[libvirt] [PATCH 4/9] rpc: allow priority string to be passed to TLS context
Peter Krempa
pkrempa at redhat.com
Wed Jun 8 11:13:45 UTC 2016
On Mon, Jun 06, 2016 at 16:08:58 +0100, Daniel Berrange wrote:
> Extend the virNetTLSContextNew* constructors to allow
> the TLS priority string to be passed in, overriding the
> compile time default.
>
> Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
> ---
> daemon/libvirtd.c | 2 ++
> src/remote/remote_driver.c | 1 +
> src/rpc/virnettlscontext.c | 27 ++++++++++++++++++++-------
> src/rpc/virnettlscontext.h | 4 ++++
> tests/virnettlscontexttest.c | 2 ++
> tests/virnettlssessiontest.c | 2 ++
> 6 files changed, 31 insertions(+), 7 deletions(-)
[...]
>
> @@ -1204,10 +1215,12 @@ virNetTLSSessionPtr virNetTLSSessionNew(virNetTLSContextPtr ctxt,
> /* avoid calling all the priority functions, since the defaults
> * are adequate.
> */
> - if ((err = gnutls_priority_set_direct(sess->session, TLS_PRIORITY, NULL)) != 0) {
> + if ((err = gnutls_priority_set_direct(sess->session,
> + ctxt->priority ? : TLS_PRIORITY,
Ternary with the second argument missing is a GNU extension.
> + NULL)) != 0) {
> virReportError(VIR_ERR_SYSTEM_ERROR,
> _("Failed to set TLS session priority to %s: %s"),
> - TLS_PRIORITY, gnutls_strerror(err));
> + ctxt->priority ? : TLS_PRIORITY, gnutls_strerror(err));
... same here.
> goto error;
> }
>
ACK
More information about the libvir-list
mailing list