Juan Hernandez has submitted this change and it was merged. Change subject: sdk: Check SSL server name ......................................................................
sdk: Check SSL server name Currently we don't check that the host name provided in the URL matches the host name contained in the server certificate. This is a common feature of most SSL clients, but it isn't well supported by the SSL implementation in Python 2.6. To improve security this patch explicitly checks the host name given in the URL against the subject common name attribute and the subject alternative names extension. This check will be enabled by default and disabled when using "insecure=True" in the constructor of the entry point object. Change-Id: I6a08179288fd564fbb79f5731c3e32251e560d81 Signed-off-by: Juan Hernandez <[email protected]> --- M src/ovirtsdk/web/connection.py M src/ovirtsdk/web/httpsconnection.py 2 files changed, 107 insertions(+), 2 deletions(-) Approvals: Juan Hernandez: Verified; Looks good to me, approved -- To view, visit http://gerrit.ovirt.org/26271 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: I6a08179288fd564fbb79f5731c3e32251e560d81 Gerrit-PatchSet: 4 Gerrit-Project: ovirt-engine-sdk Gerrit-Branch: master Gerrit-Owner: Juan Hernandez <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Juan Hernandez <[email protected]> Gerrit-Reviewer: Michael Pasternak <[email protected]> Gerrit-Reviewer: [email protected] _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
