[node-patches] Change in ovirt-node[master]: Clear RNG bytes from /etc/profile if disable_aes_ni is set

rbarry at redhat.com rbarry at redhat.com
Fri Nov 7 17:30:40 UTC 2014


Ryan Barry has uploaded a new change for review.

Change subject: Clear RNG bytes from /etc/profile if disable_aes_ni is set
......................................................................

Clear RNG bytes from /etc/profile if disable_aes_ni is set

As the commit message. But rework the methods a little bit so we
don't need to pass unnecessary arguments all the time. Especially
when the two should conflict with each other.

Change-Id: If82692a0ce1c240d4ea0307cdab39a0961e19a52
Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1161528
Signed-off-by: Ryan Barry <rbarry at redhat.com>
---
M src/ovirt/node/utils/security.py
1 file changed, 3 insertions(+), 5 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-node refs/changes/52/34952/1

diff --git a/src/ovirt/node/utils/security.py b/src/ovirt/node/utils/security.py
index 808da43..65b23fd 100644
--- a/src/ovirt/node/utils/security.py
+++ b/src/ovirt/node/utils/security.py
@@ -111,7 +111,7 @@
     def __init__(self):
         super(Ssh, self).__init__()
 
-    def __update_profile(self, rng_num_bytes, disable_aes):
+    def __update_profile(self, rng_num_bytes=None, disable_aes=False):
         additional_lines = []
 
         utils.fs.Config().unpersist("/etc/profile")
@@ -142,18 +142,16 @@
         Returns:
             The status of aes_ni
         """
-        rng, aes = self.rng_status().values()
         if disable in [True, False]:
-            self.__update_profile(rng, disable)
+            self.__update_profile(disable_aes=disable)
         else:
             self.logger.warning("Unknown value for AES NI: %s" % disable)
         return self.rng_status()["disable_aesni"]
 
     def strong_rng(self, num_bytes=None):
-        rng, aes = self.rng_status().values()
         if (valid.Empty() | valid.Number(bounds=[0, None])).\
            validate(num_bytes):
-            self.__update_profile(num_bytes, aes)
+            self.__update_profile(num_bytes)
         elif num_bytes is None:
             pass
         else:


-- 
To view, visit http://gerrit.ovirt.org/34952
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: If82692a0ce1c240d4ea0307cdab39a0961e19a52
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-node
Gerrit-Branch: master
Gerrit-Owner: Ryan Barry <rbarry at redhat.com>



More information about the node-patches mailing list