From nobody Sat May  4 16:02:14 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.133.124 as permitted sender) client-ip=170.10.133.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1636119134; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Ja5QrwFMreRfeVqRCqKpRXtWcdDcbE0JrUQphPhk8pIyswXUPoM5rCKw98yLI4ogp2QXFjfvBNJp8b3tyx0TCUZGk5H61UveG1LCsCJ3IjgTHSXPOcEtWEeSDxQ4XhzJPHDz0jEPSxZiFzXkSgGl+PQde3qEjhuU8SS3wJtr1f8=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1636119134;
 h=Content-Type:Content-Transfer-Encoding:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To;
	bh=8tr8WCkTd25Iqu+5aVPapHriaY0mGRcdFyjKFsq7fuc=;
	b=C4PW7iFc4i+7Ev1cfRnSYQ9xXz1/n4MG/JRzkpFOukNrAu0jOZ/Zv1zyLe6n23kOGpiAs2igyxkwwWw7+jucTIsK3ap4ZKTNcgu8GzfgN7TRuoDlIpWotWD2Yb+5Gv6a0Rg6BD4jm00Gl/voEDjev6k3boSl/HO9kSgY6Nnrc74=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com
	with SMTPS id 1636119134403973.4747900506567;
 Fri, 5 Nov 2021 06:32:14 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-326-4ZK_bItMPjiXc2wGy82-rA-1; Fri, 05 Nov 2021 09:32:11 -0400
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com
 [10.5.11.13])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 857C71B2C985;
	Fri,  5 Nov 2021 13:32:05 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 12BD45BB06;
	Fri,  5 Nov 2021 13:32:05 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id A3C711806D03;
	Fri,  5 Nov 2021 13:32:02 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 1A5DSsEi017323 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 5 Nov 2021 09:28:54 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id E0D7360C9F; Fri,  5 Nov 2021 13:28:54 +0000 (UTC)
Received: from maggie.redhat.com (unknown [10.43.2.64])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 668E060C17
	for <libvir-list@redhat.com>; Fri,  5 Nov 2021 13:28:39 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1636119133;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=8tr8WCkTd25Iqu+5aVPapHriaY0mGRcdFyjKFsq7fuc=;
	b=jKt8xoHp9bACWBEpxvPqyxco00V4xIWM3veO7EXpGaUjmEl9uULqMQelwumDubeeNqMajq
	h7HUd/PaiyOJo59LuGY+R869fY7nl6hbShRm+eaZ4IL+DYBIXTovd7b1C/qGAMN9S2OglM
	tYlUx6LpclChgQ6FB4k5mvJbnR8QiiE=
X-MC-Unique: 4ZK_bItMPjiXc2wGy82-rA-1
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Subject: [PATCH] remote_daemon: Validate tcp_min_ssf value only if found in
	config
Date: Fri,  5 Nov 2021 14:28:38 +0100
Message-Id: 
 <bb1cfcbf7ed4af4ade4ff055c5f0d93b5d921802.1636118918.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://listman.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1636119134865100001
Content-Type: text/plain; charset="utf-8"

If there is no tcp_min_ssf value set in daemon config we still
compare it against the default (56 which corresponds to DES) and
if the value is below our expected minimum (112 which corresponds
to 3DES) an error is reported and the daemon refuses to start.
This is not what we want. What we want is to check the value iff
the value was specified in the config file.

Fixes: 58a48cff840
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: J=C3=A1n Tomko <jtomko@redhat.com>
---
 src/remote/remote_daemon_config.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/remote/remote_daemon_config.c b/src/remote/remote_daemon_c=
onfig.c
index a9961013f2..30653e82cf 100644
--- a/src/remote/remote_daemon_config.c
+++ b/src/remote/remote_daemon_config.c
@@ -231,6 +231,8 @@ daemonConfigLoadOptions(struct daemonConfig *data,
                         const char *filename,
                         virConf *conf)
 {
+    int rc G_GNUC_UNUSED;
+
 #ifdef WITH_IP
     if (virConfGetValueBool(conf, "listen_tcp", &data->listen_tcp) < 0)
         return -1;
@@ -303,10 +305,9 @@ daemonConfigLoadOptions(struct daemonConfig *data,
     if (virConfGetValueString(conf, "tls_priority", &data->tls_priority) <=
 0)
         return -1;
=20
-    if (virConfGetValueUInt(conf, "tcp_min_ssf", &data->tcp_min_ssf) < 0)
+    if ((rc =3D virConfGetValueUInt(conf, "tcp_min_ssf", &data->tcp_min_ss=
f)) < 0) {
         return -1;
-
-    if (data->tcp_min_ssf < SSF_WARNING_LEVEL) {
+    } else if (rc > 0 && data->tcp_min_ssf < SSF_WARNING_LEVEL) {
         virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
                        _("minimum SSF levels lower than %d are not support=
ed"),
                        SSF_WARNING_LEVEL);
--=20
2.32.0