[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [libvirt] tls_allowed_ip_list?

From: Daniel Veillard <veillard redhat com>
To: Chris Lalancette <clalance redhat com>
Cc: Libvirt <libvir-list redhat com>
Subject: Re: [libvirt] tls_allowed_ip_list?
Date: Tue, 3 Mar 2009 09:34:55 +0100

On Tue, Mar 03, 2009 at 09:13:14AM +0100, Chris Lalancette wrote:
> All,
>      While doing testing on TLS, I came across the mention of
> "tls_allowed_ip_list" in the website documentation, here:
> 
> http://libvirt.org/remote.html#Remote_libvirtd_configuration
> 
> However, I don't see any implementation of the tls_allowed_ip_list in libvirt
> itself; a grep through the sources show that we are implementing
> "tls_allowed_dn_list", but not "tls_allowed_ip_list".  Am I missing something in
> the sources?  Should we update the libvirt.org documentation and remove that
> (seemingly non-existent) parameter?  Or should I go in and implement the
> "tls_allowed_ip_list"?

  Hum, I don't remember the history, I guess the simplest is to make a
small change to the doc along the line "(not implemented yet)" and
work on a patch. Unless we really think dn certificate checks are really
superior and ip check is not needed (I have no opinion !)

Daniel

-- 
Daniel Veillard      | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
daniel veillard com  | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library  http://libvirt.org/

Follow-Ups:
- Re: [libvirt] tls_allowed_ip_list?
  - From: Chris Lalancette

References:
- [libvirt] tls_allowed_ip_list?
  - From: Chris Lalancette

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]