Piotr Kliczewski has posted comments on this change. Change subject: utils: build cert paths in single place ......................................................................
Patch Set 7: (4 comments) https://gerrit.ovirt.org/#/c/52354/7/lib/vdsm/constants.py.in File lib/vdsm/constants.py.in: Line 157: # localtion of the certificates Line 158: def get_cert_paths(path): Line 159: return (os.path.join(path, 'keys', 'vdsmkey.pem'), Line 160: os.path.join(path, 'certs', 'vdsmcert.pem'), Line 161: os.path.join(path, 'certs', 'cacert.pem')) > This module is for constants, not for functions. We need it. https://gerrit.ovirt.org/#/c/52354/7/lib/vdsm/sslutils.py File lib/vdsm/sslutils.py: Line 263: Line 264: def create_ssl_context(): Line 265: sslctx = None Line 266: if config.getboolean('vars', 'ssl'): Line 267: path = config.get('vars', 'trust_store_path') > We can remove this configuration, it does not work anyway - all the code us As you can see here we are using it. Do you suggest to hard code this value? Line 268: protocol = ( Line 269: ssl.PROTOCOL_SSLv23 Line 270: if config.get('vars', 'ssl_protocol') == 'sslv23' Line 271: else ssl.PROTOCOL_TLSv1 https://gerrit.ovirt.org/#/c/52354/7/lib/vdsm/tool/configurators/certificates.py File lib/vdsm/tool/configurators/certificates.py: Line 30 Line 31 Line 32 Line 33 Line 34 > Please move the 4 lines above to constants, and use constants.CA_FILE, con we need path to build the constants. https://gerrit.ovirt.org/#/c/52354/7/lib/vdsm/vdscli.py File lib/vdsm/vdscli.py: Line 103 Line 104 Line 105 Line 106 Line 107 > Do we use tsPath? Do we need to support this? In this code we need it. We would need to explore whether we could hard code the path. I am not really sure whether it is good idea. -- To view, visit https://gerrit.ovirt.org/52354 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I58dd3a5f7c1503fc38b6c6a204c036c06d09941b Gerrit-PatchSet: 7 Gerrit-Project: vdsm Gerrit-Branch: master Gerrit-Owner: Piotr Kliczewski <piotr.kliczew...@gmail.com> Gerrit-Reviewer: Dan Kenigsberg <dan...@redhat.com> Gerrit-Reviewer: Francesco Romani <from...@redhat.com> Gerrit-Reviewer: Jenkins CI Gerrit-Reviewer: Nir Soffer <nsof...@redhat.com> Gerrit-Reviewer: Piotr Kliczewski <piotr.kliczew...@gmail.com> Gerrit-Reviewer: Yaniv Bronhaim <ybron...@redhat.com> Gerrit-Reviewer: gerrit-hooks <automat...@ovirt.org> Gerrit-HasComments: Yes _______________________________________________ vdsm-patches mailing list vdsm-patches@lists.fedorahosted.org https://lists.fedorahosted.org/admin/lists/vdsm-patches@lists.fedorahosted.org
