提交 ed914284 编写于 作者: P Peter Krempa

daemon: Don't initialize SASL context if not necessary

SASL context would be initialized even if the corresponding TCP or TLS
sockets are not enabled.

fe772f24 attempted to fix the symptom by commenting out the settings,
but that did not fix the root cause. 3c647ee4 later reverted those
changes so that the more secure algorithm is used.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1450095
上级 c245f558
......@@ -613,11 +613,11 @@ daemonSetupNetworking(virNetServerPtr srv,
#if WITH_SASL
if (config->auth_unix_rw == REMOTE_AUTH_SASL ||
config->auth_unix_ro == REMOTE_AUTH_SASL ||
(sock_path_ro && config->auth_unix_ro == REMOTE_AUTH_SASL) ||
# if WITH_GNUTLS
config->auth_tls == REMOTE_AUTH_SASL ||
(ipsock && config->listen_tls && config->auth_tls == REMOTE_AUTH_SASL) ||
# endif
config->auth_tcp == REMOTE_AUTH_SASL) {
(ipsock && config->listen_tcp && config->auth_tcp == REMOTE_AUTH_SASL)) {
saslCtxt = virNetSASLContextNewServer(
(const char *const*)config->sasl_allowed_username_list);
if (!saslCtxt)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册
新手
引导
客服 返回
顶部