[Engine-patches] Change in ovirt-engine[master]: engine: Integrate noVNC support

Tue, 28 May 2013 01:04:35 -0700 

Alon Bar-Lev has posted comments on this change.

Change subject: engine: Integrate noVNC support
......................................................................


Patch Set 7: (2 inline comments)

....................................................
File backend/manager/modules/root/src/main/webapp/ovirt-engine-novnc-main.html
Line 128:                            'shared':       
WebUtil.getQueryVar('shared', true),
Line 129:                            'view_only':    
WebUtil.getQueryVar('view_only', false),
Line 130:                            'updateState':  updateState,
Line 131:                            'onPasswordRequired':  passwordRequired});
Line 132:                            rfb.connect(host, port, ticket, path);
What is wss?

Anyway, the problem is not that it is being encrypted, but the authenticity 
with relation to connection details which are (vnc-ticket, vnc-host, vnc-port).

In this case you extract the vnc-ticket and send it to vnc-host, the proxy 
cannot authenticate that it matches the details.

So there is no point in adding it to the proxy ticket...
Line 133:             }catch(e) {alert(e);}
Line 134:         }
Line 135: 
Line 136:         if (window.addEventListener) {


....................................................
File packaging/services/ovirt-websocket-proxy.py
Line 147:             listen_host=self._config.getString('PROXY_HOST'),
Line 148:             listen_port=self._config.getString('PROXY_PORT'),
Line 149:             source_is_ipv6=self._config.getBoolean('SOURCE_IS_IPV6'),
Line 150:             verbose=self._config.getBoolean('LOG_VERBOSE'),
Line 151:             ticketDecoder=TicketDecoder(insecure, 
data_verification_cert),
right... but you separated it into two, what I suggested is to keep it all 
together... and show you how :)
Line 152:             cert=self._config.getString('SSL_CERTIFICATE'),
Line 153:             key=self._config.getString('SSL_KEY'),
Line 154:             ssl_only=self._config.getBoolean('SSL_ONLY'),
Line 155:             daemon=False,


--
To view, visit http://gerrit.ovirt.org/13931
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I44e9870b88537360a1886e89c08f18865eae2ef0
Gerrit-PatchSet: 7
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Frank Kobzik <fkob...@redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com>
Gerrit-Reviewer: Barak Azulay <bazu...@redhat.com>
Gerrit-Reviewer: Frank Kobzik <fkob...@redhat.com>
Gerrit-Reviewer: Itamar Heim <ih...@redhat.com>
Gerrit-Reviewer: Martin Beták <mbe...@redhat.com>
Gerrit-Reviewer: Michal Skrivanek <michal.skriva...@redhat.com>
Gerrit-Reviewer: Sandro Bonazzola <sbona...@redhat.com>
Gerrit-Reviewer: Tomas Jelinek <tjeli...@redhat.com>
Gerrit-Reviewer: Vojtech Szocs <vsz...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to