pxcloud/virt-viewer
5
0
Fork 0
mirror of https://gitlab.uni-freiburg.de/opensourcevdi/virt-viewer synced 2026-01-07 19:57:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ovirt: Don't automatically download CA certificate

Browse Source 
The CA certificate to use to authenticate the various hosts in
an oVirt instance can be fetched from https://ovirt.example.com/ca.crt.
However, the gio API we are using does not seem to be checking the
server-side certificate of ovirt.example.com before connecting to it,
which could lead to man-in-the-middle attacks. Now that the CA
certificate to use can be specified from the command line using
--ovirt-ca-file, we can remove this automatic fetching of the CA
certificate.
This commit is contained in:
Christophe Fergeau 2013-09-17 14:30:32 +02:00
parent 9eb3747f1f
commit daa499f27e
1 changed files with 0 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/remote-viewer.c
View File

@ -743,12 +743,6 @@ create_ovirt_session(VirtViewerApp *app, const char *uri)
g_signal_connect(G_OBJECT(proxy), "authenticate",
G_CALLBACK(authenticate_cb), app);
ovirt_proxy_fetch_ca_certificate(proxy, &error);
if (error != NULL) {
g_debug("failed to get CA certificate: %s", error->message);
goto error;
}
api = ovirt_proxy_fetch_api(proxy, &error);
if (error != NULL) {
g_debug("failed to get oVirt 'api' collection: %s", error->message);