On 06/22/2011 09:33 AM, Daniel P. Berrange wrote:
This extends the basic virNetSocket APIs to allow them to have a handle to the TLS/SASL session objects, once established. This ensures that any data reads/writes are automagically passed through the TLS/SASL encryption layers if required.
* src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: Wire up SASL/TLS encryption --- src/rpc/virnetsocket.c | 274 +++++++++++++++++++++++++++++++++++++++++++++++- src/rpc/virnetsocket.h | 11 ++ 2 files changed, 282 insertions(+), 3 deletions(-)
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c index eedced0..3a4b0db 100644 --- a/src/rpc/virnetsocket.c +++ b/src/rpc/virnetsocket.c @@ -27,6 +27,9 @@ #include <sys/socket.h> #include <unistd.h> #include <sys/wait.h> +#ifdef HAVE_NETINET_TCP_H +# include <netinet/tcp.h> +#endif
#ifdef HAVE_NETINET_TCP_H # include <netinet/tcp.h>
Duplicate header inclusion.
+static ssize_t virNetSocketWriteSASL(virNetSocketPtr sock, const char *buf, size_t len) +{ + int ret; + size_t tosend = virNetSASLSessionGetMaxBufSize(sock->saslSession); + + /* SASL doesn't neccessarily let us send the whole
s/neccessarily/necessarily/ ACK with nits fixed. -- Eric Blake eblake@redhat.com +1-801-349-2682 Libvirt virtualization library http://libvirt.org