Re: [Libvir] [PATCH] Remote 3/8: Client-side

Daniel P. Berrange wrote: So the question is, is there any meaningful security to be gained by having the server check the commonName field of the client's certificate against the client's incoming IP addr whether v4 or v6 ? Perhaps the only thing the server should be using the client cert's com

Re: [Libvir] [PATCH] Remote 4/8: Server-side call dispatch

Daniel P. Berrange wrote: void remoteDispatchClientRequest (struct qemud_server *server ATTRIBUTE_UNUSED, struct qemud_client *client) char *args = NULL, *ret = NULL; Could those two variables instead be void * - to avoid the need to cast all assignments

Re: [Libvir] [PATCH] Remote 3/8: Client-side

Daniel P. Berrange wrote: On Sat, May 05, 2007 at 12:17:44PM +0100, Richard W.M. Jones wrote: Richard W.M. Jones wrote: 3 Client-side - A src/remote_internal.c A src/remote_internal.h M src/driver.h M src/libvirt.c [...] What sort of info is currently stored in the $sysconfdir/l

Re: [Libvir] [PATCH] Remote 3/8: Client-side

On Tue, May 08, 2007 at 12:20:17PM +0100, Richard W.M. Jones wrote: > Daniel P. Berrange wrote: > >On Sat, May 05, 2007 at 12:17:44PM +0100, Richard W.M. Jones wrote: > >>(1) remoteOpen and associated, GnuTLS initialisation > > > >I've got a question about this comment > > > >/* XXX This lo

Re: [Libvir] [PATCH] Remote 3/8: Client-side

Daniel P. Berrange wrote: On Sat, May 05, 2007 at 12:17:44PM +0100, Richard W.M. Jones wrote: (1) remoteOpen and associated, GnuTLS initialisation I've got a question about this comment /* XXX This loop contains a subtle problem. In the case * where a host is accessible over

Re: [Libvir] [PATCH] Remote 2/8: Client-server protocol (updated)

Daniel P. Berrange wrote: Historically NULL == 'Xen', so should we just force 'name = Xen' in src/libvirt.c and then no internal driver ever has to worry about NULLs in this scenario again. Is the plan not to have NULL meaning "get me the most appropriate connection", sort of in the same way

Re: [Libvir] [PATCH] Remote 2.5/8: Export virGetDomain and virGetNetwork

Daniel P. Berrange wrote: On Sat, May 05, 2007 at 12:00:49PM +0100, Richard W.M. Jones wrote: OK so this is step 2.5 out of 8 ... it wasn't part of the original plan. 2.5 Export virGetDomain and virGetNetwork - M src/libvirt_sym.version M src/hash.c M sr

Re: [Libvir] [PATCH] Fields in virDomainPtr which appear to be never used

Daniel P. Berrange wrote: On Sat, May 05, 2007 at 11:25:00AM +0100, Richard W.M. Jones wrote: With this analysis in mind, attached is a patch which removes these three fields (path, flags, xml) and the unused virDomainFlags, with no apparent ill-effects. ACK, I'm all for removing code which i