From 469b6b3a75bf0a4bfc9b9fd7ad2ce5ebe0105699 Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrange" Date: Thu, 17 Dec 2009 17:39:43 +0000 Subject: [PATCH] Fix reporting of TLS connection errors The code for connecting to a server tries each socket in turn until it finds one that connects. Unfortunately for TLS sockets if it connected, but failed TLS handshake it would treat that as a failure to connect, and try the next socket. This is bad, it should have reported the TLS failure immediately. $ virsh -c qemu://somehost.com/system error: unable to connect to libvirtd at 'somehost.com': Invalid argument error: failed to connect to the hypervisor $ ./tools/virsh -c qemu://somehost.com/system error: server certificate failed validation: The certificate hasn't got a known issuer. error: failed to connect to the hypervisor * src/remote/remote_driver.c: Stop trying to connect if the TLS handshake fails --- src/remote/remote_driver.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index 945fa30fe1..23fd0e3264 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -632,7 +632,7 @@ doRemoteOpen (virConnectPtr conn, if (!priv->session) { close (priv->sock); priv->sock = -1; - continue; + goto failed; } } goto tcp_connected;