提交 3a73eaeb 编写于 作者: D Daniel P. Berrange

Make SASL work over UNIX domain sockets

The addrToString methods were not coping with UNIX domain sockets
which have no normal host+port address. Hardcode special handling
for these so that SASL routines can work over UNIX sockets. Also
fix up SSF logic in remote client so that it presumes that a UNIX
socket is secure

* daemon/remote.c: Fix addrToString for UNIX sockets.
* src/remote/remote_driver.c: Fix addrToString for UNIX sockets
  and fix SSF logic to work for TLS + UNIX sockets in the same
  manner
上级 e8066d53
......@@ -3263,6 +3263,14 @@ static char *addrToString(remote_error *rerr,
int err;
struct sockaddr *sa = (struct sockaddr *)ss;
if (sa->sa_family == AF_UNIX) {
if (!(addr = strdup("127.0.0.1;0"))) {
virReportOOMError();
return NULL;
}
return addr;
}
if ((err = getnameinfo(sa, salen,
host, sizeof(host),
port, sizeof(port),
......
......@@ -6676,6 +6676,14 @@ static char *addrToString(struct sockaddr_storage *ss, socklen_t salen)
int err;
struct sockaddr *sa = (struct sockaddr *)ss;
if (sa->sa_family == AF_UNIX) {
if (!(addr = strdup("127.0.0.1;0"))) {
virReportOOMError();
return NULL;
}
return addr;
}
if ((err = getnameinfo(sa, salen,
host, sizeof(host),
port, sizeof(port),
......@@ -6977,12 +6985,12 @@ remoteAuthSASL (virConnectPtr conn, struct private_data *priv, int in_open,
}
memset (&secprops, 0, sizeof secprops);
/* If we've got TLS, we don't care about SSF */
secprops.min_ssf = priv->uses_tls ? 0 : 56; /* Equiv to DES supported by all Kerberos */
secprops.max_ssf = priv->uses_tls ? 0 : 100000; /* Very strong ! AES == 256 */
/* If we've got a secure channel (TLS or UNIX sock), we don't care about SSF */
secprops.min_ssf = priv->is_secure ? 0 : 56; /* Equiv to DES supported by all Kerberos */
secprops.max_ssf = priv->is_secure ? 0 : 100000; /* Very strong ! AES == 256 */
secprops.maxbufsize = 100000;
/* If we're not TLS, then forbid any anonymous or trivially crackable auth */
secprops.security_flags = priv->uses_tls ? 0 :
/* If we're not secure, then forbid any anonymous or trivially crackable auth */
secprops.security_flags = priv->is_secure ? 0 :
SASL_SEC_NOANONYMOUS | SASL_SEC_NOPLAINTEXT;
err = sasl_setprop(saslconn, SASL_SEC_PROPS, &secprops);
......@@ -7164,8 +7172,8 @@ remoteAuthSASL (virConnectPtr conn, struct private_data *priv, int in_open,
}
}
/* Check for suitable SSF if non-TLS */
if (!priv->uses_tls) {
/* Check for suitable SSF if not already secure (TLS or UNIX sock) */
if (!priv->is_secure) {
err = sasl_getprop(saslconn, SASL_SSF, &val);
if (err != SASL_OK) {
remoteError(VIR_ERR_AUTH_FAILED,
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册