Re: [libvirt] [PATCH rust 4/5] switch to the last ubuntu lts bionic
On Fri, Jul 05, 2019 at 12:46:44PM +0200, Sahid Orentino Ferdjaoui wrote:
On Fri, Jul 05, 2019 at 09:55:37AM +0100, Daniel P. Berrangé wrote:
> On Thu, Jul 04, 2019 at 12:15:28PM +0200, Sahid Orentino Ferdjaoui wrote:
> > Not sure what the problem is by using 'scram-sha-1' with ubuntu:
> >
> > cannot list SASL mechanisms -4 (SASL(-4): no mechanism available:
> > Internal Error -4 in ../../lib/server.c near line 1762)
>
> For some strange reason Debian decided to put the scram plugin
> in the libsasl2-modules-gssapi-mit package so i expect you're
> missing that in the test env.
I tried but that does not work either. Also with
libsasl2-modules-gssapi-heimda.
> > So we currently switch the mech to digest-md5. Seems that libvirt-go
> > is doing same.
>
> That's a historical accident, not good practice !
I reported the issue in ubuntu [0] and it looks like it's actually
libvirt which does not support it without TLS.
Oh yes, I missed that you're not using TLS here. the scram-sha-1
auth requires an external encryption layer, while digest-md5
includes (broken) encryption.
So I imagine digest-md5 is fine for the purpose of testing.
It is horribly insecure, but yes it is fine for testing.
So for this patch
Reviewed-by: Daniel P. Berrangé <berrange(a)redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|