Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openeuler
libvirt
提交
a219c3ab
L
libvirt
项目概览
openeuler
/
libvirt
通知
3
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
L
libvirt
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
a219c3ab
编写于
7月 12, 2007
作者:
D
Daniel P. Berrange
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Improved error checking for cert/key files
上级
bb6476e7
变更
2
显示空白变更内容
内联
并排
Showing
2 changed file
with
28 addition
and
0 deletion
+28
-0
ChangeLog
ChangeLog
+6
-0
qemud/qemud.c
qemud/qemud.c
+22
-0
未找到文件。
ChangeLog
浏览文件 @
a219c3ab
Thu Jul 12 10:57:17 CEST 2007 Daniel Veillard <veillard@redhat.com>
* qemud/qemud.c: Add explicit checks for existance of x509
certificate & key files to get better error reporting than
GNU TLS offers when it can't load a file
Thu Jul 12 10:57:17 CEST 2007 Daniel Veillard <veillard@redhat.com>
Thu Jul 12 10:57:17 CEST 2007 Daniel Veillard <veillard@redhat.com>
* src/xen_internal.c: applied patch from Christian Ehrhardt to
* src/xen_internal.c: applied patch from Christian Ehrhardt to
...
...
qemud/qemud.c
浏览文件 @
a219c3ab
...
@@ -112,6 +112,18 @@ static int qemudRegisterClientEvent(struct qemud_server *server,
...
@@ -112,6 +112,18 @@ static int qemudRegisterClientEvent(struct qemud_server *server,
struct
qemud_client
*
client
,
struct
qemud_client
*
client
,
int
remove
);
int
remove
);
static
int
remoteCheckCertFile
(
const
char
*
type
,
const
char
*
file
)
{
struct
stat
sb
;
if
(
stat
(
file
,
&
sb
)
<
0
)
{
qemudLog
(
QEMUD_ERR
,
"Cannot access %s '%s': %s (%d)"
,
type
,
file
,
strerror
(
errno
),
errno
);
return
-
1
;
}
return
0
;
}
static
int
static
int
remoteInitializeGnuTLS
(
void
)
remoteInitializeGnuTLS
(
void
)
{
{
...
@@ -128,6 +140,9 @@ remoteInitializeGnuTLS (void)
...
@@ -128,6 +140,9 @@ remoteInitializeGnuTLS (void)
}
}
if
(
ca_file
&&
ca_file
[
0
]
!=
'\0'
)
{
if
(
ca_file
&&
ca_file
[
0
]
!=
'\0'
)
{
if
(
remoteCheckCertFile
(
"CA certificate"
,
ca_file
)
<
0
)
return
-
1
;
qemudDebug
(
"loading CA cert from %s"
,
ca_file
);
qemudDebug
(
"loading CA cert from %s"
,
ca_file
);
err
=
gnutls_certificate_set_x509_trust_file
(
x509_cred
,
ca_file
,
err
=
gnutls_certificate_set_x509_trust_file
(
x509_cred
,
ca_file
,
GNUTLS_X509_FMT_PEM
);
GNUTLS_X509_FMT_PEM
);
...
@@ -139,6 +154,9 @@ remoteInitializeGnuTLS (void)
...
@@ -139,6 +154,9 @@ remoteInitializeGnuTLS (void)
}
}
if
(
crl_file
&&
crl_file
[
0
]
!=
'\0'
)
{
if
(
crl_file
&&
crl_file
[
0
]
!=
'\0'
)
{
if
(
remoteCheckCertFile
(
"CA revocation list"
,
ca_file
)
<
0
)
return
-
1
;
qemudDebug
(
"loading CRL from %s"
,
crl_file
);
qemudDebug
(
"loading CRL from %s"
,
crl_file
);
err
=
gnutls_certificate_set_x509_crl_file
(
x509_cred
,
crl_file
,
err
=
gnutls_certificate_set_x509_crl_file
(
x509_cred
,
crl_file
,
GNUTLS_X509_FMT_PEM
);
GNUTLS_X509_FMT_PEM
);
...
@@ -150,6 +168,10 @@ remoteInitializeGnuTLS (void)
...
@@ -150,6 +168,10 @@ remoteInitializeGnuTLS (void)
}
}
if
(
cert_file
&&
cert_file
[
0
]
!=
'\0'
&&
key_file
&&
key_file
[
0
]
!=
'\0'
)
{
if
(
cert_file
&&
cert_file
[
0
]
!=
'\0'
&&
key_file
&&
key_file
[
0
]
!=
'\0'
)
{
if
(
remoteCheckCertFile
(
"server certificate"
,
cert_file
)
<
0
)
return
-
1
;
if
(
remoteCheckCertFile
(
"server key"
,
key_file
)
<
0
)
return
-
1
;
qemudDebug
(
"loading cert and key from %s and %s"
,
qemudDebug
(
"loading cert and key from %s and %s"
,
cert_file
,
key_file
);
cert_file
,
key_file
);
err
=
err
=
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录