Browse code
stack: Workaround libvirt issue with multiple of 16 byte fixed_key values
Unable to use LUKS passphrase that is exactly 16 bytes long
https://bugzilla.redhat.com/show_bug.cgi?id=1447297
Change-Id: I565339762549b076119ffedb6b83abfa12977f5e
Lee Yarwood authored on 2017/05/19 21:40:56Showing 1 changed files
| ... | ... |
@@ -1253,8 +1253,13 @@ if is_service_enabled g-reg; then |
| 1253 | 1253 |
fi |
| 1254 | 1254 |
|
| 1255 | 1255 |
# Create a randomized default value for the key manager's fixed_key |
| 1256 |
+# NOTE(lyarwood): This is currently set to 36 as a workaround to the following |
|
| 1257 |
+# libvirt bug that incorrectly pads passphrases that are a multiple of 16 bytes |
|
| 1258 |
+# in length. |
|
| 1259 |
+# Unable to use LUKS passphrase that is exactly 16 bytes long |
|
| 1260 |
+# https://bugzilla.redhat.com/show_bug.cgi?id=1447297 |
|
| 1256 | 1261 |
if is_service_enabled nova; then |
| 1257 |
- iniset $NOVA_CONF key_manager fixed_key $(generate_hex_string 32) |
|
| 1262 |
+ iniset $NOVA_CONF key_manager fixed_key $(generate_hex_string 36) |
|
| 1258 | 1263 |
fi |
| 1259 | 1264 |
|
| 1260 | 1265 |
# Launch the nova-api and wait for it to answer before continuing |