[libvirt] [PATCH] remote: Switch to TLS when connecting to remote socket
If users wants to connect to remote unix socket, e.g. 'qemu+unix://<remote>/system' currently the <remote> part is ignored, ending up connecting to localhost. This patch solves this issue by creating TLS connection. --- src/remote/remote_driver.c | 11 ++++++++--- 1 files changed, 8 insertions(+), 3 deletions(-) diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index e5bfa4b..630c8ea 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -325,9 +325,14 @@ doRemoteOpen (virConnectPtr conn, } else { if (STRCASEEQ (transport_str, "tls")) transport = trans_tls; - else if (STRCASEEQ (transport_str, "unix")) - transport = trans_unix; - else if (STRCASEEQ (transport_str, "ssh")) + else if (STRCASEEQ (transport_str, "unix")) { + /* When connecting to unix socket on remote + * machine use TLS to connect to it */ + if (conn->uri->server) + transport = trans_tls; + else + transport = trans_unix; + } else if (STRCASEEQ (transport_str, "ssh")) transport = trans_ssh; else if (STRCASEEQ (transport_str, "ext")) transport = trans_ext; -- 1.7.3.4
On Mon, Aug 22, 2011 at 03:53:37PM +0200, Michal Privoznik wrote:
If users wants to connect to remote unix socket, e.g. 'qemu+unix://<remote>/system' currently the <remote> part is ignored, ending up connecting to localhost. This patch solves this issue by creating TLS connection.
If the user wants to use TLS, they should have asked for it eg qemu://<remote>/system qemu+tls://<remote>/system Specifying protocol '+unix' while also setting a hostname component is an error IMHO. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
participants (2)
-
Daniel P. Berrange -
Michal Privoznik