[Libguestfs] [PATCH v3] v2v: -o openstack: Allow -oo insecure (RHBZ#1651432).
Pino Toscano
ptoscano at redhat.com
Tue Nov 20 11:46:29 UTC 2018
On Tuesday, 20 November 2018 11:25:10 CET Richard W.M. Jones wrote:
> Previously we allowed arbitrary flags to be passed through to the
> underlying openstack CLI command, provided they have the format
> ‘--key=value’. We want to pass the ‘--insecure’ flag through, but
> that doesn't have the key=value form. However a small modification to
> the matching rules would allow this.
>
> The effect of this change is that you can now use ‘virt-v2v -oo
> insecure’ to turn off SSL certificate validation. The default is to
> verify the server certificate (which is the default of the openstack
> command).
> ---
I'm not sure this is something we should support. This effectively
passes through every -oo to openstack, and I'm afraid people will just
(ab)use it to workaround stuff rather than reporting issues in
virt-v2v. Potentially even options that conflict/revert what virt-v2v
itself passes to the openstack client.
IMHO it is still better, and safer to explicitly allow options as
needed.
--
Pino Toscano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://listman.redhat.com/archives/libguestfs/attachments/20181120/ee50ee5a/attachment.sig>
More information about the Libguestfs
mailing list