X-Git-Url: https://git.tld-linux.org/?p=packages%2Flibvirt.git;a=blobdiff_plain;f=libvirt-sasl.patch;h=570cb176ad04164d87f18103af277dc464be47f3;hp=5f6b5bd9fe76513fcf22092c2718d2ff9ee18a20;hb=6f7964ef1e23875dea5d65d1b93e8f8fc9c4267f;hpb=9b2b1b3551fcbf878735b46c0f00f1ad9be52007
diff --git a/libvirt-sasl.patch b/libvirt-sasl.patch
index 5f6b5bd..570cb17 100644
--- a/libvirt-sasl.patch
+++ b/libvirt-sasl.patch
@@ -1,6 +1,6 @@
-diff -urp libvirt-3.0.0.orig/daemon/libvirtd.conf libvirt-3.0.0/daemon/libvirtd.conf
---- libvirt-3.0.0.orig/daemon/libvirtd.conf 2017-02-11 15:58:23.924363757 +0000
-+++ libvirt-3.0.0/daemon/libvirtd.conf 2017-02-11 15:58:43.786363533 +0000
+diff -urp libvirt-3.2.0.orig/daemon/libvirtd.conf libvirt-3.2.0/daemon/libvirtd.conf
+--- libvirt-3.2.0.orig/daemon/libvirtd.conf 2017-02-24 14:48:08.985914076 +0000
++++ libvirt-3.2.0/daemon/libvirtd.conf 2017-04-11 12:46:54.195285389 +0000
@@ -123,7 +123,7 @@
# the network providing auth (eg, TLS/x509 certificates)
#
@@ -19,9 +19,9 @@ diff -urp libvirt-3.0.0.orig/daemon/libvirtd.conf libvirt-3.0.0/daemon/libvirtd.
#auth_tcp = "sasl"
# Change the authentication scheme for TLS sockets.
-diff -urp libvirt-3.0.0.orig/daemon/Makefile.am libvirt-3.0.0/daemon/Makefile.am
---- libvirt-3.0.0.orig/daemon/Makefile.am 2017-02-11 15:58:23.923363757 +0000
-+++ libvirt-3.0.0/daemon/Makefile.am 2017-02-11 15:58:43.786363533 +0000
+diff -urp libvirt-3.2.0.orig/daemon/Makefile.am libvirt-3.2.0/daemon/Makefile.am
+--- libvirt-3.2.0.orig/daemon/Makefile.am 2016-11-30 12:57:30.326292858 +0000
++++ libvirt-3.2.0/daemon/Makefile.am 2017-04-11 12:43:19.499270077 +0000
@@ -532,13 +532,13 @@ POD2MAN = pod2man -c "Virtualization Sup
# the WITH_LIBVIRTD conditional
if WITH_SASL
@@ -40,10 +40,10 @@ diff -urp libvirt-3.0.0.orig/daemon/Makefile.am libvirt-3.0.0/daemon/Makefile.am
else ! WITH_SASL
install-data-sasl:
uninstall-data-sasl:
-diff -urp libvirt-3.0.0.orig/daemon/Makefile.in libvirt-3.0.0/daemon/Makefile.in
---- libvirt-3.0.0.orig/daemon/Makefile.in 2017-02-11 15:58:23.923363757 +0000
-+++ libvirt-3.0.0/daemon/Makefile.in 2017-02-11 15:58:43.786363533 +0000
-@@ -2932,13 +2932,13 @@ admin_dispatch.h: $(top_srcdir)/src/rpc/
+diff -urp libvirt-3.2.0.orig/daemon/Makefile.in libvirt-3.2.0/daemon/Makefile.in
+--- libvirt-3.2.0.orig/daemon/Makefile.in 2017-04-02 14:57:47.028717494 +0000
++++ libvirt-3.2.0/daemon/Makefile.in 2017-04-11 12:43:19.500270077 +0000
+@@ -2934,13 +2934,13 @@ admin_dispatch.h: $(top_srcdir)/src/rpc/
# This is needed for clients too, so can't wrap in
# the WITH_LIBVIRTD conditional
@WITH_SASL_TRUE@install-data-sasl:
@@ -61,34 +61,34 @@ diff -urp libvirt-3.0.0.orig/daemon/Makefile.in libvirt-3.0.0/daemon/Makefile.in
@WITH_SASL_FALSE@install-data-sasl:
@WITH_SASL_FALSE@uninstall-data-sasl:
-diff -urp libvirt-3.0.0.orig/docs/auth.html libvirt-3.0.0/docs/auth.html
---- libvirt-3.0.0.orig/docs/auth.html 2017-02-11 15:58:23.865363758 +0000
-+++ libvirt-3.0.0/docs/auth.html 2017-02-11 15:58:43.787363533 +0000
-@@ -257,7 +257,7 @@ again:
- The plain TCP socket of the libvirt daemon defaults to using SASL for authentication.
