forked from pool/libvirt
061a75b436
- qemu: Fix segmentation fault in qemuDomainUndefineFlags
823a62ec-qemu-fix-undefine-crash.patch
- Update to libvirt 8.1.0
- Many incremental improvements and bug fixes, see
https://libvirt.org/news.html#v8-1-0-2022-03-01
- Dropped patches:
3be5ba11-libvirt-guests-install.patch,
16172741-libvirt-guests-manpage.patch,
8eb44616-remove-sysconfig-files.patch,
31e937fb-libxl-save-lock-indicator.patch,
105dace2-revert-virProcessGetStatInfo.patch,
e0241f33-libxl-mark-allocated-graphics-ports.patch,
18ec405a-libxl-release-graphics-ports.patch,
76deb656-qemu-fix-snapshot-revert.patch,
454b927d-libxl-fix-dom-restore.patch
OBS-URL: https://build.opensuse.org/request/show/959272
OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=925
47 lines
1.9 KiB
Diff
47 lines
1.9 KiB
Diff
Disable TLS by default
|
|
|
|
On SUSE distros, the default is for libvirtd to listen only on the
|
|
Unix Domain Socket. The libvirt client still provides remote access
|
|
via a SSH tunnel.
|
|
Index: libvirt-8.1.0/src/remote/remote_daemon_config.c
|
|
===================================================================
|
|
--- libvirt-8.1.0.orig/src/remote/remote_daemon_config.c
|
|
+++ libvirt-8.1.0/src/remote/remote_daemon_config.c
|
|
@@ -98,7 +98,7 @@ daemonConfigNew(bool privileged G_GNUC_U
|
|
|
|
#ifdef WITH_IP
|
|
# ifdef LIBVIRTD
|
|
- data->listen_tls = true; /* Only honoured if --listen is set */
|
|
+ data->listen_tls = false; /* Only honoured if --listen is set */
|
|
# else /* ! LIBVIRTD */
|
|
data->listen_tls = false; /* Always honoured, --listen doesn't exist. */
|
|
# endif /* ! LIBVIRTD */
|
|
Index: libvirt-8.1.0/src/remote/libvirtd.conf.in
|
|
===================================================================
|
|
--- libvirt-8.1.0.orig/src/remote/libvirtd.conf.in
|
|
+++ libvirt-8.1.0/src/remote/libvirtd.conf.in
|
|
@@ -17,8 +17,8 @@
|
|
# It is necessary to setup a CA and issue server certificates before
|
|
# using this capability.
|
|
#
|
|
-# This is enabled by default, uncomment this to disable it
|
|
-#listen_tls = 0
|
|
+# This is disabled by default, uncomment this to enable it
|
|
+#listen_tls = 1
|
|
|
|
# Listen for unencrypted TCP connections on the public TCP/IP port.
|
|
# NB, must pass the --listen flag to the @DAEMON_NAME@ process for this to
|
|
Index: libvirt-8.1.0/src/remote/test_libvirtd.aug.in
|
|
===================================================================
|
|
--- libvirt-8.1.0.orig/src/remote/test_libvirtd.aug.in
|
|
+++ libvirt-8.1.0/src/remote/test_libvirtd.aug.in
|
|
@@ -3,7 +3,7 @@ module Test_@DAEMON_NAME@ =
|
|
|
|
test @DAEMON_NAME_UC@.lns get conf =
|
|
@CUT_ENABLE_IP@
|
|
- { "listen_tls" = "0" }
|
|
+ { "listen_tls" = "1" }
|
|
{ "listen_tcp" = "1" }
|
|
{ "tls_port" = "16514" }
|
|
{ "tcp_port" = "16509" }
|