Use per-user TLS certificates when possible

When using TLS authentication and operating as the non-root user, initially attempt to use that specific user's TLS certificates before attempting to use the system wide TLS certificates. Signed-off-by: Doug Goldstein <cardoe@cardoe.com>
2024-12-22 05:35:25 +00:00 · 2011-05-20 15:18:09 -05:00 · 2011-05-20 15:18:09 -05:00 · a67407fa36
commit a67407fa36
parent 6bae93d33b
3 changed files with 3 additions and 2 deletions
--- a/.mailmap
+++ b/.mailmap
@ -19,3 +19,4 @@
 <soren@linux2go.dk> <soren@canonical.com>
 <cfergeau@redhat.com> <teuf@gnome.org>
 <wency@cn.fujitsu.com> <wency cn fujitsu com>
+<cardoe@cardoe.com> <cardoe@gentoo.org>
--- a/2
+++ b/2
@ -81,7 +81,7 @@ Patches have also been contributed by:
  Serge E. Hallyn      <serue@us.ibm.com>
  Soren Hansen         <soren@linux2go.dk>
  Abel Míguez Rodríguez<amiguezr@pdi.ucm.es>
-  Doug Goldstein       <cardoe@gentoo.org>
+  Doug Goldstein       <cardoe@cardoe.com>
  Javier Fontan        <jfontan@gmail.com>
  Federico Simoncelli  <federico.simoncelli@gmail.com>
  Amy Griffis          <amy.griffis@hp.com>
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
@ -1159,7 +1159,7 @@ initialize_gnutls(char *pkipath, int flags)
        if ((virAsprintf(&libvirt_clientcert, "%s/%s", pkipath,
                        "clientcert.pem")) < 0)
             goto out_of_memory;
-    } else if (flags & VIR_DRV_OPEN_REMOTE_USER) {
+    } else if (flags & VIR_DRV_OPEN_REMOTE_USER || getuid() > 0) {
        userdir = virGetUserDirectory(getuid());

        if (!userdir)