From: Daniel P. Berrange Date: Thu, 17 Dec 2009 17:39:43 +0000 (+0000) Subject: Fix reporting of TLS connection errors X-Git-Tag: v0.7.5~26 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=469b6b3a75bf0a4bfc9b9fd7ad2ce5ebe0105699;p=thirdparty%2Flibvirt.git Fix reporting of TLS connection errors The code for connecting to a server tries each socket in turn until it finds one that connects. Unfortunately for TLS sockets if it connected, but failed TLS handshake it would treat that as a failure to connect, and try the next socket. This is bad, it should have reported the TLS failure immediately. $ virsh -c qemu://somehost.com/system error: unable to connect to libvirtd at 'somehost.com': Invalid argument error: failed to connect to the hypervisor $ ./tools/virsh -c qemu://somehost.com/system error: server certificate failed validation: The certificate hasn't got a known issuer. error: failed to connect to the hypervisor * src/remote/remote_driver.c: Stop trying to connect if the TLS handshake fails --- diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index 945fa30fe1..23fd0e3264 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -632,7 +632,7 @@ doRemoteOpen (virConnectPtr conn, if (!priv->session) { close (priv->sock); priv->sock = -1; - continue; + goto failed; } } goto tcp_connected;