Alon Bar-Lev has posted comments on this change.
Change subject: Wrap validation of fingerprint in each connect using
EngineSSHClient
......................................................................
Patch Set 10: (1 inline comment)
....................................................
File
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/utils/EngineSSHClient.java
Line 62: String expected = _vds.getSSHKeyFingerprint();
Line 63:
Line 64: if (expected == null || expected.isEmpty()) {
Line 65: _vds.setSSHKeyFingerprint(getHostFingerprint());
Line 66:
DbFacade.getInstance().getVdsStaticDao().update(_vds.getStaticData());
Can this fail? if so, we need to raise security exception as well and wrap
original exception.
Line 67: } else if (!actual.equals(expected)) {
Line 68: throw new GeneralSecurityException(
Line 69: String.format(
Line 70: "Invalid fingerprint %s, expected %s",
--
To view, visit http://gerrit.ovirt.org/16126
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: Ic01517a153406c8bafc672c20b0bf8686763a2f5
Gerrit-PatchSet: 10
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Yaniv Bronhaim <[email protected]>
Gerrit-Reviewer: Alon Bar-Lev <[email protected]>
Gerrit-Reviewer: Sahina Bose <[email protected]>
Gerrit-Reviewer: Yair Zaslavsky <[email protected]>
Gerrit-Reviewer: Yaniv Bronhaim <[email protected]>
Gerrit-Reviewer: oVirt Jenkins CI Server
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches
