On Mon, Jun 06, 2016 at 16:08:58 +0100, Daniel Berrange wrote:
Extend the virNetTLSContextNew* constructors to allow the TLS priority string to be passed in, overriding the compile time default.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com> --- daemon/libvirtd.c | 2 ++ src/remote/remote_driver.c | 1 + src/rpc/virnettlscontext.c | 27 ++++++++++++++++++++------- src/rpc/virnettlscontext.h | 4 ++++ tests/virnettlscontexttest.c | 2 ++ tests/virnettlssessiontest.c | 2 ++ 6 files changed, 31 insertions(+), 7 deletions(-)
[...]
@@ -1204,10 +1215,12 @@ virNetTLSSessionPtr virNetTLSSessionNew(virNetTLSContextPtr ctxt, /* avoid calling all the priority functions, since the defaults * are adequate. */ - if ((err = gnutls_priority_set_direct(sess->session, TLS_PRIORITY, NULL)) != 0) { + if ((err = gnutls_priority_set_direct(sess->session, + ctxt->priority ? : TLS_PRIORITY,
Ternary with the second argument missing is a GNU extension.
+ NULL)) != 0) { virReportError(VIR_ERR_SYSTEM_ERROR, _("Failed to set TLS session priority to %s: %s"), - TLS_PRIORITY, gnutls_strerror(err)); + ctxt->priority ? : TLS_PRIORITY, gnutls_strerror(err));
... same here.
goto error; }
ACK