Ensure that OctaviaServerCertsKeyPassphrase is 32-byte long
Related-Bug: #1833942 Change-Id: Ibcdbe2605a7cabe3a5ef8245b4460c8f70220989 (cherry picked from commitde2ab55824
) (cherry picked from commit94620dd5e6
)
This commit is contained in:
parent
3ca07e4900
commit
35913d6266
@ -0,0 +1,5 @@
|
|||||||
|
---
|
||||||
|
fixes:
|
||||||
|
- The passphrase for config option 'server_certs_key_passphrase', is used as
|
||||||
|
a Fernet key in Octavia and thus must be 32 bytes long. TripleO will now
|
||||||
|
auto-generate 32 bytes long passphrase for OctaviaServerCertsKeyPassphrase.
|
@ -73,6 +73,7 @@ class TestPasswords(base.TestCase):
|
|||||||
|
|
||||||
self.assertNotEqual(value['KeystoneCredential0'],
|
self.assertNotEqual(value['KeystoneCredential0'],
|
||||||
value['KeystoneCredential1'])
|
value['KeystoneCredential1'])
|
||||||
|
self.assertEqual(len(value['OctaviaServerCertsKeyPassphrase']), 32)
|
||||||
|
|
||||||
def test_create_ssh_keypair(self):
|
def test_create_ssh_keypair(self):
|
||||||
|
|
||||||
|
@ -89,6 +89,8 @@ def generate_passwords(mistralclient=None, stack_env=None,
|
|||||||
passwords[name] = passlib.pwd.genword(length=10)
|
passwords[name] = passlib.pwd.genword(length=10)
|
||||||
elif name.startswith("HeatAuthEncryptionKey"):
|
elif name.startswith("HeatAuthEncryptionKey"):
|
||||||
passwords[name] = passlib.pwd.genword(length=32)
|
passwords[name] = passlib.pwd.genword(length=32)
|
||||||
|
elif name.startswith("OctaviaServerCertsKeyPassphrase"):
|
||||||
|
passwords[name] = passlib.pwd.genword(length=32)
|
||||||
elif name.startswith("DesignateRndcKey"):
|
elif name.startswith("DesignateRndcKey"):
|
||||||
passwords[name] = create_rndc_key_secret()
|
passwords[name] = create_rndc_key_secret()
|
||||||
else:
|
else:
|
||||||
|
Loading…
Reference in New Issue
Block a user