SASL directly into the socket APIs

Eric Blake Thu, 23 Jun 2011 16:22:47 -0700

On 06/22/2011 09:33 AM, Daniel P. Berrange wrote:
> This extends the basic virNetSocket APIs to allow them to have
> a handle to the TLS/SASL session objects, once established.
> This ensures that any data reads/writes are automagically
> passed through the TLS/SASL encryption layers if required.
> 
> * src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: Wire up
>   SASL/TLS encryption
> ---
>  src/rpc/virnetsocket.c |  274 
> +++++++++++++++++++++++++++++++++++++++++++++++-
>  src/rpc/virnetsocket.h |   11 ++
>  2 files changed, 282 insertions(+), 3 deletions(-)
> 
> diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
> index eedced0..3a4b0db 100644
> --- a/src/rpc/virnetsocket.c
> +++ b/src/rpc/virnetsocket.c
> @@ -27,6 +27,9 @@
>  #include <sys/socket.h>
>  #include <unistd.h>
>  #include <sys/wait.h>
> +#ifdef HAVE_NETINET_TCP_H
> +# include <netinet/tcp.h>
> +#endif
>  
>  #ifdef HAVE_NETINET_TCP_H
>  # include <netinet/tcp.h>


Duplicate header inclusion.

> +static ssize_t virNetSocketWriteSASL(virNetSocketPtr sock, const char *buf, 
> size_t len)
> +{
> +    int ret;
> +    size_t tosend = virNetSASLSessionGetMaxBufSize(sock->saslSession);
> +
> +    /* SASL doesn't neccessarily let us send the whole

s/neccessarily/necessarily/

ACK with nits fixed.

-- 
Eric Blake   [email protected]    +1-801-349-2682
Libvirt virtualization library http://libvirt.org

signature.asc
Description: OpenPGP digital signature

--
libvir-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH 06/10] Integrate TLS/SASL directly into the socket APIs

Reply via email to