Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Relax requirement for IKE policy #14847

Closed
m2martin opened this issue Jan 18, 2024 · 4 comments · Fixed by #14878
Closed

Relax requirement for IKE policy #14847

m2martin opened this issue Jan 18, 2024 · 4 comments · Fixed by #14878
Assignees
@m2martin
Labels
severity: low Does not significantly disrupt application functionality, or a workaround is available status: accepted This issue has been accepted for implementation type: bug A confirmed report of unexpected behavior in the application

Comments

@m2martin
Copy link
Contributor

Deployment Type

Self-hosted

NetBox Version

v3.7.1

Python Version

3.9

Steps to Reproduce

  1. Go to IKE policies and add a policy
  2. Field Mode is required and provides Aggressive and Main

Expected Behavior

Field Mode is not required.

Observed Behavior

Field Mode is required.
@m2martin m2martin added the type: bug A confirmed report of unexpected behavior in the application label Jan 18, 2024
@m2martin
Copy link
Contributor Author

Background:

One of the substential differences between IKEv1 and IKEv2 is the initial message exchange which has no configurable modes (Main/Aggressive) compared to v1.

The field Mode should not be required like Authentication algo in IKE proposals which depends on the encryption algo (CBC/GCM) (see #14499).

...yes I know...blank=True would need a migration.

@DanSheps DanSheps added status: needs owner This issue is tentatively accepted pending a volunteer committed to its implementation severity: low Does not significantly disrupt application functionality, or a workaround is available labels Jan 19, 2024
@DanSheps
Copy link
Member

If someone wants to tackle this, the best way forward would be:

  • set blank=True and null=True on the model (build the migration as well
  • Edit the model clean method to require IKEv1 to have a mode of any of the choices

@m2martin
Copy link
Contributor Author

If the change is basically accepted, I'd implement it accordingly.

@DanSheps DanSheps added status: accepted This issue has been accepted for implementation and removed status: needs owner This issue is tentatively accepted pending a volunteer committed to its implementation labels Jan 19, 2024
@DanSheps
Copy link
Member

If the change is basically accepted, I'd implement it accordingly.

All you @m2martin

@m2martin m2martin mentioned this issue Jan 20, 2024
Merged
jeremystretch added a commit that referenced this issue Jan 22, 2024
@m2martin @jeremystretch
Fixes #14847: Relax requirement for IKE policy (#14878)
79e0d3a 
* Fixes #14847: Relax requirement for IKE policy

* Docs tweak

---------

Co-authored-by: Jeremy Stretch <jstretch@netboxlabs.com>
jeremystretch added a commit that referenced this issue Jan 22, 2024
@jeremystretch
Changelog for #14572, #14847, #14879, #14885, #14892
e4188b5
@jeremystretch jeremystretch mentioned this issue Feb 5, 2024
Merged
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Apr 22, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@m2martin m2martin

Labels
severity: low Does not significantly disrupt application functionality, or a workaround is available status: accepted This issue has been accepted for implementation type: bug A confirmed report of unexpected behavior in the application
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fixes #14847: Relax requirement for IKE policy
2 participants
@DanSheps @m2martin