- The SASL mechanism configured by default is DIGEST-MD5, which provides a basic
- username+password style authentication. To enable Kerberos single-sign-on instead,
--the libvirt SASL configuration file must be changed. This is /etc/sasl2/libvirt.conf
.
-+the libvirt SASL configuration file must be changed. This is /etc/sasl/libvirt.conf
.
- The mech_list
parameter must first be changed to gssapi
- instead of the default digest-md5
, and keytab should be set to
- /etc/libvirt/krb5.tab
. If SASL is enabled on the UNIX
-diff -urp libvirt-3.0.0.orig/docs/auth.html.in libvirt-3.0.0/docs/auth.html.in
---- libvirt-3.0.0.orig/docs/auth.html.in 2017-02-11 15:58:23.867363758 +0000
-+++ libvirt-3.0.0/docs/auth.html.in 2017-02-11 15:58:43.787363533 +0000
-@@ -246,7 +246,7 @@ again:
- The plain TCP socket of the libvirt daemon defaults to using SASL for authentication.
- The SASL mechanism configured by default is DIGEST-MD5, which provides a basic
- username+password style authentication. To enable Kerberos single-sign-on instead,
--the libvirt SASL configuration file must be changed. This is /etc/sasl2/libvirt.conf
.
-+the libvirt SASL configuration file must be changed. This is /etc/sasl/libvirt.conf
.
- The mech_list
parameter must first be changed to gssapi
- instead of the default digest-md5
, and keytab should be set to
- /etc/libvirt/krb5.tab
. If SASL is enabled on the UNIX
-diff -urp libvirt-3.0.0.orig/libvirt.spec libvirt-3.0.0/libvirt.spec
---- libvirt-3.0.0.orig/libvirt.spec 2017-02-11 15:58:23.878363757 +0000
-+++ libvirt-3.0.0/libvirt.spec 2017-02-11 15:58:43.787363533 +0000
-@@ -1844,7 +1844,7 @@ exit 0
+diff -urp libvirt-3.2.0.orig/docs/auth.html libvirt-3.2.0/docs/auth.html
+--- libvirt-3.2.0.orig/docs/auth.html 2017-03-28 07:02:00.525629157 +0000
++++ libvirt-3.2.0/docs/auth.html 2017-04-11 12:47:17.292287037 +0000
+@@ -265,7 +265,7 @@ to turn on SASL auth in these listeners.
+
+ Since the libvirt SASL config file defaults to using GSSAPI (Kerberos), a
+ config change is rquired to enable plain password auth. This is done by
+-editting /etc/sasl2/libvirt.conf
to set the mech_list
++editting /etc/sasl/libvirt.conf
to set the mech_list
+ parameter to scram-sha-1
.
+
+diff -urp libvirt-3.2.0.orig/docs/auth.html.in libvirt-3.2.0/docs/auth.html.in +--- libvirt-3.2.0.orig/docs/auth.html.in 2017-03-24 11:48:12.048612800 +0000 ++++ libvirt-3.2.0/docs/auth.html.in 2017-04-11 12:47:14.492286837 +0000 +@@ -267,7 +267,7 @@ to turn on SASL auth in these listeners. +
+ Since the libvirt SASL config file defaults to using GSSAPI (Kerberos), a
+ config change is rquired to enable plain password auth. This is done by
+-editting /etc/sasl2/libvirt.conf
to set the mech_list
++editting /etc/sasl/libvirt.conf
to set the mech_list
+ parameter to scram-sha-1
.
