On Thu, Mar 07, 2013 at 05:33:07PM -0700, Eric Blake wrote: > On 03/06/2013 05:49 AM, Daniel P. Berrange wrote: > > From: "Daniel P. Berrange" <berrange@xxxxxxxxxx> > > > > A socket object has various pieces of security data associated > > with it, such as the SELinux context, the SASL username and > > the x509 distinguished name. Add new APIs to virNetServerClient > > and related modules to access this data. > > > > Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> > > --- > > src/libvirt_private.syms | 6 ++++++ > > src/rpc/virnetserverclient.c | 46 ++++++++++++++++++++++++++++++++++++++++++++ > > src/rpc/virnetserverclient.h | 7 +++++++ > > src/rpc/virnetsocket.c | 44 ++++++++++++++++++++++++++++++++++++++++++ > > src/rpc/virnetsocket.h | 2 ++ > > src/rpc/virnettlscontext.c | 18 +++++++++++++++++ > > src/rpc/virnettlscontext.h | 2 ++ > > 7 files changed, 125 insertions(+) > > > > +++ b/src/rpc/virnetserverclient.c > > @@ -587,6 +587,16 @@ bool virNetServerClientHasTLSSession(virNetServerClientPtr client) > > return has; > > } > > > > + > > +virNetTLSSessionPtr virNetServerClientGetTLSSession(virNetServerClientPtr client) > > +{ > > + virNetTLSSessionPtr tls; > > + virObjectLock(client); > > + tls = client->tls; > > + virObjectUnlock(client); > > + return tls; > > +} > > This needs to be guarded by WITH_GNUTLS (since client->tls doesn't exist > otherwise). Which in turn may affect your libvirt_private.syms if you > don't create a counterpart stub function. You can't see it from the context, but this is already inside a WITH_GNUTLS block that is started earlier, and finished later. Seems we already have a few problems with the symbol file if WITH_GNUTLS is not defined, so we'll need to fix that up globally. > > > + > > + > > +virNetSASLSessionPtr virNetServerClientGetSASLSession(virNetServerClientPtr client) > > +{ > > + virNetSASLSessionPtr sasl; > > + virObjectLock(client); > > + sasl = client->sasl; > > + virObjectUnlock(client); > > + return sasl; > > +} > > #endif > > This function was inside an #ifdef, but you declared it in > libvirt_private.syms, so you'd need a counterpart stub function. I'll move it to the existing libvirt_sasl.syms files > Shoot, ran out of review time halfway through. Overall the idea looks > sound, though. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list