From Dan Kenigsberg <danken(a)redhat.com>:
Dan Kenigsberg has uploaded a new change for review.
Change subject: sslutils: add info to SSLHandshake errors
......................................................................
sslutils: add info to SSLHandshake errors
Include name of peer and its full certificate if they do not match,
in order to understand which non-legitimate client attempts to connect.
Change-Id: I0cb2d7e0c6c86ca12a34be13b07bc960e3ad313e
Signed-off-by: Dan Kenigsberg <danken(a)redhat.com>
---
M lib/vdsm/sslutils.py
1 file changed, 6 insertions(+), 3 deletions(-)
git pull ssh://gerrit.ovirt.org:29418/vdsm refs/changes/21/76221/1
diff --git a/lib/vdsm/sslutils.py b/lib/vdsm/sslutils.py
index 10fc172..8c349ca 100644
--- a/lib/vdsm/sslutils.py
+++ b/lib/vdsm/sslutils.py
@@ -219,9 +219,12 @@
if self._is_handshaking:
self._handshake(dispatcher)
else:
- if not self._verify_host(dispatcher.socket.getpeercert(),
- dispatcher.socket.getpeername()[0]):
- self.log.error("peer certificate does not match host name")
+ peercert = dispatcher.socket.getpeercert()
+ peername = dispatcher.socket.getpeername()[0]
+ if not self._verify_host(peercert, peername):
+ self.log.error(
+ "peer certificate '%s' does not match host name '%s'",
+ peercert, peername)
dispatcher.socket.close()
return
--
To view, visit https://gerrit.ovirt.org/76221
To unsubscribe, visit https://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I0cb2d7e0c6c86ca12a34be13b07bc960e3ad313e
Gerrit-PatchSet: 1
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Dan Kenigsberg <danken(a)redhat.com>
From Yaniv Bronhaim <ybronhei(a)redhat.com>:
Yaniv Bronhaim has uploaded a new change for review.
Change subject: Adding libvirt_sasl_isconfigured test
......................................................................
Adding libvirt_sasl_isconfigured test
This test checks if isconfigured works as expected. for latest libvirt
configure, the isconfigured should check for specific string in the
sasl2 conf file. The test validates that.
Change-Id: Ifb7aa1dfd579e2e0bf6493c06c164b6a42626d3f
Signed-off-by: Yaniv Bronhaim <ybronhei(a)redhat.com>
---
M tests/tool_test.py
1 file changed, 17 insertions(+), 0 deletions(-)
git pull ssh://gerrit.ovirt.org:29418/vdsm refs/changes/06/77506/1
diff --git a/tests/tool_test.py b/tests/tool_test.py
index 901b17b..a9ce0ef 100644
--- a/tests/tool_test.py
+++ b/tests/tool_test.py
@@ -23,6 +23,7 @@
from vdsm.tool.configfile import ConfigFile, ParserWrapper
from vdsm.tool.configurators import abrt
from vdsm.tool.configurators import libvirt
+from vdsm.tool.configurators import passwd
from vdsm.tool import UsageError
from vdsm.tool import upgrade
import monkeypatch
@@ -95,6 +96,22 @@
dict((m.name, m) for m in mockConfigurers))
+class PasswdConfiguratorTest(VdsmTestCase):
+ def testCheckIsConfigured(self):
+ first = tempfile.mktemp()
+ second = tempfile.mktemp()
+ with open(first, 'w') as f:
+ f.write("\n")
+ f.write("\n")
+ f.write("mech_list: gssapi\n")
+ with open(second, 'w') as f:
+ f.write("\n")
+ passwd._SASL2_CONF = first
+ self.assertEqual(passwd.libvirt_sasl_isconfigured(), NO)
+ passwd._SASL2_CONF = second
+ self.assertEqual(passwd.libvirt_sasl_isconfigured(), MAYBE)
+
+
@expandPermutations
class PatchConfiguratorsTests(VdsmTestCase):
--
To view, visit https://gerrit.ovirt.org/77506
To unsubscribe, visit https://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ifb7aa1dfd579e2e0bf6493c06c164b6a42626d3f
Gerrit-PatchSet: 1
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Yaniv Bronhaim <ybronhei(a)redhat.com>
From Dan Kenigsberg <danken(a)redhat.com>:
Dan Kenigsberg has posted comments on this change.
Change subject: network: use provide __repr__ and __str__ by route and rule
......................................................................
Patch Set 2:
(1 comment)
https://gerrit.ovirt.org/#/c/77415/2//COMMIT_MSG
Commit Message:
Line 6:
Line 7: network: use provide __repr__ and __str__ by route and rule
Line 8:
Line 9: IPRuleData and IPRouteData now provides __str__ and __repr__
Line 10: methods in a more Pythonic way.
I don't see the benefit of defining both functions; your __str__ is not much more human readable, so how about defining only __repr__?
Line 11:
Line 12: Change-Id: I68bed024a52e8f0de9369be0b2f6b2d0153165b1
--
To view, visit https://gerrit.ovirt.org/77415
To unsubscribe, visit https://gerrit.ovirt.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: I68bed024a52e8f0de9369be0b2f6b2d0153165b1
Gerrit-PatchSet: 2
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Petr Horáček <phoracek(a)redhat.com>
Gerrit-Reviewer: Dan Kenigsberg <danken(a)redhat.com>
Gerrit-Reviewer: Jenkins CI
Gerrit-Reviewer: Petr Horacek <phoracek(a)redhat.com>
Gerrit-Reviewer: gerrit-hooks <automation(a)ovirt.org>
Gerrit-HasComments: Yes
From Dan Kenigsberg <danken(a)redhat.com>:
Dan Kenigsberg has submitted this change and it was merged.
Change subject: net test: Use cmd.exec_* in network tests
......................................................................
net test: Use cmd.exec_* in network tests
Change-Id: Ic2efe3145f5d40474afd3eac95023636f5ed35ad
Signed-off-by: Edward Haas <edwardh(a)redhat.com>
---
M tests/network/dhcp.py
M tests/network/firewall.py
M tests/network/nettestlib.py
M tests/network/nmnettestlib.py
M tests/network/ovsnettestlib.py
5 files changed, 62 insertions(+), 63 deletions(-)
Approvals:
Jenkins CI: Passed CI tests
Petr Horáček: Looks good to me, but someone else must approve
Dan Kenigsberg: Looks good to me, approved
Edward Haas: Verified
--
To view, visit https://gerrit.ovirt.org/77443
To unsubscribe, visit https://gerrit.ovirt.org/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Ic2efe3145f5d40474afd3eac95023636f5ed35ad
Gerrit-PatchSet: 4
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Edward Haas <edwardh(a)redhat.com>
Gerrit-Reviewer: Dan Kenigsberg <danken(a)redhat.com>
Gerrit-Reviewer: Edward Haas <edwardh(a)redhat.com>
Gerrit-Reviewer: Jenkins CI
Gerrit-Reviewer: Petr Horáček <phoracek(a)redhat.com>
Gerrit-Reviewer: gerrit-hooks <automation(a)ovirt.org>