Re: [PATCH 03/12] Remove hack using existance of an 'identity' string to disable auth

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On 05/02/2012 07:44 AM, Daniel P. Berrange wrote:
From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>

Currently the server determines whether authentication of clients
is complete, by checking whether an identity is set. This patch
removes that lame hack and replaces it with an explicit method
for changing the client auth code

* daemon/remote.c: Update for new APis
* src/libvirt_private.syms, src/rpc/virnetserverclient.c,
   src/rpc/virnetserverclient.h: Remove virNetServerClientGetIdentity
   and virNetServerClientSetIdentity, adding a new method
   virNetServerClientSetAuth.
---
  daemon/remote.c              |   14 +++++++-------
  src/libvirt_private.syms     |    2 +-
  src/rpc/virnetserverclient.c |   36 ++++++++----------------------------
  src/rpc/virnetserverclient.h |    5 +----
  4 files changed, 17 insertions(+), 40 deletions(-)

diff --git a/daemon/remote.c b/daemon/remote.c
index 16a8a05..0bf58d3 100644
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -2137,10 +2137,12 @@ remoteDispatchAuthList(virNetServerPtr server ATTRIBUTE_UNUSED,
                  goto cleanup;
              }
              VIR_INFO("Bypass polkit auth for privileged client %s", ident);
-            if (virNetServerClientSetIdentity(client, ident) < 0)
+            if (virNetServerClientSetIdentity(client, ident) < 0) {

It looks like this call needs to be removed.

--
Regards,
Corey


--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]