daemon: Don't initialize SASL context if not necessary

SASL context would be initialized even if the corresponding TCP or TLS
sockets are not enabled.

fe772f24a68 attempted to fix the symptom by commenting out the settings,
but that did not fix the root cause. 3c647ee4bbb later reverted those
changes so that the more secure algorithm is used.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1450095

diff --git a/daemon/libvirtd.c b/daemon/libvirtd.c
index 891238bcbe0d46ea6c14802c8ecbde3f80790212..bac4bc1b65a5959e2d1442fcfb635a6535e5532b 100644 (file)
--- a/daemon/libvirtd.c
+++ b/daemon/libvirtd.c
@@ -613,11 +613,11 @@ daemonSetupNetworking(virNetServerPtr srv,
 
 #if WITH_SASL
     if (config->auth_unix_rw == REMOTE_AUTH_SASL ||
-        config->auth_unix_ro == REMOTE_AUTH_SASL ||
+        (sock_path_ro && config->auth_unix_ro == REMOTE_AUTH_SASL) ||
 # if WITH_GNUTLS
-        config->auth_tls == REMOTE_AUTH_SASL ||
+        (ipsock && config->listen_tls && config->auth_tls == REMOTE_AUTH_SASL) ||
 # endif
-        config->auth_tcp == REMOTE_AUTH_SASL) {
+        (ipsock && config->listen_tcp && config->auth_tcp == REMOTE_AUTH_SASL)) {
         saslCtxt = virNetSASLContextNewServer(
             (const char *const*)config->sasl_allowed_username_list);
         if (!saslCtxt)