream python versions already support this parameter.  To
support these versions, a new encapsulation of md5() has been added to
oslo_utils.  See https://review.opendev.org/#/c/750031/

This patch is to replace the instances of hashlib.md5() with this new
encapsulation, adding an annotation indicating whether the usage is
a security context or not.

The instances being replaced here appear to be used to provide
representations for paths.  There is in fact already a sha256 version
of get_hash_str that is supposed to be used in security sensitive
usages.

With this change (and the related dependent changes), the unit and
functional tests pass when run on a FIPS enabled system.

Change-Id: If0ec11e7b7fcde4dacc57265c4dd77b0f536bfab
Depends-On: https://review.opendev.org/#/c/756432
Depends-On: https://review.opendev.org/#/c/756153
Depends-On: https://review.opendev.org/#/c/760160

2020-10-29 15:58:23 -04:00

api-guide/source

doc: Fix rendering in the accelerator support doc

2020-09-18 09:03:15 +00:00

api-ref/source

trivial: Final cleanup

2020-09-11 14:09:06 +01:00

devstack

Merge "Find instance in another cell during floating IP re-association"

2019-09-13 15:19:55 +00:00

doc

Merge "[doc]: Fix glance image_metadata link"

2020-10-24 01:23:53 +00:00

etc/nova

Allow versioned discovery unauthenticated

2020-04-03 21:24:28 +00:00

gate

Temporarily disable parts of heal port allocation test

2020-10-02 09:39:01 +02:00

nova

Replace md5 with oslo version

2020-10-29 15:58:23 -04:00

playbooks

zuul: Introduce nova-evacuate

2020-09-23 16:47:47 +01:00

releasenotes

Update master for stable/victoria

2020-09-25 08:40:38 +00:00

roles

nova-evacuate: Disable libvirtd service and sockets during negative tests

2020-10-02 17:01:57 +00:00

tools

Follow up for cherry-pick check for merge patch

2020-10-08 05:45:24 +00:00

.coveragerc

Remove nova/openstack/* from .coveragerc

2016-10-12 16:20:49 -04:00

.gitignore

tox: Integrate mypy

2020-05-15 15:59:53 +01:00

.gitreview

OpenDev Migration Patch

2019-04-19 19:45:52 +00:00

.mailmap

Add mailmap entry

2014-05-07 12:14:26 -07:00

.pre-commit-config.yaml

Switch to hacking 2.x

2020-01-17 11:30:40 +00:00

.stestr.conf

Finish stestr migration

2017-11-24 16:51:12 -05:00

.zuul.yaml

Merge "Add Python3 wallaby unit tests"

2020-10-06 23:01:27 +00:00

bindep.txt

bindep: Install python3 and python3-devel on CentOS 8 and Fedora

2020-10-03 13:20:21 +01:00

CONTRIBUTING.rst

[Community goal] Update contributor documentation

2020-03-25 12:01:37 +00:00

HACKING.rst

Add a hacking rule for assert_has_calls

2020-09-28 23:08:15 +09:00

LICENSE

initial commit

2010-05-27 23:05:26 -07:00

lower-constraints.txt

Replace md5 with oslo version

2020-10-29 15:58:23 -04:00

MAINTAINERS

Fix broken URLs

2017-09-07 15:42:31 +02:00

mypy-files.txt

Add type hints to 'nova.virt.libvirt.utils'

2020-09-04 14:42:18 +01:00

README.rst

docs: Remove references to XenAPI driver

2020-08-31 15:53:31 +01:00

requirements.txt

Replace md5 with oslo version

2020-10-29 15:58:23 -04:00

setup.cfg

tox: Integrate mypy

2020-05-15 15:59:53 +01:00

setup.py

Updated from global requirements

2017-03-02 11:50:48 +00:00

test-requirements.txt

[goal] Prepare for job migration to Ubuntu Focal (20.04)

2020-08-18 11:28:32 +00:00

tox.ini

Add a hacking rule for assert_has_calls

2020-09-28 23:08:15 +09:00

README.rst

OpenStack Nova

OpenStack Nova provides a cloud computing fabric controller, supporting a wide variety of compute technologies, including: libvirt (KVM, Xen, LXC and more), Hyper-V, VMware, OpenStack Ironic and PowerVM.

Use the following resources to learn more.

API

To learn how to use Nova's API, consult the documentation available online at:

For more information on OpenStack APIs, SDKs and CLIs in general, refer to:

Operators

To learn how to deploy and configure OpenStack Nova, consult the documentation available online at:

OpenStack Nova

In the unfortunate event that bugs are discovered, they should be reported to the appropriate bug tracker. If you obtained the software from a 3rd party operating system vendor, it is often wise to use their own bug tracker for reporting problems. In all other cases use the master OpenStack bug tracker, available at:

Bug Tracker

Developers

For information on how to contribute to Nova, please see the contents of the CONTRIBUTING.rst.

Any new code must follow the development guidelines detailed in the HACKING.rst file, and pass all unit tests.

Further developer focused documentation is available at:

Other Information

During each Summit and Project Team Gathering, we agree on what the whole community wants to focus on for the upcoming release. The plans for nova can be found at:

Nova Specs