Dan Kenigsberg has submitted this change and it was merged. Change subject: Validate downloaded CA certificate ......................................................................
Validate downloaded CA certificate During installation the CA certificate of the engine is downloaded, but it is not verified in any way. In some situations we can be getting garbage from the engine, for example when we connect to an HTTPS server using the HTTP protocol. That garbage can corrupt a previously downloaded CA certificate. This patch changes deployUtils.py so that it verifies that what we get is a valid X.509 certificate before saving it to the file. Bug-Id: https://bugzilla.redhat.com/856167 Change-Id: Ib5d3b3aeca42e4bc4b621b1acb861bfb1ac383e6 Signed-off-by: Juan Hernandez <[email protected]> --- M vdsm_reg/deployUtil.py.in 1 file changed, 10 insertions(+), 1 deletion(-) Approvals: Alon Bar-Lev: Looks good to me, but someone else must approve Douglas Schilling Landgraf: Looks good to me, but someone else must approve Ryan Harper: Looks good to me, but someone else must approve Juan Hernandez: Verified Dan Kenigsberg: Looks good to me, approved -- To view, visit http://gerrit.ovirt.org/8021 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: Ib5d3b3aeca42e4bc4b621b1acb861bfb1ac383e6 Gerrit-PatchSet: 6 Gerrit-Project: vdsm Gerrit-Branch: master Gerrit-Owner: Juan Hernandez <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Dan Kenigsberg <[email protected]> Gerrit-Reviewer: Douglas Schilling Landgraf <[email protected]> Gerrit-Reviewer: Juan Hernandez <[email protected]> Gerrit-Reviewer: Michael Burns <[email protected]> Gerrit-Reviewer: Ryan Harper <[email protected]> _______________________________________________ vdsm-patches mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/vdsm-patches
