Alon Bar-Lev has posted comments on this change. Change subject: vdsm-reg: use web server CA extracted from SSL handshake ......................................................................
Patch Set 3: Unbelievable!!!! The registration is done using HTTPS without validation of CA at *ALL*. Then it fallsback to HTTP. It uses its own implementation of socket not deplyUtils!!!! So there is no change in registration... The getRemoteFile() is at least checking for CA, but then falls back automatically to HTTP. So yes, it will work without any CA. Not sure why we need the CA, I would have remove all the SSL complexity as it completely void. I was trying to fix something that is totally broken. (1+2+X+4+5)*0 = 0 -- To view, visit http://gerrit.ovirt.org/8386 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Iab8727a167de19ac66712309868654ae00c9bf4d Gerrit-PatchSet: 3 Gerrit-Project: vdsm Gerrit-Branch: master Gerrit-Owner: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Dan Kenigsberg <[email protected]> Gerrit-Reviewer: Doron Fediuck <[email protected]> Gerrit-Reviewer: Juan Hernandez <[email protected]> _______________________________________________ vdsm-patches mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/vdsm-patches
