puppet-glance

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

Series juno
Bug #1409667

Bug #1409667 reported by Lukas Bezdicka on 2015-01-12

This bug affects 1 person

	Status	Importance	Assigned to	Milestone
puppet-ceilometer	Fix Released	Undecided	Lukas Bezdicka	puppet-ceilometer 6.0.0 "6.0.0"
Icehouse	Fix Released	Undecided	Unassigned	puppet-ceilometer 4.3.0 "4.3.0"
Juno	Fix Released	Undecided	Lukas Bezdicka	puppet-ceilometer 5.1.0 "5.1.0"
puppet-cinder	Fix Released	Undecided	Lukas Bezdicka	puppet-cinder 6.0.0 "6.0.0"
Icehouse	Fix Released	Undecided	Unassigned	puppet-cinder 4.3.0 "4.3.0"
Juno	Fix Released	Undecided	Lukas Bezdicka	puppet-cinder 5.1.0 "5.1.0"
puppet-glance	Fix Released	Undecided	Lukas Bezdicka	puppet-glance 6.0.0 "6.0.0"
Icehouse	Fix Released	Undecided	Unassigned	puppet-glance 4.3.0 "4.3.0"
Juno	Fix Released	Undecided	Lukas Bezdicka	puppet-glance 5.1.0 "5.1.0"
puppet-heat	Fix Released	Undecided	Lukas Bezdicka	puppet-heat 6.0.0 "6.0.0"
Icehouse	Fix Released	Undecided	Unassigned	puppet-heat 4.3.0 "4.3.0"
Juno	Fix Released	Undecided	Lukas Bezdicka	puppet-heat 5.1.0 "5.1.0"
puppet-keystone	Fix Released	Undecided	Lukas Bezdicka	puppet-keystone 6.0.0 "6.0.0"
Juno	Fix Released	Undecided	Lukas Bezdicka	puppet-keystone 5.1.0 "5.1.0"
puppet-manila	Fix Released	Undecided	Unassigned
puppet-neutron	Fix Released	Undecided	Lukas Bezdicka	puppet-neutron 6.0.0 "6.0.0"
Icehouse	Fix Released	Undecided	Unassigned	puppet-neutron 4.4.0 "4.4.0"
Juno	Fix Released	Undecided	Lukas Bezdicka	puppet-neutron 5.1.0 "5.1.0"
puppet-nova	Fix Released	Undecided	Lukas Bezdicka	puppet-nova 6.0.0 "6.0.0"
Icehouse	Fix Released	Undecided	Unassigned	puppet-nova 4.3.0 "4.3.0"
Juno	Fix Released	Undecided	Lukas Bezdicka	puppet-nova 5.1.0 "5.1.0"

Bug Description

Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled support for
SSLv3. Openstack components use python's openssl implementation which does not support
TLSv1.1 and TLSv1.2 yet so we just switch to TLSv1. Support for newer TLS should come
with python 2.7.9+

Tags:

OpenStack Infra (hudson-openstack) on 2015-01-12

Changed in puppet-ceilometer:
assignee:	nobody → Lukas Bezdicka (social-b)
status:	New → In Progress
Changed in puppet-cinder:
assignee:	nobody → Lukas Bezdicka (social-b)
status:	New → In Progress
Changed in puppet-glance:
assignee:	nobody → Lukas Bezdicka (social-b)
status:	New → In Progress
Changed in puppet-heat:
assignee:	nobody → Lukas Bezdicka (social-b)
status:	New → In Progress
Changed in puppet-keystone:
assignee:	nobody → Lukas Bezdicka (social-b)
status:	New → In Progress
Changed in puppet-neutron:
assignee:	nobody → Lukas Bezdicka (social-b)
status:	New → In Progress
Changed in puppet-nova:
assignee:	nobody → Lukas Bezdicka (social-b)
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-01-12: Fix merged to puppet-ceilometer (master)

Reviewed: https://review.openstack.org/144788
Committed: https://git.openstack.org/cgit/stackforge/puppet-ceilometer/commit/?id=90247cf8cd0eac760d5b8eb986ceacf0db3fcc7f
Submitter: Jenkins
Branch: master

commit 90247cf8cd0eac760d5b8eb986ceacf0db3fcc7f
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 20:04:10 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

