If the SASL config does not have any mechanisms we currently just report an empty list to the client which will then fail to identify a usable mechanism. This is a server config error, so we should fail immediately on the server side. Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; --- src/rpc/virnetsaslcontext.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/rpc/virnetsaslcontext.c b/src/rpc/virnetsaslcontext.c index 37a5da2..c4492ec 100644 --- a/src/rpc/virnetsaslcontext.c +++ b/src/rpc/virnetsaslcontext.c @@ -390,6 +390,12 @@ char *virNetSASLSessionListMechanisms(virNetSASLSessionPtr sasl) err, sasl_errdetail(sasl->conn)); goto cleanup; } + VIR_DEBUG("SASL mechanism list is '%s'", mechlist); + if (STREQ(mechlist, "")) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("no SASL mechanisms are available")); + goto cleanup; + } ignore_value(VIR_STRDUP(ret, mechlist)); cleanup: -- 2.9.3