+
+diff -urp libvirt-3.2.0.orig/libvirt.spec libvirt-3.2.0/libvirt.spec +--- libvirt-3.2.0.orig/libvirt.spec 2017-04-02 14:58:24.226088535 +0000 ++++ libvirt-3.2.0/libvirt.spec 2017-04-11 12:43:19.501270077 +0000 +@@ -1988,7 +1988,7 @@ exit 0 %{_datadir}/libvirt/test-screenshot.png @@ -97,10 +97,10 @@ diff -urp libvirt-3.0.0.orig/libvirt.spec libvirt-3.0.0/libvirt.spec %files admin %{_mandir}/man1/virt-admin.1* -diff -urp libvirt-3.0.0.orig/libvirt.spec.in libvirt-3.0.0/libvirt.spec.in ---- libvirt-3.0.0.orig/libvirt.spec.in 2017-02-11 15:58:23.877363757 +0000 -+++ libvirt-3.0.0/libvirt.spec.in 2017-02-11 15:58:43.787363533 +0000 -@@ -1844,7 +1844,7 @@ exit 0 +diff -urp libvirt-3.2.0.orig/libvirt.spec.in libvirt-3.2.0/libvirt.spec.in +--- libvirt-3.2.0.orig/libvirt.spec.in 2017-04-02 14:53:27.904098953 +0000 ++++ libvirt-3.2.0/libvirt.spec.in 2017-04-11 12:43:19.501270077 +0000 +@@ -1988,7 +1988,7 @@ exit 0 %{_datadir}/libvirt/test-screenshot.png @@ -109,10 +109,10 @@ diff -urp libvirt-3.0.0.orig/libvirt.spec.in libvirt-3.0.0/libvirt.spec.in %files admin %{_mandir}/man1/virt-admin.1* -diff -urp libvirt-3.0.0.orig/src/qemu/qemu.conf libvirt-3.0.0/src/qemu/qemu.conf ---- libvirt-3.0.0.orig/src/qemu/qemu.conf 2017-02-11 15:58:23.898363757 +0000 -+++ libvirt-3.0.0/src/qemu/qemu.conf 2017-02-11 15:58:43.788363533 +0000 -@@ -112,18 +112,18 @@ +diff -urp libvirt-3.2.0.orig/src/qemu/qemu.conf libvirt-3.2.0/src/qemu/qemu.conf +--- libvirt-3.2.0.orig/src/qemu/qemu.conf 2017-03-28 06:58:37.453915260 +0000 ++++ libvirt-3.2.0/src/qemu/qemu.conf 2017-04-11 12:47:07.132286312 +0000 +@@ -119,18 +119,18 @@ # Examples include vinagre, virt-viewer and virt-manager # itself. UltraVNC, RealVNC, TightVNC do not support this # @@ -134,7 +134,7 @@ diff -urp libvirt-3.0.0.orig/src/qemu/qemu.conf libvirt-3.0.0/src/qemu/qemu.conf # QEMU implements an extension for providing audio over a VNC connection, -@@ -187,17 +187,17 @@ +@@ -194,17 +194,17 @@ # Enable use of SASL encryption on the SPICE server. This requires # a SPICE client which supports the SASL protocol extension. # @@ -155,9 +155,9 @@ diff -urp libvirt-3.0.0.orig/src/qemu/qemu.conf libvirt-3.0.0/src/qemu/qemu.conf # Enable use of TLS encryption on the chardev TCP transports. # -diff -urp libvirt-3.0.0.orig/src/qemu/test_libvirtd_qemu.aug.in libvirt-3.0.0/src/qemu/test_libvirtd_qemu.aug.in ---- libvirt-3.0.0.orig/src/qemu/test_libvirtd_qemu.aug.in 2017-02-11 15:58:23.898363757 +0000 -+++ libvirt-3.0.0/src/qemu/test_libvirtd_qemu.aug.in 2017-02-11 15:58:43.788363533 +0000 +diff -urp libvirt-3.2.0.orig/src/qemu/test_libvirtd_qemu.aug.in libvirt-3.2.0/src/qemu/test_libvirtd_qemu.aug.in +--- libvirt-3.2.0.orig/src/qemu/test_libvirtd_qemu.aug.in 2017-03-28 06:58:37.467915094 +0000 ++++ libvirt-3.2.0/src/qemu/test_libvirtd_qemu.aug.in 2017-04-11 12:43:19.502270077 +0000 @@ -12,7 +12,7 @@ module Test_libvirtd_qemu = { "vnc_tls_x509_verify" = "1" } { "vnc_password" = "XYZ12345" } @@ -176,9 +176,9 @@ diff -urp libvirt-3.0.0.orig/src/qemu/test_libvirtd_qemu.aug.in libvirt-3.0.0/sr { "chardev_tls" = "1" } { "chardev_tls_x509_cert_dir" = "/etc/pki/libvirt-chardev" } { "chardev_tls_x509_verify" = "1" } -diff -urp libvirt-3.0.0.orig/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-sasl.args libvirt-3.0.0/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-sasl.args ---- libvirt-3.0.0.orig/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-sasl.args 2017-02-11 15:58:23.938363757 +0000 -+++ libvirt-3.0.0/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-sasl.args 2017-02-11 15:58:43.788363533 +0000 +diff -urp libvirt-3.2.0.orig/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-sasl.args libvirt-3.2.0/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-sasl.args +--- libvirt-3.2.0.orig/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-sasl.args 2016-02-16 14:25:07.637706478 +0000 ++++ libvirt-3.2.0/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-sasl.args 2017-04-11 12:43:19.502270077 +0000 @@ -3,7 +3,7 @@ PATH=/bin \ HOME=/home/test \ USER=test \ @@ -188,9 +188,9 @@ diff -urp libvirt-3.0.0.orig/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-sa QEMU_AUDIO_DRV=none \ /usr/bin/qemu \ -name QEMUGuest1 \ -diff -urp libvirt-3.0.0.orig/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-tls.args libvirt-3.0.0/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-tls.args ---- libvirt-3.0.0.orig/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-tls.args 2017-02-11 15:58:23.938363757 +0000 -+++ libvirt-3.0.0/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-tls.args 2017-02-11 15:58:43.788363533 +0000 +diff -urp libvirt-3.2.0.orig/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-tls.args libvirt-3.2.0/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-tls.args +--- libvirt-3.2.0.orig/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-tls.args 2016-02-16 14:25:07.637706478 +0000 ++++ libvirt-3.2.0/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-tls.args 2017-04-11 12:43:19.502270077 +0000 @@ -3,7 +3,7 @@ PATH=/bin \ HOME=/home/test \ USER=test \ @@ -200,9 +200,9 @@ diff -urp libvirt-3.0.0.orig/tests/qemuargv2xmldata/qemuargv2xml-graphics-vnc-tl QEMU_AUDIO_DRV=none \ /usr/bin/qemu \ -name QEMUGuest1 \ -diff -urp libvirt-3.0.0.orig/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-sasl.args libvirt-3.0.0/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-sasl.args ---- libvirt-3.0.0.orig/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-sasl.args 2017-02-11 15:58:23.949363757 +0000 -+++ libvirt-3.0.0/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-sasl.args 2017-02-11 15:58:43.788363533 +0000 +diff -urp libvirt-3.2.0.orig/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-sasl.args libvirt-3.2.0/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-sasl.args +--- libvirt-3.2.0.orig/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-sasl.args 2016-07-27 12:39:35.395705103 +0000 ++++ libvirt-3.2.0/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-sasl.args 2017-04-11 12:43:19.502270077 +0000 @@ -3,7 +3,7 @@ PATH=/bin \ HOME=/home/test \ USER=test \ @@ -212,9 +212,9 @@ diff -urp libvirt-3.0.0.orig/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice- QEMU_AUDIO_DRV=spice \ /usr/bin/qemu \ -name