Add LibvirtTLSPriority to set libvirtd tls_priority

Adds LibvirtTLSPriority parameter to override the compile time
default TLS priority string.
Default: 'NORMAL:-VERS-SSL3.0:-VERS-TLS-ALL:+VERS-TLS1.2'

Change-Id: Id05c5e88be2d9f90642ed5159cb2db03c997f83a
Closes-Bug: #1840447
This commit is contained in:
Martin Schuppert 2019-08-16 15:52:20 +02:00
parent 71516f2816
commit 56ccd717d4
2 changed files with 11 additions and 0 deletions

View File

@ -218,6 +218,11 @@ parameters:
https://libvirt.org/logging.html .
type: string
default: '1:libvirt 1:qemu 1:conf 1:security 3:event 3:json 3:file 3:object 1:util'
LibvirtTLSPriority:
description: >
Override the compile time default TLS priority string.
type: string
default: 'NORMAL:-VERS-SSL3.0:-VERS-TLS-ALL:+VERS-TLS1.2'
conditions:
@ -404,6 +409,7 @@ outputs:
generate_service_certificates: true
tripleo::profile::base::nova::migration::client::libvirt_tls: true
tripleo::profile::base::nova::libvirt::tls_password: {get_param: [LibvirtTLSPassword]}
nova::compute::libvirt::tls_priority: {get_param: LibvirtTLSPriority}
nova::migration::libvirt::listen_address:
str_replace:
template:

View File

@ -0,0 +1,5 @@
---
features:
- |
Adds LibvirtTLSPriority parameter to override the compile time default TLS
priority string. Default: 'NORMAL:-VERS-SSL3.0:-VERS-TLS-ALL:+VERS-TLS1.2'