Change in vdsm[master]: Implement SSL session cache

Mon, 12 Nov 2012 07:48:39 -0800 

Juan Hernandez has posted comments on this change.

Change subject: Implement SSL session cache
......................................................................


Patch Set 7: (3 inline comments)

....................................................
File vdsm/SecureXMLRPCServer.py
Line 54:         self.raw = raw
Line 55: 
Line 56:         # Create the OpenSSL context:
Line 57:         self.context = OpenSSL.SSL.Context(OpenSSL.SSL.SSLv23_METHOD)
Line 58:         self.context.set_session_id("vdsm")
Added a "session_id" parameter to "__init__" with "vdsm" as the default value.
Line 59: 
Line 60:         # Load the crendentials:
Line 61:         if certfile and keyfile:
Line 62:             self.context.use_certificate_file(certfile)


Line 72:                 OpenSSL.SSL.VERIFY_CLIENT_ONCE,
Line 73:                 SSLServerSocket.verify)
Line 74: 
Line 75:     @staticmethod
Line 76:     def verify(connection, certificate, number, depth, result):
Renamed to "__verify".
Line 77:         # The validation of the client certificate has already been
Line 78:         # performed by the OpenSSL library and the handshake already
Line 79:         # aborted if it fails as we use the VERIFY_FAIL_IF_NO_PEER_CERT
Line 80:         # option in the set_verify method. We are not doing any


Line 134: 
Line 135:     def do_handshake(self):
Line 136:         return self.connection.do_handshake()
Line 137: 
Line 138:     def makefile(self, mode="r", bufsize=-1):
This can't be renamed as it has to have the same name that in a normal socket.
Line 139:         # In order to implement this method we borrow the _fileobject
Line 140:         # function from the socket module, and that forces us to
Line 141:         # implement correcty the recv and send methods:
Line 142:         return socket._fileobject(self, mode, bufsize)


--
To view, visit http://gerrit.ovirt.org/8123
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: Ic75adee4070b415b8855af1f2ea289825496fbc1
Gerrit-PatchSet: 7
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Juan Hernandez <juan.hernan...@redhat.com>
Gerrit-Reviewer: Dan Kenigsberg <dan...@redhat.com>
Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com>
Gerrit-Reviewer: Saggi Mizrahi <smizr...@redhat.com>
Gerrit-Reviewer: Yaniv Bronhaim <ybron...@redhat.com>
Gerrit-Reviewer: Yaniv Kaul <yk...@redhat.com>
_______________________________________________
vdsm-patches mailing list
vdsm-patches@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/vdsm-patches

Reply via email to