openstack
/
nova
Code Issues Proposed changes
nova/nova
History
Lee Yarwood 2010c13c0a encryptors: Workaround mangled passphrases 
Prior to Ib563b0ea the passphrase used by CryptsetupEncryptor and
LuksEncryptor had any leading zeros per hexadecimal digit removed, for
example 0x04 or 04 would turn into 0x4 or 4. As a result any volume
encrypted prior to the release of Newton used a modified passphrase that
was different to that stored by the key manager being used in the
environment.

To correct this for LuksEncryptor volumes permission denied errors are
now caught when attempting to open a volume. A second attempt to open
the volume is then made using a mangled passphrase. If successful the
correct passphrase is then added to the volume before the mangled
passphrase is finally removed. This workaround can be removed in a
future release once it is safe to assume that all LuksEncryptor volumes
have had any mangled passphrases replaced in this way.

This isn't possible for CryptsetupEncryptor volumes as the plain mode
used by cryptsetup does not provide a way for adding and removing keys.
As such on a permission denied error a second attempt is made to open
the volume using a mangled passphrase. Unlike the above workaround this
cannot be removed in a future release.

Change-Id: I7096463c5eba951dd6322ee6965435e877ca0371
Partial-bug: #1633518
 		2016-11-02 20:03:41 +00:00
..
CA
api Merge "Remove unnecessary debug logs of normal API ops" 2016-11-01 14:56:42 +00:00
cells compute: fixes python 3 related unit tests 2016-10-18 07:07:43 +00:00
cert
cloudpipe conf: Move cloudpipe options to a group 2016-08-22 09:31:03 +01:00
cmd Merge "Remove deprecated nova-manage vm list command" 2016-10-19 15:40:52 +00:00
common
compute Merge "Use six.wraps" 2016-11-02 12:20:37 +00:00
conductor Report actual request_spec when MaxRetriesExceeded raised 2016-09-30 09:59:19 +08:00
conf Merge "Update docs for serial console support" 2016-10-28 09:04:41 +00:00
console Skip malformed cookies 2016-09-22 16:46:28 +03:00
consoleauth
db Make build_requests.instance MediumText 2016-10-26 06:27:07 -04:00
hacking hacking: Use assertIs(Not), assert(True|False) 2016-10-12 11:14:33 +01:00
image conf: Remove deprecated ``use_glance_v1`` 2016-10-12 12:21:59 +00:00
ipv6 Fix test_ipv6 and simplify to_global() 2016-06-28 20:42:32 +02:00
keymgr Deprecate barbican options 2016-07-29 15:36:28 -05:00
locale Imported Translations from Zanata 2016-10-27 08:19:38 +00:00
network Merge "Avoid Forcing the Translation of Translatable Variables" 2016-10-19 03:43:41 +00:00
notifications Merge "Transform instance.resume notifications" 2016-10-28 10:58:26 +00:00
objects Add missing compat routine for Usage object 2016-10-22 23:22:26 -07:00
pci pci: in free_device(), compare by device id and not reference 2016-10-19 15:28:39 +03:00
policies Merge "Fix server operations' policies to admin only" 2016-08-11 06:07:52 +00:00
scheduler Set 'last_checked' flag if start to check scheduler file 2016-10-21 10:29:21 +00:00
servicegroup Add a hacking rule for string interpolation at logging 2016-10-11 08:39:48 +00:00
tests encryptors: Workaround mangled passphrases 2016-11-02 20:03:41 +00:00
virt Merge "libvirt: Pass Host instead of Driver to volume drivers" 2016-11-02 13:44:04 +00:00
vnc
volume encryptors: Workaround mangled passphrases 2016-11-02 20:03:41 +00:00
wsgi
__init__.py
availability_zones.py
baserpc.py
block_device.py compute: fixes python 3 related unit tests 2016-10-18 07:07:43 +00:00
cache_utils.py Warn when using null cache backend 2016-05-20 10:45:56 +02:00
config.py Add the ability to configure glanceclient debug logging 2016-08-04 00:32:37 +00:00
context.py Add get_context helper method 2016-09-29 09:58:09 -04:00
crypto.py Drop paramiko < 2 compat code 2016-05-10 12:01:22 -05:00
debugger.py Use oslo_log instead of logging 2016-05-27 12:18:32 +00:00
exception.py Throw exception if numa_nodes is not set to integer greater than 0 2016-09-09 14:53:56 +02:00
exception_wrapper.py Transform wrap_exception notification to versioned format 2016-06-21 09:39:47 +02:00
filters.py
hash_ring.py Ironic: allow multiple compute services 2016-08-04 23:51:13 +00:00
hooks.py
i18n.py
loadables.py
manager.py
policy.py Remove unnecessary credential sanitation for logging 2016-10-05 12:54:23 -04:00
quota.py incorrect description in nova-api.log about quota check 2016-09-02 17:00:14 +09:00
rpc.py Stop overwriting thread local context in ClientRouter 2016-09-26 20:49:22 +00:00
safe_utils.py
service.py Device tagging API support 2016-06-29 20:55:16 -07:00
signature_utils.py Trivial-Fix: Fix typos 2016-06-13 06:41:08 +00:00
test.py Merge "Cleanup some redundant USES_DB_SELF usage" 2016-10-18 02:34:45 +00:00
utils.py compute: fixes python 3 related unit tests 2016-10-18 07:07:43 +00:00
version.py Use oslo_log instead of logging 2016-05-27 12:18:32 +00:00
weights.py
wsgi.py Fixes python 3 unit tests 2016-09-23 20:10:24 +00:00