Piotr Kliczewski has posted comments on this change. Change subject: core: configurable ssl protocol ......................................................................
Patch Set 9: (2 comments) http://gerrit.ovirt.org/#/c/34372/9/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/host/provider/foreman/ForemanHostProviderProxy.java File backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/host/provider/foreman/ForemanHostProviderProxy.java: Line 370: int hostPort = hostUrl.getPort() == -1 ? HttpsURL.DEFAULT_PORT : hostUrl.getPort(); Line 371: Protocol httpsProtocol = Line 372: new Protocol(String.valueOf(HttpsURL.DEFAULT_SCHEME), Line 373: (ProtocolSocketFactory) new AuthSSLProtocolSocketFactory(ExternalTrustStoreInitializer.getTrustStore(), Line 374: Config.<String> getValue(ConfigValues.ProviderSSLProtocol)), > we agreed to leave this as "SSLv3" in this patch no new configuration, and We agreed to use second config value and Yair can override anyway. Line 375: hostPort); Line 376: httpClient.getHostConfiguration().setHost(hostUrl.getHost(), hostPort, httpsProtocol); Line 377: } else { Line 378: int hostPort = hostUrl.getPort() == -1 ? HttpURL.DEFAULT_PORT : hostUrl.getPort(); http://gerrit.ovirt.org/#/c/34372/9/packaging/etc/engine-config/engine-config.properties File packaging/etc/engine-config/engine-config.properties: Line 38: EncryptHostCommunication.description="Determine whether to use secure communication with hosts" Line 39: EncryptHostCommunication.type=Boolean Line 40: VdsmSSLProtocol.description="Determines protocol used by vdsm" Line 41: VdsmSSLProtocol.type=String Line 42: ProviderSSLProtocol.description="Determines protocol used by providers" > by external providers and the attestation service. Done Line 43: ProviderSSLProtocol.type=String Line 44: FreeSpaceCriticalLowInGB.description="Critical low disk space alert threshold (in GB)" Line 45: FreeSpaceCriticalLowInGB.type=Integer Line 46: FreeSpaceCriticalLowInGB.validValues=0..2147483647 -- To view, visit http://gerrit.ovirt.org/34372 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I33a33c15e8a995eb8de7d5131b3dbadc6191f873 Gerrit-PatchSet: 9 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Piotr Kliczewski <piotr.kliczew...@gmail.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com> Gerrit-Reviewer: Piotr Kliczewski <piotr.kliczew...@gmail.com> Gerrit-Reviewer: Saggi Mizrahi <smizr...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
