Re: [libvirt] [PATCH]: Fix qemu+tls negotiation
Daniel P. Berrange wrote:
> diff --git a/qemud/qemud.c b/qemud/qemud.c
> index e852841..fd315fc 100644
> --- a/qemud/qemud.c
> +++ b/qemud/qemud.c
> @@ -1339,6 +1339,8 @@ static int qemudDispatchServer(struct qemud_server *server,
struct qemud_socket
> /* Begin the TLS handshake. */
> ret = gnutls_handshake (client->tlssession);
> if (ret == 0) {
> + client->handshake = 0;
> +
> /* Unlikely, but ... Next step is to check the certificate. */
> if (remoteCheckAccess (client) == -1)
> goto cleanup;
This chunk is not required, because we have just VIR_ALLOC(client)
and thus its memory is guarenteed all zero.
Yeah, good point, it's not strictly necessary, but I guess harmless. Since DV
committed it already, we can clean it up later.
> @@ -1930,6 +1932,8 @@ qemudDispatchClientHandshake(struct qemud_server *server,
> /* Continue the handshake. */
> ret = gnutls_handshake (client->tlssession);
> if (ret == 0) {
> + client->handshake = 0;
> +
> /* Finished. Next step is to check the certificate. */
> if (remoteCheckAccess (client) == -1)
> qemudDispatchClientFailure(client);
This bit must have been lost in the recent refactoring i did
Right, this is the really important bit, and the one that makes it work for me.
--
Chris Lalancette