[libvirt] [PATCH 2/3] Make SASL work over UNIX domain sockets
The addrToString methods were not coping with UNIX domain sockets
which have no normal host+port address. Hardcode special handling
for these so that SASL routines can work over UNIX sockets. Also
fix up SSF logic in remote client so that it presumes that a UNIX
socket is secure
* daemon/remote.c: Fix addrToString for UNIX sockets.
* src/remote/remote_driver.c: Fix addrToString for UNIX sockets
and fix SSF logic to work for TLS + UNIX sockets in the same
manner
---
daemon/remote.c | 8 ++++++++
src/remote/remote_driver.c | 22 +++++++++++++++-------
2 files changed, 23 insertions(+), 7 deletions(-)
diff --git a/daemon/remote.c b/daemon/remote.c
index 3db9790..6b67678 100644
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -3263,6 +3263,14 @@ static char *addrToString(remote_error *rerr,
int err;
struct sockaddr *sa = (struct sockaddr *)ss;
+ if (sa->sa_family == AF_UNIX) {
+ if (!(addr = strdup("127.0.0.1;0"))) {
+ virReportOOMError();
+ return NULL;
+ }
+ return addr;
+ }
+
if ((err = getnameinfo(sa, salen,
host, sizeof(host),
port, sizeof(port),
diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
index a945710..acba01e 100644
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
@@ -6676,6 +6676,14 @@ static char *addrToString(struct sockaddr_storage *ss, socklen_t
salen)
int err;
struct sockaddr *sa = (struct sockaddr *)ss;
+ if (sa->sa_family == AF_UNIX) {
+ if (!(addr = strdup("127.0.0.1;0"))) {
+ virReportOOMError();
+ return NULL;
+ }
+ return addr;
+ }
+
if ((err = getnameinfo(sa, salen,
host, sizeof(host),
port, sizeof(port),
@@ -6977,12 +6985,12 @@ remoteAuthSASL (virConnectPtr conn, struct private_data *priv, int
in_open,
}
memset (&secprops, 0, sizeof secprops);
- /* If we've got TLS, we don't care about SSF */
- secprops.min_ssf = priv->uses_tls ? 0 : 56; /* Equiv to DES supported by all
Kerberos */
- secprops.max_ssf = priv->uses_tls ? 0 : 100000; /* Very strong ! AES == 256 */
+ /* If we've got a secure channel (TLS or UNIX sock), we don't care about SSF
*/
+ secprops.min_ssf = priv->is_secure ? 0 : 56; /* Equiv to DES supported by all
Kerberos */
+ secprops.max_ssf = priv->is_secure ? 0 : 100000; /* Very strong ! AES == 256 */
secprops.maxbufsize = 100000;
- /* If we're not TLS, then forbid any anonymous or trivially crackable auth */
- secprops.security_flags = priv->uses_tls ? 0 :
+ /* If we're not secure, then forbid any anonymous or trivially crackable auth */
+ secprops.security_flags = priv->is_secure ? 0 :
SASL_SEC_NOANONYMOUS | SASL_SEC_NOPLAINTEXT;
err = sasl_setprop(saslconn, SASL_SEC_PROPS, &secprops);
@@ -7164,8 +7172,8 @@ remoteAuthSASL (virConnectPtr conn, struct private_data *priv, int
in_open,
}
}
- /* Check for suitable SSF if non-TLS */
- if (!priv->uses_tls) {
+ /* Check for suitable SSF if not already secure (TLS or UNIX sock) */
+ if (!priv->is_secure) {
err = sasl_getprop(saslconn, SASL_SSF, &val);
if (err != SASL_OK) {
remoteError(VIR_ERR_AUTH_FAILED,
--
1.7.2.2