[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] Query regarding no_verify in uri



2010/2/26 Sharadha Prabhakar (3P) <sharadha prabhakar citrix com>:
> Hi Daniel,
> I've submitted my XenAPI driver in 2parts before sometime with all the
> changes you had suggested. The following is possibly the only one that's not
> handled.
>
>> +    curl_easy_setopt(curl, CURLOPT_POST, 1);
>> +    curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data);
>> +    curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, len);
>> +    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
>> +    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
>
>>You shouldn't disable SSL verification here. It should be on by default.
>>For consistency with other libvirt drivers, you may wish to allow your
>>xenapi:///  uri to have an optional  'no_verify=1' parameter to turn
>>off SSL verification. It should always be verifying by default though.
>
> For now I have enabled verify SSL. I'm not sure about how libvirt hands
> Over the no_verify=1 part that the user types in the URI to my driver.
> virDrvOpen only receives the URI  elements from 'conn' parameter.
> I couldn't find this information embedded in 'conn'?
> Could you explain how to get this information?
> Regards,
> Sharadha
>

See esxOpen and esxUtil_ParseQuery for an example how the ESX driver
implements this.

Matthias


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]