提交 a67407fa 编写于 作者: D Doug Goldstein 提交者: Eric Blake

Use per-user TLS certificates when possible

When using TLS authentication and operating as the non-root user,
initially attempt to use that specific user's TLS certificates before
attempting to use the system wide TLS certificates.
Signed-off-by: NDoug Goldstein <cardoe@cardoe.com>
上级 6bae93d3
......@@ -19,3 +19,4 @@
<soren@linux2go.dk> <soren@canonical.com>
<cfergeau@redhat.com> <teuf@gnome.org>
<wency@cn.fujitsu.com> <wency cn fujitsu com>
<cardoe@cardoe.com> <cardoe@gentoo.org>
......@@ -81,7 +81,7 @@ Patches have also been contributed by:
Serge E. Hallyn <serue@us.ibm.com>
Soren Hansen <soren@linux2go.dk>
Abel Míguez Rodríguez<amiguezr@pdi.ucm.es>
Doug Goldstein <cardoe@gentoo.org>
Doug Goldstein <cardoe@cardoe.com>
Javier Fontan <jfontan@gmail.com>
Federico Simoncelli <federico.simoncelli@gmail.com>
Amy Griffis <amy.griffis@hp.com>
......
......@@ -1159,7 +1159,7 @@ initialize_gnutls(char *pkipath, int flags)
if ((virAsprintf(&libvirt_clientcert, "%s/%s", pkipath,
"clientcert.pem")) < 0)
goto out_of_memory;
} else if (flags & VIR_DRV_OPEN_REMOTE_USER) {
} else if (flags & VIR_DRV_OPEN_REMOTE_USER || getuid() > 0) {
userdir = virGetUserDirectory(getuid());
if (!userdir)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册