From: Daniel P. Berrange berra...@redhat.com
The virNetTLSContextNew was being passed key/cert parameters in
the wrong order. This wasn't immediately visible because if
virNetTLSContextNewPath was used, a second bug reversed the order
of those parameters again.
Only if the paths were manually specified in /etc/libvirt/libvirtd.conf
did the bug appear
* src/rpc/virnettlscontext.c: Fix order of params passed to
virNetTLSContextNew
---
src/rpc/virnettlscontext.c |6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/rpc/virnettlscontext.c b/src/rpc/virnettlscontext.c
index ad8e2dc..1120e1e 100644
--- a/src/rpc/virnettlscontext.c
+++ b/src/rpc/virnettlscontext.c
@@ -396,10 +396,10 @@ static virNetTLSContextPtr virNetTLSContextNewPath(const
char *pkipath,
virNetTLSContextPtr ctxt = NULL;
if (virNetTLSContextLocateCredentials(pkipath, tryUserPkiPath, isServer,
- cacert, cacrl, key, cert) 0)
+ cacert, cacrl, cert, key) 0)
return NULL;
-ctxt = virNetTLSContextNew(cacert, cacrl, key, cert,
+ctxt = virNetTLSContextNew(cacert, cacrl, cert, key,
x509dnWhitelist, requireValidCert, isServer);
VIR_FREE(cacert);
@@ -435,7 +435,7 @@ virNetTLSContextPtr virNetTLSContextNewServer(const char
*cacert,
const char
*const*x509dnWhitelist,
bool requireValidCert)
{
-return virNetTLSContextNew(cacert, cacrl, key, cert,
+return virNetTLSContextNew(cacert, cacrl, cert, key,
x509dnWhitelist, requireValidCert, true);
}
--
1.7.6
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