Closes-Bug: #1409667
Change-Id: I00cfa06030b84ae23cb8548b74cf5684562377aa

Changed in puppet-ceilometer:
status:	In Progress → Fix Committed
Changed in puppet-glance:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-01-12: Fix merged to puppet-glance (master)

Reviewed: https://review.openstack.org/144791
Committed: https://git.openstack.org/cgit/stackforge/puppet-glance/commit/?id=592503bef1196d69c0e44efca3bea19104c3862b
Submitter: Jenkins
Branch: master

commit 592503bef1196d69c0e44efca3bea19104c3862b
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 20:17:29 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

Closes-Bug: #1409667
Change-Id: I6dd2dcf7d047d8cee028c3f890221194b0179b8a

Changed in puppet-heat:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-01-12: Fix merged to puppet-heat (master)

Reviewed: https://review.openstack.org/144793
Committed: https://git.openstack.org/cgit/stackforge/puppet-heat/commit/?id=c231da8de6d3ef14a23259d1d8e05c7b6c6d83ba
Submitter: Jenkins
Branch: master

commit c231da8de6d3ef14a23259d1d8e05c7b6c6d83ba
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 20:27:10 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

Closes-Bug: #1409667
Change-Id: I949421cd092a31eab3ef7f2194c4da3a9dbac818

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-01-12: Fix merged to puppet-keystone (master)

Reviewed: https://review.openstack.org/144797
Committed: https://git.openstack.org/cgit/stackforge/puppet-keystone/commit/?id=370f2aa24256dc54f363216ddc3009c199595d14
Submitter: Jenkins
Branch: master

commit 370f2aa24256dc54f363216ddc3009c199595d14
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 20:48:44 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

Closes-Bug: #1409667
Change-Id: I852cf4d68de6d6b40056b9928971e63fc1b76a3b

Changed in puppet-keystone:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-01-13: Fix merged to puppet-neutron (master)

Reviewed: https://review.openstack.org/144808
Committed: https://git.openstack.org/cgit/stackforge/puppet-neutron/commit/?id=f2b115c5669fd752965123950681a9fad78dcf0f
Submitter: Jenkins
Branch: master

commit f2b115c5669fd752965123950681a9fad78dcf0f
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 22:44:28 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

Closes-Bug: #1409667
Change-Id: Id12adbc7f75940b2f6bd01e6080c853b15cf2116

Changed in puppet-neutron:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-01-13: Fix proposed to puppet-ceilometer (stable/juno)

Fix proposed to branch: stable/juno
Review: https://review.openstack.org/146880

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-01-13: Fix proposed to puppet-glance (stable/juno)

Fix proposed to branch: stable/juno
Review: https://review.openstack.org/146881

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-01-13: Fix proposed to puppet-heat (stable/juno)

Fix proposed to branch: stable/juno
Review: https://review.openstack.org/146882

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-01-13: Fix proposed to puppet-keystone (stable/juno)

Fix proposed to branch: stable/juno
Review: https://review.openstack.org/146883

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-01-13: Fix proposed to puppet-neutron (stable/juno)

#10

Fix proposed to branch: stable/juno
Review: https://review.openstack.org/146884

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-01-20: Fix merged to puppet-nova (master)

#11

Reviewed: https://review.openstack.org/144809
Committed: https://git.openstack.org/cgit/stackforge/puppet-nova/commit/?id=39006b77e2957aef818f2adaffe0392773ee99e2
Submitter: Jenkins
Branch: master

commit 39006b77e2957aef818f2adaffe0392773ee99e2
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 22:49:10 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

Closes-Bug: #1409667
Change-Id: Ifa6b377ef2c6f25ad11c1f4809a770a031534962

Changed in puppet-nova:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-01-22: Fix merged to puppet-cinder (master)

#12

Reviewed: https://review.openstack.org/144790
Committed: https://git.openstack.org/cgit/stackforge/puppet-cinder/commit/?id=7b801ad37ac36e5eddd3d844e3f483edcfa38442
Submitter: Jenkins
Branch: master

commit 7b801ad37ac36e5eddd3d844e3f483edcfa38442
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 20:07:25 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

Closes-Bug: #1409667
Change-Id: I3834decbc73a97a627023b132324a6c4aec2468a

Changed in puppet-cinder:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-01-28: Fix merged to puppet-heat (stable/juno)

