Alon Bar-Lev has posted comments on this change. Change subject: host-deploy: getChainFromSSL: acquire chain from session and not negotiation ......................................................................
Patch Set 2: (2 comments) http://gerrit.ovirt.org/#/c/23773/2//COMMIT_MSG Commit Message: Line 5: CommitDate: 2014-01-28 15:47:20 +0200 Line 6: Line 7: host-deploy: getChainFromSSL: acquire chain from session and not negotiation Line 8: Line 9: although the negotiation seems to be the right place to acquire the > Is there any reference (bug, mailing list) where these cases are discussed? https://bugzilla.redhat.com/show_bug.cgi?id=1058016 Line 10: chain, in some cases it was missing the root certificate authority, Line 11: while the chain out of the session is a complete one. Line 12: Line 13: Change-Id: I397f1341984f78e8fc0a07e9256eeac362b0fcaf http://gerrit.ovirt.org/#/c/23773/2/vdsm_reg/deployUtil.py.in File vdsm_reg/deployUtil.py.in: Line 1653: def check_ignore(*args, **kw): Line 1654: return True Line 1655: Line 1656: ctx = SSL.Context() Line 1657: ctx.set_verify(mode=SSL.verify_none, depth=0) > I assume depth=0 means "no limitation"? It's not really related to the patc it is verify_none... but depth is mandatory. Line 1658: with contextlib.closing(SSL.Connection(ctx)) as sock: Line 1659: # we would like to ignore any issue with certificates Line 1660: sock.set_post_connection_check_callback(check_ignore) Line 1661: sock.connect(host) -- To view, visit http://gerrit.ovirt.org/23773 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I397f1341984f78e8fc0a07e9256eeac362b0fcaf Gerrit-PatchSet: 2 Gerrit-Project: vdsm Gerrit-Branch: master Gerrit-Owner: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Dan Kenigsberg <[email protected]> Gerrit-Reviewer: Douglas Schilling Landgraf <[email protected]> Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ vdsm-patches mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/vdsm-patches
