This patch uses the standard password generation functionality to
randomly set the NeutronMetadataProxySharedSecret parameter.
Without this parameter, Neutron has a blank value for it's shared
secret. This value is used to to prevent spoofing, thus the
default value of "unset" is bad. This exposes a potential attack
vector.
Closes-Bug: #1516027
Change-Id: Ifb34b43fdedc55ad220df358c3ccc31e3c2e7c14
(cherry picked from commit 071968841692bffdd44c0eb34bf01df0e291d6b3)
Reviewed: https:/ /review. openstack. org/268131 /git.openstack. org/cgit/ openstack/ python- tripleoclient/ commit/ ?id=521dfbe91bd b7db483d861b8d6 2e0821d6f16ada
Committed: https:/
Submitter: Jenkins
Branch: stable/liberty
commit 521dfbe91bdb7db 483d861b8d62e08 21d6f16ada
Author: Dougal Matthews <email address hidden>
Date: Tue Dec 8 16:40:39 2015 +0000
Set NeutronMetadata ProxySharedSecr et
This patch uses the standard password generation functionality to ProxySharedSecr et parameter.
randomly set the NeutronMetadata
Without this parameter, Neutron has a blank value for it's shared
secret. This value is used to to prevent spoofing, thus the
default value of "unset" is bad. This exposes a potential attack
vector.
Closes-Bug: #1516027 ad220df358c3ccc 31e3c2e7c14 dd44c0eb34bf01d f0e291d6b3)
Change-Id: Ifb34b43fdedc55
(cherry picked from commit 071968841692bff