[Bug 1921514] Re: VPNaaS strongSwan driver does not reload secrets
Reviewed: https://review.opendev.org/c/openstack/neutron-vpnaas/+/795884 Committed: https://opendev.org/openstack/neutron-vpnaas/commit/21c38f07c2dd4672e431fddd81e31784af15a88b Submitter: "Zuul (22348)" Branch:stable/wallaby commit 21c38f07c2dd4672e431fddd81e31784af15a88b Author: Patryk Jakuszew Date: Fri Mar 26 07:43:08 2021 +0100 Add ipsec.secrets reload function to strongSwan driver Currently, strongSwan driver only triggers "ipsec reload" command when a new IPsec Site Connection configuration is received. If that configuration uses a different PSK, it will not be picked up upon reload called by restart() function. This change introduces a separate reload_secrets() function which will call "ipsec rereadsecrets" before "ipsec reload". Closes-Bug: #1921514 Change-Id: Ia545838b1d645547baf56ce3bb5ee2a97781 (cherry picked from commit 2297098875f24289259f12012ab5f077d6051383) ** Tags added: in-stable-wallaby -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921514 Title: VPNaaS strongSwan driver does not reload secrets To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1921514/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1921514] Re: VPNaaS strongSwan driver does not reload secrets
This bug has had a related patch abandoned and has been automatically un-assigned due to inactivity. Please re-assign yourself if you are continuing work or adjust the state as appropriate if it is no longer valid. ** Changed in: neutron-vpnaas (Ubuntu) Status: In Progress => New ** Tags added: timeout-abandon -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921514 Title: VPNaaS strongSwan driver does not reload secrets To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1921514/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1921514] Re: VPNaaS strongSwan driver does not reload secrets
Hi! I think that patching neutron-vpnaas should be enough - I can see it in charon logs that "ipsec rereadsecrets" command is indeed called when a new connection is configured. The unit tests that you mentioned in review discussion probably will be limited to neutron-vpnaas repo too. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921514 Title: VPNaaS strongSwan driver does not reload secrets To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1921514/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1921514] Re: VPNaaS strongSwan driver does not reload secrets
** Changed in: neutron-vpnaas (Ubuntu) Status: Confirmed => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921514 Title: VPNaaS strongSwan driver does not reload secrets To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1921514/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1921514] Re: VPNaaS strongSwan driver does not reload secrets
Hi, Do you need to work in Neutron as well or patch https://review.opendev.org/c/openstack/neutron-vpnaas/+/783331 in neutron-vpnaas is enough to fix this issue? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921514 Title: VPNaaS strongSwan driver does not reload secrets To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1921514/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1921514] Re: VPNaaS strongSwan driver does not reload secrets
The attachment "neutron_vpnaas_strongswan_rereadsecrets.patch" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team. [This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.] ** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921514 Title: VPNaaS strongSwan driver does not reload secrets To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1921514/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1921514] Re: VPNaaS strongSwan driver does not reload secrets
** Changed in: neutron Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921514 Title: VPNaaS strongSwan driver does not reload secrets To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1921514/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1921514] Re: VPNaaS strongSwan driver does not reload secrets
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: neutron-vpnaas (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921514 Title: VPNaaS strongSwan driver does not reload secrets To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1921514/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1921514] Re: VPNaaS strongSwan driver does not reload secrets
Patch uploaded for review here: https://review.opendev.org/c/openstack /neutron-vpnaas/+/783331 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921514 Title: VPNaaS strongSwan driver does not reload secrets To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1921514/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1921514] Re: VPNaaS strongSwan driver does not reload secrets
** Also affects: neutron-vpnaas (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921514 Title: VPNaaS strongSwan driver does not reload secrets To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1921514/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs