Michael DeHaan wrote: > Justin Sherrill wrote: > >> Hi All, >> >> Currently when you specify a port for koan it: >> >> 1. Tries port 80, if that fails: >> >> > > Yes, specifically it tries http://$server:80/cobbler_api_rw first, which > is the Apache proxied endpoint. > > If that fails, the usage of port is for a direct connection, not using > Apache proxying. > > (Also, if --server=DISCOVER is set it will try looking through Avahi > before doing either) > > > >> 2. Tries the port you specified. >> >> > > > > >> I'm changing it such that it will: >> >> 1. Try the port you specify, if that fails: >> 2. Tries port 80. >> >> >> Also, I'm adding support for SSL. Would koan users prefer: >> >> a. A '--ssl' option that tries on SSL if specified >> >> > > I am not sure there is a good reason at all to let koan use SSL. All of > the data koan retrieves is available over non-secured protocols (TFTP > for starters, and HTTP) so there is nothing to hide. I think trying the > specified port first makes sense. > For spacewalk integration this is a requirement IMHO. Spacewalk/satellite as it is today allows provisioning over pure SSL which is a requirement for many of our customers. I've heard many hair-brained network security schemes from customers that require this (not provisioning specifically, but just their traffic in general).
If you look at what just koan is doing, i agree there isn't any reason for it to be encrypted. If you look what koan could be a part of then there is benefit of having the entire process be encrypted. -Justin > >> b. if 443 is passed in try on 443 with SSL, if that fails try on port >> 80 w/o SSL >> >> >> > How about if the XMLRPC port connection fails because the port is > encrypted (with an appropriate exception which I suspect the XMLRPC > module should raise), trying to treat the port as an SSL connection? > > --Michael > > >> -Justin >> _______________________________________________ >> cobbler mailing list >> [EMAIL PROTECTED] >> https://fedorahosted.org/mailman/listinfo/cobbler >> >> > > _______________________________________________ > cobbler mailing list > [EMAIL PROTECTED] > https://fedorahosted.org/mailman/listinfo/cobbler > _______________________________________________ Spacewalk-devel mailing list Spacewalk-devel@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-devel
