diff --git a/daemon/libvirtd.c b/daemon/libvirtd.c index 118aa92fa6951f8694ef8827a673dcaff22bde5f..60ee705cef6a7931f1bb4814355d5873e6fc6602 100644 --- a/daemon/libvirtd.c +++ b/daemon/libvirtd.c @@ -91,7 +91,9 @@ #include "configmake.h" +#if HAVE_SASL virNetSASLContextPtr saslCtxt = NULL; +#endif virNetServerProgramPtr remoteProgram = NULL; virNetServerProgramPtr qemuProgram = NULL; @@ -560,6 +562,7 @@ static int daemonSetupNetworking(virNetServerPtr srv, } } +#if HAVE_SASL if (config->auth_unix_rw == REMOTE_AUTH_SASL || config->auth_unix_ro == REMOTE_AUTH_SASL || config->auth_tcp == REMOTE_AUTH_SASL || @@ -569,6 +572,7 @@ static int daemonSetupNetworking(virNetServerPtr srv, if (!saslCtxt) goto error; } +#endif #if HAVE_POLKIT0 if (auth_unix_rw == REMOTE_AUTH_POLKIT || @@ -745,8 +749,10 @@ static int remoteConfigGetAuth(virConfPtr conf, const char *key, int *auth, cons if (STREQ(p->str, "none")) { *auth = VIR_NET_SERVER_SERVICE_AUTH_NONE; +#if HAVE_SASL } else if (STREQ(p->str, "sasl")) { *auth = VIR_NET_SERVER_SERVICE_AUTH_SASL; +#endif } else if (STREQ(p->str, "polkit")) { *auth = VIR_NET_SERVER_SERVICE_AUTH_POLKIT; } else { diff --git a/daemon/remote.c b/daemon/remote.c index 9e6cf77f279c0a06579940b0ca4ca86403c2cc93..288990855ef48323d7919fa9a82a0ebd6299de82 100644 --- a/daemon/remote.c +++ b/daemon/remote.c @@ -1653,6 +1653,7 @@ cleanup: } +#ifdef HAVE_SASL /* * Initializes the SASL session in prepare for authentication * and gives the client a list of allowed mechanisms to choose @@ -1969,6 +1970,49 @@ error: virMutexUnlock(&priv->lock); return -1; } +#else +static int +remoteDispatchAuthSaslInit(virNetServerPtr server ATTRIBUTE_UNUSED, + virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetMessageHeaderPtr hdr ATTRIBUTE_UNUSED, + virNetMessageErrorPtr rerr, + remote_auth_sasl_init_ret *ret ATTRIBUTE_UNUSED) +{ + VIR_WARN("Client tried unsupported SASL auth"); + virNetError(VIR_ERR_AUTH_FAILED, "%s", + _("authentication failed")); + virNetMessageSaveError(rerr); + return -1; +} +static int +remoteDispatchAuthSaslStart(virNetServerPtr server ATTRIBUTE_UNUSED, + virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetMessageHeaderPtr hdr ATTRIBUTE_UNUSED, + virNetMessageErrorPtr rerr, + remote_auth_sasl_start_args *args ATTRIBUTE_UNUSED, + remote_auth_sasl_start_ret *ret ATTRIBUTE_UNUSED) +{ + VIR_WARN("Client tried unsupported SASL auth"); + virNetError(VIR_ERR_AUTH_FAILED, "%s", + _("authentication failed")); + virNetMessageSaveError(rerr); + return -1; +} +static int +remoteDispatchAuthSaslStep(virNetServerPtr server ATTRIBUTE_UNUSED, + virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetMessageHeaderPtr hdr ATTRIBUTE_UNUSED, + virNetMessageErrorPtr rerr, + remote_auth_sasl_step_args *args ATTRIBUTE_UNUSED, + remote_auth_sasl_step_ret *ret ATTRIBUTE_UNUSED) +{ + VIR_WARN("Client tried unsupported SASL auth"); + virNetError(VIR_ERR_AUTH_FAILED, "%s", + _("authentication failed")); + virNetMessageSaveError(rerr); + return -1; +} +#endif