On Tue, Mar 03, 2009 at 08:50:54AM +0000, Daniel P. Berrange wrote: > On Tue, Mar 03, 2009 at 09:13:14AM +0100, Chris Lalancette wrote: > > All, > > While doing testing on TLS, I came across the mention of > > "tls_allowed_ip_list" in the website documentation, here: > > > > http://libvirt.org/remote.html#Remote_libvirtd_configuration > > > > However, I don't see any implementation of the tls_allowed_ip_list in libvirt > > itself; a grep through the sources show that we are implementing > > "tls_allowed_dn_list", but not "tls_allowed_ip_list". Am I missing something in > > the sources? Should we update the libvirt.org documentation and remove that > > (seemingly non-existent) parameter? Or should I go in and implement the > > "tls_allowed_ip_list"? > > That functionality was removed because it is utterly worthless as an > access control feature, and if you want to block rogue IP (ranges) you > can do it in iptables far more efficiently & flexibly anyway. The > docs just need to be removed okay, even simpler, I will do it before the release ! Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel@xxxxxxxxxxxx | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list