Remote patch, 2007-02-26

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I was really hoping to have a patch which could be applied out today. This isn't quite that patch, so my apologies. Nevertheless, this demonstrates what can be done, and works on a selection of the important libvirt API calls. 

http://www.annexia.org/tmp/libvirt-tls-20070226.patch

List of things that need to be done:

* Audit incoming IP addresses / virConnectOpen names to syslog.
* GnuTLS handshake DoS fix (see danpb's email).
* GnuTLS client crashing bug (I have a fix, just needs to be applied).
* Complete the wrappers for the remaining API calls.
* Testing(!)
Apart from that list above, I'm hoping that this patch addresses everything that people have raised on list and privately about previous patches. If I've missed anything, let me know. 

Rich.

----------------------------------------- "screenshot" ---
rjones@oirase:~/d/libvirt-remote$ src/virsh -c test://localhost/default nodeinfo 
proceeding with name = test:///default
loading CA file demoCA/cacert.pem
loading client cert and key from files 127001cert.pem and 127001key.pem
CPU model:           i686
CPU(s):              16
CPU frequency:       1400 MHz
CPU socket(s):       2
Core(s) per socket:  2
Thread(s) per core:  2
NUMA cell(s):        2
Memory size:         3145728 kB
rjones@oirase:~/d/libvirt-remote$ src/virsh -c test://localhost/default create tests/xmconfigdata/test-fullvirt-new-cdrom.xml 
proceeding with name = test:///default
loading CA file demoCA/cacert.pem
loading client cert and key from files 127001cert.pem and 127001key.pem
Domain XenGuest2 created from tests/xmconfigdata/test-fullvirt-new-cdrom.xml



rjones@oirase:~/d/libvirt-remote$ src/libvirtd -d
libvir: error : failed to open /home/rjones/local/etc/libvirtd.conf for reading 
libvirtd: loading CA cert from demoCA/cacert.pem
libvirtd: loading cert and key from servercert.pem and serverkey.pem
libvirtd: TLS service listening on port 16514
libvirtd: Unix service listening on socket /home/rjones/local/var/run/libvirtd/socket 
libvirtd: create_mapping: xprt = 0x647680
libvirtd: lookup_connection: xprt = 0x647680
libvirtd: set_connection: xprt = 0x647680
libvirtd: lookup_connection: xprt = 0x647680
libvirtd: lookup_connection: xprt = 0x647680
libvirtd: set_connection: xprt = 0x647680
libvirtd: destroy_mapping: xprt = 0x647680
libvirtd: create_mapping: xprt = 0x647b20
libvirtd: lookup_connection: xprt = 0x647b20
libvirtd: set_connection: xprt = 0x647b20
libvirtd: lookup_connection: xprt = 0x647b20
libvirtd: lookup_connection: xprt = 0x647b20
libvirtd: set_connection: xprt = 0x647b20
libvirtd: destroy_mapping: xprt = 0x647b20




--
Emerging Technologies, Red Hat  http://et.redhat.com/~rjones/
64 Baker Street, London, W1U 7DF     Mobile: +44 7866 314 421
 "[Negative numbers] darken the very whole doctrines of the equations
 and make dark of the things which are in their nature excessively
 obvious and simple" (Francis Maseres FRS, mathematician, 1759)

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]