From nobody Sun May  5 12:23:05 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.24
 as permitted sender) client-ip=209.132.183.24;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx3-phx2.redhat.com;
Authentication-Results: mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.24 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by
 mx.zohomail.com
	with SMTPS id 1489601320657484.58341644048494;
 Wed, 15 Mar 2017 11:08:40 -0700 (PDT)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v2FI5Jxx013939;
	Wed, 15 Mar 2017 14:05:19 -0400
Received: from int-mx10.intmail.prod.int.phx2.redhat.com
	(int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v2FI5FDT004096 for <libvir-list@listman.util.phx.redhat.com>;
	Wed, 15 Mar 2017 14:05:15 -0400
Received: from t460.redhat.com (ovpn-117-127.ams2.redhat.com [10.36.117.127])
	by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with
	ESMTP id v2FI5D6C003016; Wed, 15 Mar 2017 14:05:14 -0400
From: "Daniel P. Berrange" <berrange@redhat.com>
To: libvir-list@redhat.com
Date: Wed, 15 Mar 2017 18:05:11 +0000
Message-Id: <20170315180511.6615-1-berrange@redhat.com>
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH] Short circuit SASL auth when no mechanisms are
	available
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

If the SASL config does not have any mechanisms we currently
just report an empty list to the client which will then
fail to identify a usable mechanism. This is a server config
error, so we should fail immediately on the server side.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
 src/rpc/virnetsaslcontext.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/rpc/virnetsaslcontext.c b/src/rpc/virnetsaslcontext.c
index 37a5da2..c4492ec 100644
--- a/src/rpc/virnetsaslcontext.c
+++ b/src/rpc/virnetsaslcontext.c
@@ -390,6 +390,12 @@ char *virNetSASLSessionListMechanisms(virNetSASLSessio=
nPtr sasl)
                        err, sasl_errdetail(sasl->conn));
         goto cleanup;
     }
+    VIR_DEBUG("SASL mechanism list is '%s'", mechlist);
+    if (STREQ(mechlist, "")) {
+        virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+                       _("no SASL mechanisms are available"));
+        goto cleanup;
+    }
     ignore_value(VIR_STRDUP(ret, mechlist));
=20
  cleanup:
--=20
2.9.3

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list