[libvirt] [PATCH] Fix reporting of cert validation failures
Jiri Denemark
jdenemar at redhat.com
Fri Jul 15 12:00:12 UTC 2011
On Fri, Jul 15, 2011 at 11:43:22 +0100, Daniel P. Berrange wrote:
> If the server succesfully validates the client cert, it will send
> back a single byte, under TLS. If it fails, it will close the
> connection. In this case, we were just reporting the standard
> I/O error. The original RPC code had a special case hack for the
> GNUTLS_E_UNEXPECTED_PACKET_LENGTH error code to make us report
> a more useful error message
>
> * src/rpc/virnetclient.c: Return ENOMSG if we get
> GNUTLS_E_UNEXPECTED_PACKET_LENGTH
> * src/rpc/virnettlscontext.c: Report cert failure if we
> see ENOMSG
> ---
> src/rpc/virnetclient.c | 2 +-
> src/rpc/virnettlscontext.c | 3 +++
> 2 files changed, 4 insertions(+), 1 deletions(-)
ACK
Jirka
More information about the libvir-list
mailing list