On Wed, 24 Oct 2018, 20:34 Anastasiya Ruzhanskaya, < [email protected]> wrote:
> My proxy is based on mitmproxy, > this is http/s proxy... so I want to analyze messages coming from client to ovirt-engine or from > engine to node and based on the content permit the actions or not. I know > that there is access control inside oVirt, but I need to implement the > similar thing by myself using proxy. From ovirt-engine to vdsm it is > trickier as there I have no users and session ids to identify the actor, I > can determine only actions. > > But anyway, I can decipher normal rpc ( for virt-manager), got familiar > with gwt -rpc ( client-engine) and now trying to understand what is > happening with xml rpc. > but engine and vdsm are using jsonrpc over stomp, which is similar to http, but not the same. > ср, 24 окт. 2018 г. в 21:41, Nir Soffer <[email protected]>: > >> >> >> On Wed, 24 Oct 2018, 18:51 Anastasiya Ruzhanskaya, < >> [email protected]> wrote: >> >>> I need this for my proxy, >>> >> >> What is your proxy? >> >> I need to do this analysis "online", not just by analyzing the logs after >>> the action happened. >>> >>> ср, 24 окт. 2018 г. в 19:00, Nir Soffer <[email protected]>: >>> >>>> >>>> On Wed, 24 Oct 2018, 13:16 Anastasiya Ruzhanskaya, < >>>> [email protected]> wrote: >>>> >>>>> Hello! >>>>> I was successful in deciphering the traffic between the client and >>>>> ovirt-engine, >>>>> >>>> >>>> Why do you need to do this? it is easier to add logging to vdsm of you >>>> want to see more info about the messages. >>>> >>>> Anyway Piotr may help. >>>> >>>> Nir >>>> >>>> actually, only by dumping the premaster key from the browser, which was >>>>> generated during the session and providing it to wireshark. >>>>> >>>>> How it can be done for ovirt-engine and vdsm communication? Should the >>>>> engine private key be provided? Actually to my surprise I don't see any >>>>> ssl >>>>> communication between engine and node when for example turn on the virtual >>>>> machine, only tcp packets. But this page >>>>> https://ovirt.org/develop/release-management/features/infra/pki/ >>>>> states that there should be one. And also should I look for any xml rpc >>>>> dissector? I know that for example virt-manager uses rpc protocol, I found >>>>> a dissector for that case, but seems I need another one here. >>>>> _______________________________________________ >>>>> Devel mailing list -- [email protected] >>>>> To unsubscribe send an email to [email protected] >>>>> Privacy Statement: https://www.ovirt.org/site/privacy-policy/ >>>>> oVirt Code of Conduct: >>>>> https://www.ovirt.org/community/about/community-guidelines/ >>>>> List Archives: >>>>> https://lists.ovirt.org/archives/list/[email protected]/message/HJOBKO5MOF56NFEXX6Z2T7RBTFX6OACP/ >>>>> >>>>
_______________________________________________ Devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/[email protected]/message/SM26ZQP5ZDDVOZDUNUAKFFYVR7G2OPIM/
