Fixes the SNI issues in master(mitaka) for octavia
1. Fixes the mismatch between the tls_container_id lengths in neutron.lbaas_sni and octavia.sni tables. 2. Fixes the syntax error in cert_parser.py field. (tls_container.id => tls_container_id) 3. Removes the certs['sni_certs'] parameter from the rest_api_driver.py as it gets wrongly assigned to socket_path parameter in the jinja_cfg.py file. 4. Modifies the sample_configs to make the unit tests work with the above changes. Change-Id: I8fe5854ef2dc508e37a368294c44eef63b5bccba Closes-Bug: #1520990
This commit is contained in:
parent
2cd234a0f1
commit
298fd45380
|
@ -67,8 +67,7 @@ class HaproxyAmphoraLoadBalancerDriver(
|
|||
# Process listener certificate info
|
||||
certs = self._process_tls_certificates(listener)
|
||||
# Generate HaProxy configuration from listener object
|
||||
config = self.jinja.build_config(listener, certs['tls_cert'],
|
||||
certs['sni_certs'])
|
||||
config = self.jinja.build_config(listener, certs['tls_cert'])
|
||||
|
||||
for amp in listener.load_balancer.amphorae:
|
||||
if amp.status != constants.DELETED:
|
||||
|
|
|
@ -197,7 +197,7 @@ def load_certificates_data(cert_mngr, listener):
|
|||
for sni_cont in listener.sni_containers:
|
||||
cert_container = _map_cert_tls_container(
|
||||
cert_mngr.get_cert(listener.project_id,
|
||||
sni_cont.tls_container.id,
|
||||
sni_cont.tls_container_id,
|
||||
check_only=True))
|
||||
sni_certs.append(cert_container)
|
||||
return {'tls_cert': tls_cert, 'sni_certs': sni_certs}
|
||||
|
|
|
@ -0,0 +1,37 @@
|
|||
# Copyright 2016 Hewlett-Packard Development Company, L.P.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
"""change_tls_container_id_length_in_sni_table
|
||||
|
||||
Revision ID: 8c0851bdf6c3
|
||||
Revises: 186509101b9b
|
||||
Create Date: 2016-03-23 19:08:53.148812
|
||||
|
||||
"""
|
||||
|
||||
# revision identifiers, used by Alembic.
|
||||
revision = '8c0851bdf6c3'
|
||||
down_revision = '186509101b9b'
|
||||
|
||||
from alembic import op
|
||||
import sqlalchemy as sa
|
||||
|
||||
|
||||
def upgrade():
|
||||
op.alter_column(u'sni', u'tls_container_id', type_=sa.String(128),
|
||||
existing_type=sa.String(36), nullable=True)
|
||||
|
||||
|
||||
def downgrade():
|
||||
pass
|
|
@ -403,12 +403,14 @@ def sample_listener_tuple(proto=None, monitor=True, persistence=True,
|
|||
) if tls else '',
|
||||
sni_containers=[
|
||||
sample_tls_sni_container_tuple(
|
||||
tls_container_id='cont_id_2',
|
||||
tls_container=sample_tls_container_tuple(
|
||||
id='cont_id_2', certificate='--imapem2--\n',
|
||||
private_key='--imakey2--\n', intermediates=[
|
||||
'--imainter2--\n', '--imainter2too--\n'
|
||||
], primary_cn='aFakeCN')),
|
||||
sample_tls_sni_container_tuple(
|
||||
tls_container_id='cont_id_3',
|
||||
tls_container=sample_tls_container_tuple(
|
||||
id='cont_id_3', certificate='--imapem3--\n',
|
||||
private_key='--imakey3--\n', intermediates=[
|
||||
|
@ -421,14 +423,16 @@ def sample_listener_tuple(proto=None, monitor=True, persistence=True,
|
|||
)
|
||||
|
||||
|
||||
def sample_tls_sni_container_tuple(tls_container=None):
|
||||
sc = collections.namedtuple('sni_container', 'tls_container')
|
||||
return sc(tls_container=tls_container)
|
||||
def sample_tls_sni_container_tuple(tls_container_id=None, tls_container=None):
|
||||
sc = collections.namedtuple('sni_container', 'tls_container_id, '
|
||||
'tls_container')
|
||||
return sc(tls_container_id=tls_container_id, tls_container=tls_container)
|
||||
|
||||
|
||||
def sample_tls_sni_containers_tuple(tls_container=None):
|
||||
sc = collections.namedtuple('sni_containers', 'tls_container')
|
||||
return [sc(tls_container=tls_container)]
|
||||
def sample_tls_sni_containers_tuple(tls_container_id=None, tls_container=None):
|
||||
sc = collections.namedtuple('sni_containers', 'tls_container_id, '
|
||||
'tls_container')
|
||||
return [sc(tls_container_id=tls_container_id, tls_container=tls_container)]
|
||||
|
||||
|
||||
def sample_tls_container_tuple(id='cont_id_1', certificate=None,
|
||||
|
|
Loading…
Reference in New Issue