Re: [libvirt] tls_allowed_ip_list?
On Tue, Mar 03, 2009 at 09:13:14AM +0100, Chris Lalancette wrote:
All,
While doing testing on TLS, I came across the mention of
"tls_allowed_ip_list" in the website documentation, here:
http://libvirt.org/remote.html#Remote_libvirtd_configuration
However, I don't see any implementation of the tls_allowed_ip_list in libvirt
itself; a grep through the sources show that we are implementing
"tls_allowed_dn_list", but not "tls_allowed_ip_list". Am I missing
something in
the sources? Should we update the libvirt.org documentation and remove that
(seemingly non-existent) parameter? Or should I go in and implement the
"tls_allowed_ip_list"?
Hum, I don't remember the history, I guess the simplest is to make a
small change to the doc along the line "(not implemented yet)" and
work on a patch. Unless we really think dn certificate checks are really
superior and ip check is not needed (I have no opinion !)
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel(a)veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/