yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1567846] Re: VPNaaS: require to support sha256

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <1567846@xxxxxxxxxxxxxxxxxx>
Date: Fri, 15 Apr 2016 14:25:07 -0000
Reply-to: Bug 1567846 <1567846@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Reviewed:  https://review.openstack.org/303684
Committed: https://git.openstack.org/cgit/openstack/neutron-vpnaas/commit/?id=b73e1002555cfa70ccfea8ffe685672c0b679212
Submitter: Jenkins
Branch:    master

commit b73e1002555cfa70ccfea8ffe685672c0b679212
Author: nick.zhuyj <nick.zhuyj@xxxxxxxxxx>
Date:   Fri Apr 8 23:48:33 2016 -0500

    Openswan/Libreswan: support sha256 for auth algorithm
    
    Add support for sha256 as it is requirement from customer.
    Currently, there is no ike/esp fields in strongswan ipsec.conf
    template, so by default. sha256 is used. But for openswan auth
    algorithm is get from configuration, so only sha1 is supported.
    This patch enable Openswan/Libreswan to support sha256.
    
    Note: this change is DocImpact and APIImpact
    
    Change-Id: I02c80ec3494eb0edef2fdaa5d21ca0c3bbcacac2
    Closes-Bug: #1567846


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1567846

Title:
  VPNaaS: require to support sha256

Status in neutron:
  Fix Released

Bug description:
  Currently, only sha1 is supported in auth-algorithm. But there is
  requirements to support sha256.

  In current implementation, strongswan ipsec.conf.template doesn't include ike & esp filed, so by default. sha256 is used.
  In this bug, we only talking about openswan.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1567846/+subscriptions

References

[Bug 1567846] [NEW] VPNaaS: require to support sha256
From: Yi Jing Zhu, 2016-04-08