[libvirt] [PATCH 2/3] Allow certificate sanity checking to be disabled
Eric Blake
eblake at redhat.com
Thu Jul 21 22:40:41 UTC 2011
On 07/21/2011 06:30 AM, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange"<berrange at redhat.com>
>
> When libvirtd starts it it will sanity check its own certs,
> and before libvirt clients connect to a remote server they
> will sanity check their own certs. This patch allows such
> sanity checking to be skipped. There is no strong reason to
> need todo this, other than to bypass possible libvirt bugs
s/todo/to do/
> in sanity checking, or for testing purposes.
>
> libvirt.conf gains tls_no_sanity_certificate parameter to
> go along with tls_no_verify_certificate. The remote driver
> client URIs gain a no_sanity URI parameter
Makes sense.
> +++ b/src/remote/remote_driver.c
> @@ -342,7 +342,7 @@ doRemoteOpen (virConnectPtr conn,
> */
> char *name = NULL, *command = NULL, *sockname = NULL, *netcat = NULL;
> char *port = NULL, *authtype = NULL, *username = NULL;
> - int no_verify = 0, no_tty = 0;
> + bool no_sanity = false, no_verify = false, no_tty = false;
Double negatives. Yuck. Can we instead go with:
bool sanity = true, ...
> char *pkipath = NULL;
>
> /* Return code from this function, and the private data. */
> @@ -416,11 +416,14 @@ doRemoteOpen (virConnectPtr conn,
> netcat = strdup (var->value);
> if (!netcat) goto out_of_memory;
> var->ignore = 1;
> + } else if (STRCASEEQ (var->name, "no_sanity")) {
> + no_sanity = atoi (var->value) != 0;
> + var->ignore = 1;
sanity = atoi(var->value) == 0; ...
> @@ -500,7 +503,7 @@ doRemoteOpen (virConnectPtr conn,
> case trans_tls:
> priv->tls = virNetTLSContextNewClientPath(pkipath,
> geteuid() != 0 ? true : false,
> - no_verify ? false : true);
> + no_sanity, no_verify);
..., !sanity, !verify)
Oops - logic bug. Here, you passed no_sanity (true to skip sanity
checking)...
> @@ -851,6 +852,7 @@ out_of_memory:
> static virNetTLSContextPtr virNetTLSContextNewPath(const char *pkipath,
> bool tryUserPkiPath,
> const char *const*x509dnWhitelist,
> + bool sanityCheckCert,
but here, you accept sanityCheckCert (true to perform sanity checking).
See why I hate double negatives?
> @@ -1048,10 +1055,12 @@ int virNetTLSContextCheckCertificate(virNetTLSContextPtr ctxt,
> {
> if (virNetTLSContextValidCertificate(ctxt, sess)< 0) {
> if (ctxt->requireValidCert) {
> - virNetError(VIR_ERR_AUTH_FAILED, "%s",
> - _("Failed to verify peer's certificate"));
> + if (0)
> + virNetError(VIR_ERR_AUTH_FAILED, "%s",
> + _("Failed to verify peer's certificate"));
Debugging hunk? Why are we leaving if(0) in?
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
More information about the libvir-list
mailing list