[libvirt] [PATCH] remote: Fix TLS transport on Windows

Paolo Bonzini pbonzini at redhat.com
Mon Nov 22 12:33:51 UTC 2010 

On 11/20/2010 06:10 PM, Matthias Bolte wrote:
> gnulib wraps Windows' SOCKET handle based send() and recv() functions
> into file descriptor based ones that are use in libvirt. By default
> GnuTLS uses the SOCKET handle based send() and recv() on Windows. This
> makes gnutls_handshake() fail internally with a WSAENOTSOCK error because
> libvirt passes a file descriptor; GnuTLS needs the SOCKET handle.
>
> To avoid this mismatch make sure that GnuTLS uses gnulib's replacment
> functions, by setting custom pull() and push() functions for GnuTLS.
> ---
>   src/remote/remote_driver.c |   21 +++++++++++++++++++++
>   1 files changed, 21 insertions(+), 0 deletions(-)
>
> diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
> index f45476a..87977ab 100644
> --- a/src/remote/remote_driver.c
> +++ b/src/remote/remote_driver.c
> @@ -1212,6 +1212,20 @@ initialize_gnutls(void)
>
>   static int verify_certificate (virConnectPtr conn, struct private_data *priv, gnutls_session_t session);
>
> +#if HAVE_WINSOCK2_H
> +static ssize_t
> +custom_gnutls_push(void *s, const void *buf, size_t len)
> +{
> +    return send((int)(long)s, buf, len, 0);
> +}
> +
> +static ssize_t
> +custom_gnutls_pull(void *s, void *buf, size_t len)
> +{
> +    return recv((int)(long)s, buf, len, 0);
> +}
> +#endif
> +
>   static gnutls_session_t
>   negotiate_gnutls_on_connection (virConnectPtr conn,
>                                   struct private_data *priv,
> @@ -1266,6 +1280,13 @@ negotiate_gnutls_on_connection (virConnectPtr conn,
>       gnutls_transport_set_ptr (session,
>                                 (gnutls_transport_ptr_t) (long) priv->sock);
>
> +#if HAVE_WINSOCK2_H
> +    /* Make sure GnuTLS uses gnulib's replacment functions for send() and
> +     * recv() on Windows */
> +    gnutls_transport_set_push_function(session, custom_gnutls_push);
> +    gnutls_transport_set_pull_function(session, custom_gnutls_pull);
> +#endif
> +
>       /* Perform the TLS handshake. */
>    again:
>       err = gnutls_handshake (session);

Acked-By: Paolo Bonzini <pbonzini at redhat.com>

Paolo

More information about the libvir-list mailing list