From Dan Kenigsberg <danken(a)redhat.com>:
Dan Kenigsberg has posted comments on this change.
Change subject: ssl: enable tlsv1.2 support
......................................................................
Patch Set 30:
(1 comment)
https://gerrit.ovirt.org/#/c/72284/30/lib/vdsm/sslutils.py
File lib/vdsm/sslutils.py:
Line 272: protocols = []
Line 273:
Line 274: for no_protocol in config.get('vars',
'ssl_protocol').split(','):
Line 275: if no_protocol != '':
Line 276: protocols.append(getattr(ssl, no_protocol.strip()))
PROTOCOL_TLS is not available on all platforms we use that is why we
decide
PROTOCOL_TLS and PROTOCOL_SSLv23 are two differnt names for the same value
(2). I believe that we don't want SSLContext with anything other that protocol=2. But
maybe I'm missing something
Line 277:
--
To view, visit
https://gerrit.ovirt.org/72284
To unsubscribe, visit
https://gerrit.ovirt.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: I8cc83d8cc08349a0ca47ed7d021bb3fc6d1408a6
Gerrit-PatchSet: 30
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Piotr Kliczewski <piotr.kliczewski(a)gmail.com>
Gerrit-Reviewer: Dan Kenigsberg <danken(a)redhat.com>
Gerrit-Reviewer: Francesco Romani <fromani(a)redhat.com>
Gerrit-Reviewer: Irit Goihman <igoihman(a)redhat.com>
Gerrit-Reviewer: Jenkins CI
Gerrit-Reviewer: Martin Peřina <mperina(a)redhat.com>
Gerrit-Reviewer: Michal Skrivanek <michal.skrivanek(a)redhat.com>
Gerrit-Reviewer: Nir Soffer <nsoffer(a)redhat.com>
Gerrit-Reviewer: Piotr Kliczewski <piotr.kliczewski(a)gmail.com>
Gerrit-Reviewer: Yaniv Bronhaim <ybronhei(a)redhat.com>
Gerrit-Reviewer: gerrit-hooks <automation(a)ovirt.org>
Gerrit-HasComments: Yes