My proxy is based on mitmproxy, so I want to analyze messages coming from client to ovirt-engine or from engine to node and based on the content permit the actions or not. I know that there is access control inside oVirt, but I need to implement the similar thing by myself using proxy. >From ovirt-engine to vdsm it is trickier as there I have no users and session ids to identify the actor, I can determine only actions.
But anyway, I can decipher normal rpc ( for virt-manager), got familiar with gwt -rpc ( client-engine) and now trying to understand what is happening with xml rpc. ср, 24 окт. 2018 г. в 21:41, Nir Soffer <[email protected]>: > > > On Wed, 24 Oct 2018, 18:51 Anastasiya Ruzhanskaya, < > [email protected]> wrote: > >> I need this for my proxy, >> > > What is your proxy? > > I need to do this analysis "online", not just by analyzing the logs after >> the action happened. >> >> ср, 24 окт. 2018 г. в 19:00, Nir Soffer <[email protected]>: >> >>> >>> On Wed, 24 Oct 2018, 13:16 Anastasiya Ruzhanskaya, < >>> [email protected]> wrote: >>> >>>> Hello! >>>> I was successful in deciphering the traffic between the client and >>>> ovirt-engine, >>>> >>> >>> Why do you need to do this? it is easier to add logging to vdsm of you >>> want to see more info about the messages. >>> >>> Anyway Piotr may help. >>> >>> Nir >>> >>> actually, only by dumping the premaster key from the browser, which was >>>> generated during the session and providing it to wireshark. >>>> >>>> How it can be done for ovirt-engine and vdsm communication? Should the >>>> engine private key be provided? Actually to my surprise I don't see any ssl >>>> communication between engine and node when for example turn on the virtual >>>> machine, only tcp packets. But this page >>>> https://ovirt.org/develop/release-management/features/infra/pki/ >>>> states that there should be one. And also should I look for any xml rpc >>>> dissector? I know that for example virt-manager uses rpc protocol, I found >>>> a dissector for that case, but seems I need another one here. >>>> _______________________________________________ >>>> Devel mailing list -- [email protected] >>>> To unsubscribe send an email to [email protected] >>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/ >>>> oVirt Code of Conduct: >>>> https://www.ovirt.org/community/about/community-guidelines/ >>>> List Archives: >>>> https://lists.ovirt.org/archives/list/[email protected]/message/HJOBKO5MOF56NFEXX6Z2T7RBTFX6OACP/ >>>> >>>
_______________________________________________ Devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/[email protected]/message/6TIOVCTQSS3ZIPPKB42NEFTEBBG3R4QK/
