[Engine-patches] Change in ovirt-engine[master]: WIP Support foreman SSL provider

Tue, 28 May 2013 07:53:08 -0700 

Oved Ourfali has posted comments on this change.

Change subject: WIP Support foreman SSL provider
......................................................................


Patch Set 1: (3 inline comments)

Do you suggest to create a new script to create it?
I can. I just guess it is pretty much similar commands, but I can split that.

....................................................
File 
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/host/provider/foreman/ForemanHostProviderProxy.java
Line 49:             URL hostUrl = new URL(hostProvider.getUrl());
Line 50:             if 
(hostUrl.getProtocol().equalsIgnoreCase(HTTPS_PROTOCOL)) {
Line 51:                 String trustStorePath = FILE_URL_PREFIX + 
EngineLocalConfig.getInstance().getPKIExternalTrustStore();
Line 52:                 String trustStorePassword = 
EngineLocalConfig.getInstance().getPKIExternalTrustStorePassword();
Line 53:                 httpClient = new SecuredHostHttpClient(hostUrl, new 
URL(trustStorePath), trustStorePassword, false);
Makes sense.
Will either do that, or just put the whole the logic in this class.
Line 54:             } else {
Line 55:                 httpClient = new HttpClient();
Line 56:             }
Line 57:             objectMapper.configure(Feature.FAIL_ON_UNKNOWN_PROPERTIES, 
false);


....................................................
File 
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/host/provider/foreman/SecuredHostHttpClient.java
Line 10: 
Line 11:     private static final int DEFAULT_SECURED_PORT = 443;
Line 12:     public SecuredHostHttpClient(URL hostUrl, URL trustStorePath, 
String trustStorePassword, boolean enableSniExtension) {
Line 13:         super();
Line 14:         System.setProperty ("jsse.enableSNIExtension", 
String.valueOf(enableSniExtension));
OK.
Further investigation here is required anyway, so hopefully I'll find a 
workaround for that, but if not then I'll put it in engine.conf defaults.
Line 15:         int hostPort = hostUrl.getPort();
Line 16:         if (hostPort == -1) {
Line 17:             hostPort = DEFAULT_SECURED_PORT;
Line 18:         }


Line 16:         if (hostPort == -1) {
Line 17:             hostPort = DEFAULT_SECURED_PORT;
Line 18:         }
Line 19:         Protocol httpsProtocol = new Protocol("https", new 
AuthSSLProtocolSocketFactory(null, null, trustStorePath, trustStorePassword),  
hostPort);
Line 20:         Protocol.registerProtocol("https", httpsProtocol);
Same here... although for now it just doesn't work without the registration as 
https. Will dig deeper here as well, as I might be doing something wrong here.
Line 21:         getHostConfiguration().setHost(hostUrl.getHost(), 
hostUrl.getPort(), httpsProtocol);
Line 22:     }
Line 23: 


--
To view, visit http://gerrit.ovirt.org/15128
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I35343409d74a4f90aae726b46781f27ce08a981a
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Oved Ourfali <oourf...@redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com>
Gerrit-Reviewer: Mike Kolesnik <mkole...@redhat.com>
Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to