Piotr Kliczewski has posted comments on this change. Change subject: ssl: configurable implementation ......................................................................
Patch Set 16: (3 comments) https://gerrit.ovirt.org/#/c/44494/16/lib/vdsm/m2cutils.py File lib/vdsm/m2cutils.py: Line 164: def _loadCAs(self): Line 165: context = self.context Line 166: Line 167: if self.ca_certs: Line 168: context.load_verify_locations(self.ca_certs) > less related and can get in before this patch I discovered it when I had wrongly configured setup. We need to be consistent between sslutils and m2cutils. This is exactly what this patch is about. Line 169: context.set_verify( Line 170: mode=SSL.verify_peer | SSL.verify_fail_if_no_peer_cert, Line 171: depth=10, Line 172: callback=self._verify) https://gerrit.ovirt.org/#/c/44494/16/lib/vdsm/sslcompat.py File lib/vdsm/sslcompat.py: Line 16: # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Line 17: # Line 18: # Refer to the README and COPYING files for full details of the license Line 19: # Line 20: try: > instead of rely on ImportError why not to have - https://gerrit.ovirt.org/# This patch is interim step and the change that you propose is in the next patch. Both patches are split based on functional scope. Line 21: from . import m2cutils as sslutils Line 22: from .m2cutils import SSLHandshakeDispatcher Line 23: from .m2cutils import SSLSocket Line 24: except ImportError: https://gerrit.ovirt.org/#/c/44494/16/vdsm.spec.in File vdsm.spec.in: Line 42: %global _polkitdir %{_localstatedir}/lib/polkit-1/localauthority/10-vendor.d Line 43: %endif Line 44: Line 45: # enable m2crypto by default Line 46: %global with_m2c 1 > I still prefer to require m2crypto always to keep the spec less complicated We can't required it always. We could have it in debian as well but please in mind that it is a bit different and it makes vdsm to fail. In order to keep it simple we need to remove m2c dependency if not needed. Line 47: Line 48: # Gluster should not be shipped with RHEV Line 49: %if ! 0%{?rhev_build} Line 50: %global with_gluster 1 -- To view, visit https://gerrit.ovirt.org/44494 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I6501981bbd5276c49731b0d9eba4794286b0f823 Gerrit-PatchSet: 16 Gerrit-Project: vdsm Gerrit-Branch: master Gerrit-Owner: Piotr Kliczewski <[email protected]> Gerrit-Reviewer: Dan Kenigsberg <[email protected]> Gerrit-Reviewer: Francesco Romani <[email protected]> Gerrit-Reviewer: Jenkins CI Gerrit-Reviewer: Nir Soffer <[email protected]> Gerrit-Reviewer: Piotr Kliczewski <[email protected]> Gerrit-Reviewer: Sandro Bonazzola <[email protected]> Gerrit-Reviewer: Simone Tiraboschi <[email protected]> Gerrit-Reviewer: Yaniv Bronhaim Gerrit-Reviewer: Yaniv Bronhaim <[email protected]> Gerrit-Reviewer: Yeela Kaplan <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-HasComments: Yes _______________________________________________ vdsm-patches mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/vdsm-patches
