Oved Ourfali has posted comments on this change. Change subject: core: configurable ssl protocol ......................................................................
Patch Set 6: (6 comments) http://gerrit.ovirt.org/#/c/34372/6/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/config/ConfigValues.java File backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/config/ConfigValues.java: Line 388: @TypeConverterAttribute(Boolean.class) Line 389: @DefaultValueAttribute("true") Line 390: EncryptHostCommunication, Line 391: @TypeConverterAttribute(String.class) Line 392: @DefaultValueAttribute("TLSv1") so the decision is that it will be defaulted to tlsv1? Line 393: VdsmSLLProtocol, Line 394: @Reloadable Line 395: @TypeConverterAttribute(String.class) Line 396: @DefaultValueAttribute("oVirt") Line 389: @DefaultValueAttribute("true") Line 390: EncryptHostCommunication, Line 391: @TypeConverterAttribute(String.class) Line 392: @DefaultValueAttribute("TLSv1") Line 393: VdsmSLLProtocol, typo. Line 394: @Reloadable Line 395: @TypeConverterAttribute(String.class) Line 396: @DefaultValueAttribute("oVirt") Line 397: OrganizationName, http://gerrit.ovirt.org/#/c/34372/6/backend/manager/modules/vdsbroker/src/main/java/org/ovirt/engine/core/vdsbroker/TransportFactory.java File backend/manager/modules/vdsbroker/src/main/java/org/ovirt/engine/core/vdsbroker/TransportFactory.java: Line 23: if (VdsProtocol.STOMP == vdsProtocol) { Line 24: irsServer = new JsonRpcIIrsServer(JsonRpcUtils.createStompClient(hostname, Line 25: port, connectionTimeOut, clientTimeOut, clientRetries, heartbeat, Line 26: Config.<Boolean> getValue(ConfigValues.EncryptHostCommunication), Line 27: Config.<String> getValue(ConfigValues.VdsmSLLProtocol))); so XMLRPC is out of the game for this configuration, right? Line 28: } else if (VdsProtocol.XML == vdsProtocol){ Line 29: Pair<IrsServerConnector, HttpClient> returnValue = Line 30: XmlRpcUtils.getConnection(hostname, port, clientTimeOut, connectionTimeOut, Line 31: clientRetries, IrsServerConnector.class, http://gerrit.ovirt.org/#/c/34372/6/backend/manager/modules/vdsbroker/src/test/java/org/ovirt/engine/core/vdsbroker/jsonrpc/JsonRpcIntegrationTest.java File backend/manager/modules/vdsbroker/src/test/java/org/ovirt/engine/core/vdsbroker/jsonrpc/JsonRpcIntegrationTest.java: Line 26: private final static int TIMEOUT = 5000; Line 27: Line 28: @Test Line 29: public void testGetVdsCapabilities() throws InterruptedException, ExecutionException, ClientConnectionException { Line 30: JsonRpcClient client = JsonRpcUtils.createStompClient(HOST_ADDRESS, PORT, TIMEOUT, 0, TIMEOUT, TIMEOUT, true, "TLS"); should it be TLS or TLSv1 Line 31: final JsonRpcRequest request = new RequestBuilder("Host.getCapabilities").build(); Line 32: Map<String, Object> map = new FutureMap(client, request); Line 33: assertTrue(map.isEmpty()); Line 34: } http://gerrit.ovirt.org/#/c/34372/6/packaging/dbscripts/upgrade/pre_upgrade/0000_config.sql File packaging/dbscripts/upgrade/pre_upgrade/0000_config.sql: Line 650: select fn_db_add_config_value('DelayResetForSpmInSeconds','20','general'); Line 651: select fn_db_add_config_value('DelayResetPerVmInSeconds','0.5','general'); Line 652: --Handling Use Secure Connection with Hosts Line 653: select fn_db_add_config_value('EncryptHostCommunication','true','general'); Line 654: select fn_db_add_config_value('VdsmSLLProtocol','TLSv1','general'); you have a typo here. Line 655: select fn_db_add_config_value('TimeToReduceFailedRunOnVdsInMinutes','30','general'); Line 656: select fn_db_add_config_value('UnknownTaskPrePollingLapse','60000','general'); Line 657: select fn_db_add_config_value('UserSessionHardLimit','600','general'); Line 658: select fn_db_add_config_value('UserDefinedVMProperties','','3.0'); http://gerrit.ovirt.org/#/c/34372/6/packaging/etc/engine-config/engine-config.properties File packaging/etc/engine-config/engine-config.properties: Line 37: EnableVdsLoadBalancing.validValues=true,false Line 38: EncryptHostCommunication.description="Determine whether to use secure communication with hosts" Line 39: EncryptHostCommunication.type=Boolean Line 40: SSLProtocol.description="Determines protocol used by SSL" Line 41: SSLProtocol.type=String isn't it VDSMSSLProtocol? Perhaps call it HostSecuredCommunicationProtocol ? Line 42: FreeSpaceCriticalLowInGB.description="Critical low disk space alert threshold (in GB)" Line 43: FreeSpaceCriticalLowInGB.type=Integer Line 44: FreeSpaceCriticalLowInGB.validValues=0..2147483647 Line 45: FreeSpaceLow.description="Limit of % free disk-space below which it is considered low" -- To view, visit http://gerrit.ovirt.org/34372 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I33a33c15e8a995eb8de7d5131b3dbadc6191f873 Gerrit-PatchSet: 6 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Piotr Kliczewski <piotr.kliczew...@gmail.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com> Gerrit-Reviewer: Piotr Kliczewski <piotr.kliczew...@gmail.com> Gerrit-Reviewer: Saggi Mizrahi <smizr...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
