← Back to branch summary

~ubuntu-branches/ubuntu/raring/eucalyptus/raring

« back to all changes in this revision

Viewing changes to .pc/30-clock_drift.patch/tools/service-policy-template.xml

  • Committer: Package Import Robot
  • Author(s): James Page
  • Date: 2011-09-21 09:57:58 UTC
  • Revision ID: package-import@ubuntu.com-20110921095758-v3q43gifp4lxlh1w
Tags: 2.0.1+bzr1256-0ubuntu8
https://launchpad.net/bugs/851611
https://launchpad.net/bugs/854946
* Fix compatibility issues with SSLv3 (LP: #851611):
  - d/patches/29-euca_conf-sslv3.patch: Use --secure-protocol=SSLv3
    with wget when communicating with CLC.
  - d/eucalyptus-cloud.upstart: Use --secure-protocol=SSLv3 with wget
    when checking for CLC startup complete.
* d/patches/30-clock_drift.patch: Resolve issue with rampart blocking 
  communication between CC and NC when time is fractionally in the
  future (LP: #854946):

Show diffs side-by-side

added added

removed removed

Lines of Context:
.pc/30-clock_drift.patch/tools/service-policy-template.xml
 
1
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
 
2
  <wsp:ExactlyOne>
 
3
    <wsp:All>
 
4
      <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
 
5
        <wsp:Policy>
 
6
          <sp:InitiatorToken>
 
7
            <wsp:Policy>
 
8
              <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">a
 
9
                <wsp:Policy>
 
10
                  <sp:RequireEmbeddedTokenReference/>
 
11
                  <sp:WssX509V3Token10/>
 
12
                </wsp:Policy>
 
13
              </sp:X509Token>
 
14
            </wsp:Policy>
 
15
          </sp:InitiatorToken>
 
16
          <sp:RecipientToken>
 
17
            <wsp:Policy>
 
18
              <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
 
19
                <wsp:Policy>
 
20
                  <sp:RequireEmbeddedTokenReference/>
 
21
                  <sp:WssX509V3Token10/>
 
22
                </wsp:Policy>
 
23
              </sp:X509Token>
 
24
            </wsp:Policy>
 
25
          </sp:RecipientToken>
 
26
 
 
27
          <sp:AlgorithmSuite>
 
28
            <wsp:Policy>
 
29
              <sp:Basic256Rsa15/>
 
30
            </wsp:Policy>
 
31
          </sp:AlgorithmSuite>
 
32
 
 
33
          <sp:Layout>
 
34
            <wsp:Policy>
 
35
              <sp:Strict/>
 
36
            </wsp:Policy>
 
37
          </sp:Layout>
 
38
 
 
39
          <sp:IncludeTimestamp/>
 
40
          <sp:OnlySignEntireHeadersAndBody/>
 
41
          <!-- <sp:EncryptSignature/> -->
 
42
        </wsp:Policy>
 
43
      </sp:AsymmetricBinding>
 
44
 
 
45
      <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
 
46
        <wsp:Policy>
 
47
          <sp:MustSupportRefKeyIdentifier/>
 
48
          <sp:MustSupportRefEmbeddedToken/>
 
49
          <sp:MustSupportRefIssuerSerial/>
 
50
        </wsp:Policy>
 
51
      </sp:Wss10>
 
52
 
 
53
      <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
 
54
        <sp:Body/>
 
55
        <sp:Header Namespace="http://www.w3.org/2005/08/addressing"/>
 
56
      </sp:SignedParts>
 
57
 
 
58
      <rampc:RampartConfig xmlns:rampc="http://ws.apache.org/rampart/c/policy">
 
59
        <rampc:ReceiverCertificate>EUCALYPTUS_HOME/var/lib/eucalyptus/keys/CLIENT-CERT</rampc:ReceiverCertificate>
 
60
        <rampc:Certificate>EUCALYPTUS_HOME/var/lib/eucalyptus/keys/SERVER-CERT</rampc:Certificate>
 
61
        <rampc:PrivateKey>EUCALYPTUS_HOME/var/lib/eucalyptus/keys/SERVER-KEY</rampc:PrivateKey>
 
62
        <!-- <rampc:TimeToLive>14400</rampc:TimeToLive> -->
 
63
      </rampc:RampartConfig>
 
64
    </wsp:All>
 
65
  </wsp:ExactlyOne>
 
66
</wsp:Policy>
 
67