Re: [libvirt] [PATCH 4/9] rpc: allow priority string to be passed to TLS context
On Mon, Jun 06, 2016 at 16:08:58 +0100, Daniel Berrange wrote:
Extend the virNetTLSContextNew* constructors to allow
the TLS priority string to be passed in, overriding the
compile time default.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
daemon/libvirtd.c | 2 ++
src/remote/remote_driver.c | 1 +
src/rpc/virnettlscontext.c | 27 ++++++++++++++++++++-------
src/rpc/virnettlscontext.h | 4 ++++
tests/virnettlscontexttest.c | 2 ++
tests/virnettlssessiontest.c | 2 ++
6 files changed, 31 insertions(+), 7 deletions(-)
[...]
@@ -1204,10 +1215,12 @@ virNetTLSSessionPtr virNetTLSSessionNew(virNetTLSContextPtr
ctxt,
/* avoid calling all the priority functions, since the defaults
* are adequate.
*/
- if ((err = gnutls_priority_set_direct(sess->session, TLS_PRIORITY, NULL)) != 0)
{
+ if ((err = gnutls_priority_set_direct(sess->session,
+ ctxt->priority ? : TLS_PRIORITY,
Ternary with the second argument missing is a GNU extension.
+ NULL)) != 0) {
virReportError(VIR_ERR_SYSTEM_ERROR,
_("Failed to set TLS session priority to %s: %s"),
- TLS_PRIORITY, gnutls_strerror(err));
+ ctxt->priority ? : TLS_PRIORITY, gnutls_strerror(err));
... same here.
goto error;
}
ACK