#13

Reviewed: https://review.openstack.org/146882
Committed: https://git.openstack.org/cgit/stackforge/puppet-heat/commit/?id=ef2f0676862bf7b07a8576937bbf4d6a77d5d45b
Submitter: Jenkins
Branch: stable/juno

commit ef2f0676862bf7b07a8576937bbf4d6a77d5d45b
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 20:27:10 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

    Closes-Bug: #1409667
    Change-Id: I949421cd092a31eab3ef7f2194c4da3a9dbac818
    (cherry picked from commit c231da8de6d3ef14a23259d1d8e05c7b6c6d83ba)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-01-28: Fix merged to puppet-ceilometer (stable/juno)

#14

Reviewed: https://review.openstack.org/146880
Committed: https://git.openstack.org/cgit/stackforge/puppet-ceilometer/commit/?id=bf082e49a2dea17b1d9dd8c6c19de7f009f226cf
Submitter: Jenkins
Branch: stable/juno

commit bf082e49a2dea17b1d9dd8c6c19de7f009f226cf
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 20:04:10 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

    Closes-Bug: #1409667
    Change-Id: I00cfa06030b84ae23cb8548b74cf5684562377aa
    (cherry picked from commit 90247cf8cd0eac760d5b8eb986ceacf0db3fcc7f)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-01-29: Fix merged to puppet-glance (stable/juno)

#15

Reviewed: https://review.openstack.org/146881
Committed: https://git.openstack.org/cgit/stackforge/puppet-glance/commit/?id=ac40bcec65b64374d36fa78284277ea8c8d0bbfe
Submitter: Jenkins
Branch: stable/juno

commit ac40bcec65b64374d36fa78284277ea8c8d0bbfe
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 20:17:29 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

    Closes-Bug: #1409667
    Change-Id: I6dd2dcf7d047d8cee028c3f890221194b0179b8a
    (cherry picked from commit 592503bef1196d69c0e44efca3bea19104c3862b)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-02-04: Fix merged to puppet-neutron (stable/juno)

#16

Reviewed: https://review.openstack.org/146884
Committed: https://git.openstack.org/cgit/stackforge/puppet-neutron/commit/?id=8fe0ddd50a8c44357dbdea79c371267a0887c04e
Submitter: Jenkins
Branch: stable/juno

commit 8fe0ddd50a8c44357dbdea79c371267a0887c04e
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 22:44:28 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

    Closes-Bug: #1409667
    Change-Id: Id12adbc7f75940b2f6bd01e6080c853b15cf2116
    (cherry picked from commit f2b115c5669fd752965123950681a9fad78dcf0f)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-02-04: Fix merged to puppet-manila (master)

#17

Reviewed: https://review.openstack.org/144807
Committed: https://git.openstack.org/cgit/stackforge/puppet-manila/commit/?id=8e6969a38a9547a4bc960c62f3a288a85e1127b0
Submitter: Jenkins
Branch: master

commit 8e6969a38a9547a4bc960c62f3a288a85e1127b0
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 22:39:30 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

Closes-Bug: #1409667
Change-Id: I0f044e2812dea305287120526af42d894b7e895c

Changed in puppet-manila:
status:	New → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-02-04: Fix merged to puppet-keystone (stable/juno)

#18

Reviewed: https://review.openstack.org/146883
Committed: https://git.openstack.org/cgit/stackforge/puppet-keystone/commit/?id=f81e43043e4873504ba78db5d9ee128f3c834b0e
Submitter: Jenkins
Branch: stable/juno

commit f81e43043e4873504ba78db5d9ee128f3c834b0e
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 20:48:44 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

    Closes-Bug: #1409667
    Change-Id: I852cf4d68de6d6b40056b9928971e63fc1b76a3b
    (cherry picked from commit 370f2aa24256dc54f363216ddc3009c199595d14)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-02-04: Fix proposed to puppet-cinder (stable/juno)

#19

Fix proposed to branch: stable/juno
Review: https://review.openstack.org/152977

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-02-10: Fix merged to puppet-cinder (stable/juno)

#20

Reviewed: https://review.openstack.org/152977
Committed: https://git.openstack.org/cgit/stackforge/puppet-cinder/commit/?id=00efa65680314e9364d6aaa559ebada7015dfb7f
Submitter: Jenkins
Branch: stable/juno

commit 00efa65680314e9364d6aaa559ebada7015dfb7f
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 20:07:25 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

