[libvirt] [PATCH v5 1/9] conf: Add new default TLS X.509 certificate default directory
Daniel P. Berrange
berrange at redhat.com
Fri Aug 5 08:17:08 UTC 2016
On Thu, Aug 04, 2016 at 11:21:19AM -0400, John Ferlan wrote:
> Rather than specify perhaps multiple TLS X.509 certificate directories,
> let's create a "default" directory which can then be used if the service
> (e.g. for now vnc and spice) does not supply a default directory.
>
> Since the default for vnc and spice may have existed before without being
> supplied, the default check will first check if the service specific path
> exists and if so, set the cfg entry to that; otherwise, the default will
> be set to the (now) new defaultTLSx509certdir.
>
> Additionally add a "default_tls_x509_verify" entry which can also be used
> to force the peer verification option (for vnc it's a x509verify option).
> Add/alter the macro for the option being found in the config file to accept
> the default value.
>
> Signed-off-by: John Ferlan <jferlan at redhat.com>
> ---
> src/qemu/libvirtd_qemu.aug | 6 ++++-
> src/qemu/qemu.conf | 55 +++++++++++++++++++++++++-------------
> src/qemu/qemu_conf.c | 48 ++++++++++++++++++++++++++++-----
> src/qemu/qemu_conf.h | 3 +++
> src/qemu/test_libvirtd_qemu.aug.in | 2 ++
> 5 files changed, 88 insertions(+), 26 deletions(-)
ACK
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list