Re: [libvirt] Query regarding no_verify in uri

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



2010/2/26 Sharadha Prabhakar (3P) <sharadha.prabhakar@xxxxxxxxxx>:
> Hi Daniel,
> I've submitted my XenAPI driver in 2parts before sometime with all the
> changes you had suggested. The following is possibly the only one that's not
> handled.
>
>> +    curl_easy_setopt(curl, CURLOPT_POST, 1);
>> +    curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data);
>> +    curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, len);
>> +    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
>> +    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
>
>>You shouldn't disable SSL verification here. It should be on by default.
>>For consistency with other libvirt drivers, you may wish to allow your
>>xenapi:///  uri to have an optional  'no_verify=1' parameter to turn
>>off SSL verification. It should always be verifying by default though.
>
> For now I have enabled verify SSL. I'm not sure about how libvirt hands
> Over the no_verify=1 part that the user types in the URI to my driver.
> virDrvOpen only receives the URI  elements from 'conn' parameter.
> I couldn't find this information embedded in 'conn'?
> Could you explain how to get this information?
> Regards,
> Sharadha
>

See esxOpen and esxUtil_ParseQuery for an example how the ESX driver
implements this.

Matthias

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]