If there is no tcp_min_ssf value set in daemon config we still
compare it against the default (56 which corresponds to DES) and
if the value is below our expected minimum (112 which corresponds
to 3DES) an error is reported and the daemon refuses to start.
This is not what we want. What we want is to check the value iff
the value was specified in the config file.
Fixes: 58a48cff840
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
src/remote/remote_daemon_config.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/remote/remote_daemon_config.c b/src/remote/remote_daemon_config.c
index a9961013f2..30653e82cf 100644
--- a/src/remote/remote_daemon_config.c
+++ b/src/remote/remote_daemon_config.c
@@ -231,6 +231,8 @@ daemonConfigLoadOptions(struct daemonConfig *data,
const char *filename,
virConf *conf)
{
+ int rc G_GNUC_UNUSED;
+
#ifdef WITH_IP
if (virConfGetValueBool(conf, "listen_tcp", &data->listen_tcp) < 0)
return -1;
@@ -303,10 +305,9 @@ daemonConfigLoadOptions(struct daemonConfig *data,
if (virConfGetValueString(conf, "tls_priority", &data->tls_priority) < 0)
return -1;
- if (virConfGetValueUInt(conf, "tcp_min_ssf", &data->tcp_min_ssf) < 0)
+ if ((rc = virConfGetValueUInt(conf, "tcp_min_ssf", &data->tcp_min_ssf)) < 0) {
return -1;
-
- if (data->tcp_min_ssf < SSF_WARNING_LEVEL) {
+ } else if (rc > 0 && data->tcp_min_ssf < SSF_WARNING_LEVEL) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("minimum SSF levels lower than %d are not supported"),
SSF_WARNING_LEVEL);
--
2.32.0