NuKVM/libvirt
3
0
Fork 0
mirror of https://github.com/libvirt/libvirt.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

daemon: Don't initialize SASL context if not necessary

Browse Source 
SASL context would be initialized even if the corresponding TCP or TLS
sockets are not enabled.

fe772f24a6 attempted to fix the symptom by commenting out the settings,
but that did not fix the root cause. 3c647ee4bb later reverted those
changes so that the more secure algorithm is used.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1450095
This commit is contained in:
Peter Krempa
2017-05-31 09:12:09 +02:00
parent c245f55836
commit ed914284ba
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
daemon/libvirtd.c
View File

@@ -613,11 +613,11 @@ daemonSetupNetworking(virNetServerPtr srv,
#if WITH_SASL
if (config->auth_unix_rw == REMOTE_AUTH_SASL ||
config->auth_unix_ro == REMOTE_AUTH_SASL ||
(sock_path_ro && config->auth_unix_ro == REMOTE_AUTH_SASL) ||
# if WITH_GNUTLS
config->auth_tls == REMOTE_AUTH_SASL ||
(ipsock && config->listen_tls && config->auth_tls == REMOTE_AUTH_SASL) ||
# endif
config->auth_tcp == REMOTE_AUTH_SASL) {
(ipsock && config->listen_tcp && config->auth_tcp == REMOTE_AUTH_SASL)) {
saslCtxt = virNetSASLContextNewServer(
(const char *const*)config->sasl_allowed_username_list);
if (!saslCtxt)