[libvirt] [PATCH rust 4/5] switch to the last ubuntu lts bionic
Daniel P. Berrangé
berrange at redhat.com
Fri Jul 5 10:49:42 UTC 2019
On Fri, Jul 05, 2019 at 12:46:44PM +0200, Sahid Orentino Ferdjaoui wrote:
> On Fri, Jul 05, 2019 at 09:55:37AM +0100, Daniel P. Berrangé wrote:
> > On Thu, Jul 04, 2019 at 12:15:28PM +0200, Sahid Orentino Ferdjaoui wrote:
> > > Not sure what the problem is by using 'scram-sha-1' with ubuntu:
> > >
> > > cannot list SASL mechanisms -4 (SASL(-4): no mechanism available:
> > > Internal Error -4 in ../../lib/server.c near line 1762)
> >
> > For some strange reason Debian decided to put the scram plugin
> > in the libsasl2-modules-gssapi-mit package so i expect you're
> > missing that in the test env.
>
> I tried but that does not work either. Also with
> libsasl2-modules-gssapi-heimda.
>
> > > So we currently switch the mech to digest-md5. Seems that libvirt-go
> > > is doing same.
> >
> > That's a historical accident, not good practice !
>
> I reported the issue in ubuntu [0] and it looks like it's actually
> libvirt which does not support it without TLS.
Oh yes, I missed that you're not using TLS here. the scram-sha-1
auth requires an external encryption layer, while digest-md5
includes (broken) encryption.
> So I imagine digest-md5 is fine for the purpose of testing.
It is horribly insecure, but yes it is fine for testing.
So for this patch
Reviewed-by: Daniel P. Berrangé <berrange at redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
More information about the libvir-list
mailing list