[ovs-dev] Bug#828478: [PATCH v2] ovs-pki: Use SHA-512 instead of SHA-1 as message digest.
Ryan Moats
rmoats at us.ibm.com
Thu Jul 14 03:06:53 UTC 2016
"dev" <dev-bounces at openvswitch.org> wrote on 07/01/2016 08:05:40 PM:
> From: Ben Pfaff <blp at ovn.org>
> To: dev at openvswitch.org
> Cc: Ben Pfaff <blp at ovn.org>, Kurt Roeckx <kurt at roeckx.be>,
> 828478 at bugs.debian.org
> Date: 07/01/2016 08:06 PM
> Subject: [ovs-dev] [PATCH v2] ovs-pki: Use SHA-512 instead of SHA-1
> as message digest.
> Sent by: "dev" <dev-bounces at openvswitch.org>
>
> The upcoming OpenSSL 1.1.0 release disables use of SHA-1, which breaks
the
> OVS unit tests, which use SHA-1. We last tried to switch to SHA-512 in
> 2014 with commit 9ff33ca75e9fcc ("ovs-pki: Use SHA-512 instead of MD5 as
> message digest."), but we had to downgrade to SHA-1 in commit
4a1f9610682d
> ("ovs-pki: Use SHA-1 instead of SHA-512 as message digest.") because
> XenServer did not support SHA-512. It has been a few years, so let's try
> again.
>
> CC: 828478 at bugs.debian.org
> Reported-at: https://bugs.debian.org/828478
> Reported-by: Kurt Roeckx <kurt at roeckx.be>
> Signed-off-by: Ben Pfaff <blp at ovn.org>
> ---
I'm sorta surprised there's been no action on this...
I admit that I don't have XenServer to test against, but
if they still aren't supporting SHA-512, then this would be
another good reason for them to do so...
Acked-by: Ryan Moats <rmoats at us.ibm.com>
More information about the dev
mailing list