    Closes-Bug: #1409667
    Change-Id: I3834decbc73a97a627023b132324a6c4aec2468a
    (cherry picked from commit 7b801ad37ac36e5eddd3d844e3f483edcfa38442)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-03-04: Fix proposed to puppet-nova (stable/juno)

#21

Fix proposed to branch: stable/juno
Review: https://review.openstack.org/161160

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-03-13: Fix merged to puppet-nova (stable/juno)

#22

Reviewed: https://review.openstack.org/161160
Committed: https://git.openstack.org/cgit/stackforge/puppet-nova/commit/?id=ef7c618c0eac3d8e2cb3427786d80526d960b482
Submitter: Jenkins
Branch: stable/juno

commit ef7c618c0eac3d8e2cb3427786d80526d960b482
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 22:49:10 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

    Closes-Bug: #1409667
    Change-Id: Ifa6b377ef2c6f25ad11c1f4809a770a031534962
    (cherry picked from commit 39006b77e2957aef818f2adaffe0392773ee99e2)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-03-24: Fix proposed to puppet-cinder (stable/icehouse)

#23

Fix proposed to branch: stable/icehouse
Review: https://review.openstack.org/167427

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-03-24: Fix proposed to puppet-ceilometer (stable/icehouse)

#24

Fix proposed to branch: stable/icehouse
Review: https://review.openstack.org/167428

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-03-24: Fix proposed to puppet-heat (stable/icehouse)

#25

Fix proposed to branch: stable/icehouse
Review: https://review.openstack.org/167430

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-03-24: Fix proposed to puppet-neutron (stable/icehouse)

#26

Fix proposed to branch: stable/icehouse
Review: https://review.openstack.org/167431

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-03-24: Fix proposed to puppet-nova (stable/icehouse)

#27

Fix proposed to branch: stable/icehouse
Review: https://review.openstack.org/167435

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-03-24: Fix proposed to puppet-glance (stable/icehouse)

#28

Fix proposed to branch: stable/icehouse
Review: https://review.openstack.org/167442

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-03-25: Fix merged to puppet-nova (stable/icehouse)

#29

Reviewed: https://review.openstack.org/167435
Committed: https://git.openstack.org/cgit/stackforge/puppet-nova/commit/?id=187913b93bcc4a745285664f9fe9c0c0c2da8a73
Submitter: Jenkins
Branch: stable/icehouse

commit 187913b93bcc4a745285664f9fe9c0c0c2da8a73
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 22:49:10 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

    Closes-Bug: #1409667
    Change-Id: Ifa6b377ef2c6f25ad11c1f4809a770a031534962
    (cherry picked from commit 39006b77e2957aef818f2adaffe0392773ee99e2)

tags:

added: in-stable-icehouse

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-03-25: Fix merged to puppet-glance (stable/icehouse)

#30

Reviewed: https://review.openstack.org/167442
Committed: https://git.openstack.org/cgit/stackforge/puppet-glance/commit/?id=bd9d47f34dab8a20411878c81cc296868b4eb7b2
Submitter: Jenkins
Branch: stable/icehouse

commit bd9d47f34dab8a20411878c81cc296868b4eb7b2
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 20:17:29 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

    Closes-Bug: #1409667
    Change-Id: I6dd2dcf7d047d8cee028c3f890221194b0179b8a
    (cherry picked from commit 592503bef1196d69c0e44efca3bea19104c3862b)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-03-25: Fix merged to puppet-neutron (stable/icehouse)

#31

Reviewed: https://review.openstack.org/167431
Committed: https://git.openstack.org/cgit/stackforge/puppet-neutron/commit/?id=aaebd801244e83d51a98df78384e6ca44fd9e268
Submitter: Jenkins
Branch: stable/icehouse

commit aaebd801244e83d51a98df78384e6ca44fd9e268
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 22:44:28 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

    Closes-Bug: #1409667
    Change-Id: Id12adbc7f75940b2f6bd01e6080c853b15cf2116
    (cherry picked from commit f2b115c5669fd752965123950681a9fad78dcf0f)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-03-25: Fix merged to puppet-ceilometer (stable/icehouse)

#32

Reviewed: https://review.openstack.org/167428
Committed: https://git.openstack.org/cgit/stackforge/puppet-ceilometer/commit/?id=a236c1cd178e32437b9bfe71a62e07a787568718
Submitter: Jenkins
Branch: stable/icehouse

commit a236c1cd178e32437b9bfe71a62e07a787568718
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 20:04:10 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

    Closes-Bug: #1409667
    Change-Id: I00cfa06030b84ae23cb8548b74cf5684562377aa
    (cherry picked from commit 90247cf8cd0eac760d5b8eb986ceacf0db3fcc7f)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-03-25: Fix merged to puppet-cinder (stable/icehouse)

#33

Reviewed: https://review.openstack.org/167427
Committed: https://git.openstack.org/cgit/stackforge/puppet-cinder/commit/?id=114bcfa426e3b788a552af8e8b763b0295a16ddc
Submitter: Jenkins
Branch: stable/icehouse

commit 114bcfa426e3b788a552af8e8b763b0295a16ddc
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 20:07:25 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

    Closes-Bug: #1409667
    Change-Id: I3834decbc73a97a627023b132324a6c4aec2468a
    (cherry picked from commit 7b801ad37ac36e5eddd3d844e3f483edcfa38442)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-03-26: Fix merged to puppet-heat (stable/icehouse)

#34

Reviewed: https://review.openstack.org/167430
Committed: https://git.openstack.org/cgit/stackforge/puppet-heat/commit/?id=0bea666e93ffeaee206c633d0436092908fc738b
Submitter: Jenkins
Branch: stable/icehouse

commit 0bea666e93ffeaee206c633d0436092908fc738b
Author: Lukas Bezdicka <email address hidden>
Date: Fri Jan 2 20:27:10 2015 +0100

Switch to TLSv1 as SSLv3 is considered insecure and is disabled by default

    Rabbitmq won't talk to us anymore if we try to use SSLv3 as it disabled
    support for SSLv3. Openstack components use python's openssl
    implementation which does not support TLSv1.1 and TLSv1.2 yet so we
    just switch to TLSv1. Support for newer TLS should come with python
    2.7.9+

    Closes-Bug: #1409667
    Change-Id: I949421cd092a31eab3ef7f2194c4da3a9dbac818
    (cherry picked from commit c231da8de6d3ef14a23259d1d8e05c7b6c6d83ba)

Mathieu Gagné (mgagne) on 2015-03-27

Changed in puppet-ceilometer:
milestone:	none → 6.0.0
Changed in puppet-glance:
milestone:	none → 6.0.0
Changed in puppet-heat:
milestone:	none → 6.0.0
Changed in puppet-keystone:
milestone:	none → 6.0.0
Changed in puppet-neutron:
milestone:	none → 6.0.0
Changed in puppet-nova:
milestone:	none → 6.0.0
Changed in puppet-cinder:
milestone:	none → 6.0.0

Matt Fischer (mfisch) on 2015-06-02

Changed in puppet-ceilometer:
status:	Fix Committed → Fix Released
Changed in puppet-glance:
status:	Fix Committed → Fix Released
Changed in puppet-heat:
status:	Fix Committed → Fix Released
Changed in puppet-keystone:
status:	Fix Committed → Fix Released
Changed in puppet-neutron:
status:	Fix Committed → Fix Released
Changed in puppet-nova:
status:	Fix Committed → Fix Released
Changed in puppet-manila:
status:	Fix Committed → Fix Released
Changed in puppet-cinder:
status:	Fix Committed → Fix Released

Mathieu Gagné (mgagne) on 2015-07-09

Changed in puppet-ceilometer:
status:	Fix Released → Fix Committed
Changed in puppet-cinder:
status:	Fix Released → Fix Committed
Changed in puppet-glance:
status:	Fix Released → Fix Committed
Changed in puppet-heat:
status:	Fix Released → Fix Committed
Changed in puppet-keystone:
status:	Fix Released → Fix Committed
Changed in puppet-neutron:
status:	Fix Released → Fix Committed
Changed in puppet-nova:
status:	Fix Released → Fix Committed

Mathieu Gagné (mgagne) on 2015-07-10

Changed in puppet-keystone:
status:	Fix Committed → Fix Released
Changed in puppet-glance:
status:	Fix Committed → Fix Released
Changed in puppet-cinder:
status:	Fix Committed → Fix Released
Changed in puppet-nova:
status:	Fix Committed → Fix Released

Mathieu Gagné (mgagne) on 2015-07-10

Changed in puppet-ceilometer:
status:	Fix Committed → Fix Released
Changed in puppet-neutron:
status:	Fix Committed → Fix Released
Changed in puppet-heat:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.