Justin Sherrill wrote: > Justin Sherrill wrote: > >> Michael DeHaan wrote: >> >> >>> Justin Sherrill wrote: >>> >>> >>> >>>> Hi All, >>>> >>>> Currently when you specify a port for koan it: >>>> >>>> 1. Tries port 80, if that fails: >>>> >>>> >>>> >>>> >>> Yes, specifically it tries http://$server:80/cobbler_api_rw first, which >>> is the Apache proxied endpoint. >>> >>> If that fails, the usage of port is for a direct connection, not using >>> Apache proxying. >>> >>> (Also, if --server=DISCOVER is set it will try looking through Avahi >>> before doing either) >>> >>> >>> >>> >>> >>>> 2. Tries the port you specified. >>>> >>>> >>>> >>>> >>> >>> >>> >>>> I'm changing it such that it will: >>>> >>>> 1. Try the port you specify, if that fails: >>>> 2. Tries port 80. >>>> >>>> >>>> Also, I'm adding support for SSL. Would koan users prefer: >>>> >>>> a. A '--ssl' option that tries on SSL if specified >>>> >>>> >>>> >>>> >>> I am not sure there is a good reason at all to let koan use SSL. All of >>> the data koan retrieves is available over non-secured protocols (TFTP >>> for starters, and HTTP) so there is nothing to hide. I think trying the >>> specified port first makes sense. >>> >>> >>> >> For spacewalk integration this is a requirement IMHO. >> Spacewalk/satellite as it is today allows provisioning over pure SSL >> which is a requirement for many of our customers. I've heard many >> hair-brained network security schemes from customers that require this >> (not provisioning specifically, but just their traffic in general). >> >> If you look at what just koan is doing, i agree there isn't any reason >> for it to be encrypted. If you look what koan could be a part of then >> there is benefit of having the entire process be encrypted. >> >> -Justin >> >> >> >>> >>> >>> >>>> b. if 443 is passed in try on 443 with SSL, if that fails try on port >>>> 80 w/o SSL >>>> >>>> >>>> >>>> >>>> >>> How about if the XMLRPC port connection fails because the port is >>> encrypted (with an appropriate exception which I suspect the XMLRPC >>> module should raise), trying to treat the port as an SSL connection? >>> >>> > The exception that gets thrown is an ExpatError (error parsing the > xml). Not sure if this is a great indication or not... > -Justin > > It would be reasonable to retry from there, I'd think...
--Michael >>> --Michael >>> >>> >>> >>> >>>> -Justin >>>> _______________________________________________ >>>> cobbler mailing list >>>> [email protected] >>>> https://fedorahosted.org/mailman/listinfo/cobbler >>>> >>>> >>>> >>>> >>> _______________________________________________ >>> cobbler mailing list >>> [email protected] >>> https://fedorahosted.org/mailman/listinfo/cobbler >>> >>> >>> >> _______________________________________________ >> Spacewalk-devel mailing list >> [EMAIL PROTECTED] >> https://www.redhat.com/mailman/listinfo/spacewalk-devel >> >> > > _______________________________________________ > cobbler mailing list > [email protected] > https://fedorahosted.org/mailman/listinfo/cobbler > _______________________________________________ cobbler mailing list [email protected] https://fedorahosted.org/mailman/listinfo/cobbler
