Dan Kenigsberg has posted comments on this change.
Change subject: Validate downloaded CA certificate
......................................................................
Patch Set 4: (1 inline comment)
....................................................
File vdsm_reg/deployUtil.py.in
Line 1485:
Line 1486: CACERT, VDSMCERT = certPaths('')
Line 1487: RHEVM_CERT_FILE = "/ca.crt"
Line 1488: rhevmCert = getRemoteFile(str(IP), str(port), RHEVM_CERT_FILE)
Line 1489: if rhevmCert and validateX509Cert(rhevmCert):
sure, but in a future patch, it would be great if you can validate the
fingerprints before writing a possibly-bogus certificate.
Line 1490: dirName = os.path.dirname(CACERT)
Line 1491: if not os.path.exists(dirName):
Line 1492: os.makedirs(dirName)
Line 1493: crt = file(CACERT, "w+")
--
To view, visit http://gerrit.ovirt.org/8021
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: Ib5d3b3aeca42e4bc4b621b1acb861bfb1ac383e6
Gerrit-PatchSet: 4
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Juan Hernandez <[email protected]>
Gerrit-Reviewer: Alon Bar-Lev <[email protected]>
Gerrit-Reviewer: Dan Kenigsberg <[email protected]>
Gerrit-Reviewer: Douglas Schilling Landgraf <[email protected]>
Gerrit-Reviewer: Juan Hernandez <[email protected]>
Gerrit-Reviewer: Michael Burns <[email protected]>
Gerrit-Reviewer: Ryan Harper <[email protected]>
_______________________________________________
vdsm-patches mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/vdsm-patches
