Alon Bar-Lev has posted comments on this change. Change subject: core: VirtIO console access key management ......................................................................
Patch Set 17: (1 comment) https://gerrit.ovirt.org/#/c/39512/17/backend/manager/modules/uutils/src/main/java/org/ovirt/engine/core/uutils/ssh/OpenSSHUtils.java File backend/manager/modules/uutils/src/main/java/org/ovirt/engine/core/uutils/ssh/OpenSSHUtils.java: Line 224: Line 225: try (ByteArrayInputStream inputStream = new ByteArrayInputStream(decodedBytes); Line 226: DataInputStream dataInputStream = new DataInputStream(inputStream)) { Line 227: Line 228: verifyByteArray(dataInputStream, SSH_RSA.getBytes(Charset.forName("UTF-8"))); we should not assume rsa algorithm, we cannot assume what public key structure we have. it can be dsa, ecdsa and more. sane string validation should be done, no more. Line 229: verifyByteArray(dataInputStream, null); Line 230: verifyByteArray(dataInputStream, null); Line 231: Line 232: return true; -- To view, visit https://gerrit.ovirt.org/39512 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I5ff5403823e752e695ebde76a4b7fb83e07099b6 Gerrit-PatchSet: 17 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Francesco Romani <from...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Arik Hadas <aha...@redhat.com> Gerrit-Reviewer: Eli Mesika <emes...@redhat.com> Gerrit-Reviewer: Francesco Romani <from...@redhat.com> Gerrit-Reviewer: Jenkins CI Gerrit-Reviewer: Martin Betak <mbe...@redhat.com> Gerrit-Reviewer: Michal Skrivanek <michal.skriva...@redhat.com> Gerrit-Reviewer: Omer Frenkel <ofren...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
