git.ipfire.org Git - thirdparty/libvirt.git/commit

author	Daniel P. Berrange <berrange@redhat.com>
	Thu, 21 Jul 2011 10:13:11 +0000 (11:13 +0100)
committer	Daniel P. Berrange <berrange@redhat.com>
	Fri, 22 Jul 2011 14:18:32 +0000 (15:18 +0100)
commit	07f9b6f019ac308dd31f766635e687bcdebba708
tree	9cfa3d7583ea8823983717e9cadcd65487b171e3	tree
parent	1a80a4e0d4f72f2827f45a67970f35a96af6e0f1	commit \| diff

Allow certificate sanity checking to be disabled

When libvirtd starts it it will sanity check its own certs,
and before libvirt clients connect to a remote server they
will sanity check their own certs. This patch allows such
sanity checking to be skipped. There is no strong reason to
need to do this, other than to bypass possible libvirt bugs
in sanity checking, or for testing purposes.

libvirt.conf gains tls_no_sanity_certificate parameter to
go along with tls_no_verify_certificate. The remote driver
client URIs gain a no_sanity URI parameter

* daemon/test_libvirtd.aug, daemon/libvirtd.conf,
  daemon/libvirtd.c, daemon/libvirtd.aug: Add parameter to
  allow cert sanity checks to be skipped
* src/remote/remote_driver.c: Add no_sanity parameter to
  skip cert checks
* src/rpc/virnettlscontext.c, src/rpc/virnettlscontext.h:
  Add new parameter for skipping sanity checks independantly
  of skipping session cert validation checks

daemon/libvirtd.aug		diff \| blob \| blame \| history
daemon/libvirtd.c		diff \| blob \| blame \| history
daemon/libvirtd.conf		diff \| blob \| blame \| history
daemon/test_libvirtd.aug		diff \| blob \| blame \| history
src/remote/remote_driver.c		diff \| blob \| blame \| history
src/rpc/virnettlscontext.c		diff \| blob \| blame \| history
src/rpc/virnettlscontext.h		diff \| blob \| blame \| history