Re: [Libguestfs] [PATCH] client: Don't confuse Unix socket with TLS hostname

When using -u but not -H, we were ending up calling gnutls_session_set_verify_cert() with the Unix socket's path name, which is bound to fail (hostnames don't start with /). Saner is to only default tlshostname when using TCP sockets. See also https://gitlab.com/nbdkit/nbdkit/-/issues/1, as this was detected during an attempt to prove TLS interoperability between nbd-client and nbdkit. Pre-patch, I have to add '-H localhost' to the nbd-client command line when using nbdkit with a Unix socket, but not when using a TCP socket; post-patch, I can omit -H and still connect /dev/nbd0 over TLS using either TCP or Unix. Signed-off-by: Eric Blake <eblake(a)redhat.com&gt; --- nbd-client.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nbd-client.c b/nbd-client.c index e9079a9..463ff86 100644 --- a/nbd-client.c +++ b/nbd-client.c @@ -1186,7 +1186,7 @@ int main(int argc, char *argv[]) { } } - if (!tlshostname && hostname) + if (!tlshostname && hostname && !b_unix) tlshostname = strdup(hostname); if (netlink) -- 2.31.1