[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH] Fix reporting of cert validation failures



On Fri, Jul 15, 2011 at 11:43:22 +0100, Daniel P. Berrange wrote:
> If the server succesfully validates the client cert, it will send
> back a single byte, under TLS. If it fails, it will close the
> connection. In this case, we were just reporting the standard
> I/O error. The original RPC code had a special case hack for the
> GNUTLS_E_UNEXPECTED_PACKET_LENGTH error code to make us report
> a more useful error message
> 
> * src/rpc/virnetclient.c: Return ENOMSG if we get
>   GNUTLS_E_UNEXPECTED_PACKET_LENGTH
> * src/rpc/virnettlscontext.c: Report cert failure if we
>   see ENOMSG
> ---
>  src/rpc/virnetclient.c     |    2 +-
>  src/rpc/virnettlscontext.c |    3 +++
>  2 files changed, 4 insertions(+), 1 deletions(-)

ACK

Jirka


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]