[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH] Use per-user TLS certificates when possible



On 05/23/2011 05:48 AM, Daniel P. Berrange wrote:
> On Fri, May 20, 2011 at 03:18:09PM -0500, Doug Goldstein wrote:
>> When using TLS authentication and operating as the non-root user,
>> initially attempt to use that specific user's TLS certificates before
>> attempting to use the system wide TLS certificates.
>>
>> Signed-off-by: Doug Goldstein <cardoe cardoe com>
>> ---
>>  src/remote/remote_driver.c |    2 +-
>>  1 files changed, 1 insertions(+), 1 deletions(-)
>>
>> diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
>> index 8c69743..1691dab 100644
>> --- a/src/remote/remote_driver.c
>> +++ b/src/remote/remote_driver.c
>> @@ -1159,7 +1159,7 @@ initialize_gnutls(char *pkipath, int flags)
>>          if ((virAsprintf(&libvirt_clientcert, "%s/%s", pkipath,
>>                          "clientcert.pem")) < 0)
>>               goto out_of_memory;
>> -    } else if (flags & VIR_DRV_OPEN_REMOTE_USER) {
>> +    } else if (flags & VIR_DRV_OPEN_REMOTE_USER || getuid() > 0) {
>>          userdir = virGetUserDirectory(getuid());
>>
>>          if (!userdir)
> 
> ACK

Pushed.

-- 
Eric Blake   eblake redhat com    +1-801-349-2682
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]