[libvirt] [PATCH] Use per-user TLS certificates when possible
Eric Blake
eblake at redhat.com
Mon May 23 19:40:36 UTC 2011
On 05/23/2011 05:48 AM, Daniel P. Berrange wrote:
> On Fri, May 20, 2011 at 03:18:09PM -0500, Doug Goldstein wrote:
>> When using TLS authentication and operating as the non-root user,
>> initially attempt to use that specific user's TLS certificates before
>> attempting to use the system wide TLS certificates.
>>
>> Signed-off-by: Doug Goldstein <cardoe at cardoe.com>
>> ---
>> src/remote/remote_driver.c | 2 +-
>> 1 files changed, 1 insertions(+), 1 deletions(-)
>>
>> diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
>> index 8c69743..1691dab 100644
>> --- a/src/remote/remote_driver.c
>> +++ b/src/remote/remote_driver.c
>> @@ -1159,7 +1159,7 @@ initialize_gnutls(char *pkipath, int flags)
>> if ((virAsprintf(&libvirt_clientcert, "%s/%s", pkipath,
>> "clientcert.pem")) < 0)
>> goto out_of_memory;
>> - } else if (flags & VIR_DRV_OPEN_REMOTE_USER) {
>> + } else if (flags & VIR_DRV_OPEN_REMOTE_USER || getuid() > 0) {
>> userdir = virGetUserDirectory(getuid());
>>
>> if (!userdir)
>
> ACK
Pushed.
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20110523/d40ec00c/attachment-0001.sig>
More information about the libvir-list
mailing list