[Libvir] Remote patch, 2007-02-26
Richard W.M. Jones
rjones at redhat.com
Mon Feb 26 20:05:18 UTC 2007
I was really hoping to have a patch which could be applied out today.
This isn't quite that patch, so my apologies. Nevertheless, this
demonstrates what can be done, and works on a selection of the important
libvirt API calls.
http://www.annexia.org/tmp/libvirt-tls-20070226.patch
List of things that need to be done:
* Audit incoming IP addresses / virConnectOpen names to syslog.
* GnuTLS handshake DoS fix (see danpb's email).
* GnuTLS client crashing bug (I have a fix, just needs to be applied).
* Complete the wrappers for the remaining API calls.
* Testing(!)
Apart from that list above, I'm hoping that this patch addresses
everything that people have raised on list and privately about previous
patches. If I've missed anything, let me know.
Rich.
----------------------------------------- "screenshot" ---
rjones at oirase:~/d/libvirt-remote$ src/virsh -c test://localhost/default
nodeinfo
proceeding with name = test:///default
loading CA file demoCA/cacert.pem
loading client cert and key from files 127001cert.pem and 127001key.pem
CPU model: i686
CPU(s): 16
CPU frequency: 1400 MHz
CPU socket(s): 2
Core(s) per socket: 2
Thread(s) per core: 2
NUMA cell(s): 2
Memory size: 3145728 kB
rjones at oirase:~/d/libvirt-remote$ src/virsh -c test://localhost/default
create tests/xmconfigdata/test-fullvirt-new-cdrom.xml
proceeding with name = test:///default
loading CA file demoCA/cacert.pem
loading client cert and key from files 127001cert.pem and 127001key.pem
Domain XenGuest2 created from tests/xmconfigdata/test-fullvirt-new-cdrom.xml
rjones at oirase:~/d/libvirt-remote$ src/libvirtd -d
libvir: error : failed to open /home/rjones/local/etc/libvirtd.conf for
reading
libvirtd: loading CA cert from demoCA/cacert.pem
libvirtd: loading cert and key from servercert.pem and serverkey.pem
libvirtd: TLS service listening on port 16514
libvirtd: Unix service listening on socket
/home/rjones/local/var/run/libvirtd/socket
libvirtd: create_mapping: xprt = 0x647680
libvirtd: lookup_connection: xprt = 0x647680
libvirtd: set_connection: xprt = 0x647680
libvirtd: lookup_connection: xprt = 0x647680
libvirtd: lookup_connection: xprt = 0x647680
libvirtd: set_connection: xprt = 0x647680
libvirtd: destroy_mapping: xprt = 0x647680
libvirtd: create_mapping: xprt = 0x647b20
libvirtd: lookup_connection: xprt = 0x647b20
libvirtd: set_connection: xprt = 0x647b20
libvirtd: lookup_connection: xprt = 0x647b20
libvirtd: lookup_connection: xprt = 0x647b20
libvirtd: set_connection: xprt = 0x647b20
libvirtd: destroy_mapping: xprt = 0x647b20
--
Emerging Technologies, Red Hat http://et.redhat.com/~rjones/
64 Baker Street, London, W1U 7DF Mobile: +44 7866 314 421
"[Negative numbers] darken the very whole doctrines of the equations
and make dark of the things which are in their nature excessively
obvious and simple" (Francis Maseres FRS, mathematician, 1759)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3237 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20070226/100ab62c/attachment-0001.bin>
More information about the libvir-list
mailing list