QEMUGuest1 \ -diff -urp libvirt-3.0.0.orig/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args libvirt-3.0.0/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args ---- libvirt-3.0.0.orig/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args 2017-02-11 15:58:23.950363757 +0000 -+++ libvirt-3.0.0/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args 2017-02-11 15:58:43.788363533 +0000 +diff -urp libvirt-3.2.0.orig/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args libvirt-3.2.0/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args +--- libvirt-3.2.0.orig/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args 2016-07-27 12:39:35.396705092 +0000 ++++ libvirt-3.2.0/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args 2017-04-11 12:43:19.502270077 +0000 @@ -3,7 +3,7 @@ PATH=/bin \ HOME=/home/test \ USER=test \ @@ -224,9 +224,9 @@ diff -urp libvirt-3.0.0.orig/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sa QEMU_AUDIO_DRV=none \ /usr/bin/qemu \ -name QEMUGuest1 \ -diff -urp libvirt-3.0.0.orig/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args libvirt-3.0.0/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args ---- libvirt-3.0.0.orig/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args 2017-02-11 15:58:23.950363757 +0000 -+++ libvirt-3.0.0/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args 2017-02-11 15:58:43.788363533 +0000 +diff -urp libvirt-3.2.0.orig/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args libvirt-3.2.0/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args +--- libvirt-3.2.0.orig/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args 2016-07-27 12:39:35.396705092 +0000 ++++ libvirt-3.2.0/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args 2017-04-11 12:43:19.502270077 +0000 @@ -3,7 +3,7 @@ PATH=/bin \ HOME=/home/test \ USER=test \ @@ -236,10 +236,10 @@ diff -urp libvirt-3.0.0.orig/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tl QEMU_AUDIO_DRV=none \ /usr/bin/qemu \ -name QEMUGuest1 \ -diff -urp libvirt-3.0.0.orig/tests/qemuxml2argvtest.c libvirt-3.0.0/tests/qemuxml2argvtest.c ---- libvirt-3.0.0.orig/tests/qemuxml2argvtest.c 2017-02-11 15:58:23.934363757 +0000 -+++ libvirt-3.0.0/tests/qemuxml2argvtest.c 2017-02-11 15:59:22.996363092 +0000 -@@ -1033,7 +1033,7 @@ mymain(void) +diff -urp libvirt-3.2.0.orig/tests/qemuxml2argvtest.c libvirt-3.2.0/tests/qemuxml2argvtest.c +--- libvirt-3.2.0.orig/tests/qemuxml2argvtest.c 2017-03-28 06:58:37.491914811 +0000 ++++ libvirt-3.2.0/tests/qemuxml2argvtest.c 2017-04-11 12:43:19.503270077 +0000 +@@ -1032,7 +1032,7 @@ mymain(void) driver.config->vncSASL = 1; VIR_FREE(driver.config->vncSASLdir); @@ -248,7 +248,7 @@ diff -urp libvirt-3.0.0.orig/tests/qemuxml2argvtest.c libvirt-3.0.0/tests/qemuxm DO_TEST("graphics-vnc-sasl", QEMU_CAPS_VNC, QEMU_CAPS_DEVICE_CIRRUS_VGA); driver.config->vncTLS = 1; driver.config->vncTLSx509verify = 1; -@@ -1057,7 +1057,7 @@ mymain(void) +@@ -1056,7 +1056,7 @@ mymain(void) DO_TEST("graphics-spice-no-args", QEMU_CAPS_SPICE, QEMU_CAPS_DEVICE_CIRRUS_VGA); driver.config->spiceSASL = 1; @@ -257,9 +257,9 @@ diff -urp libvirt-3.0.0.orig/tests/qemuxml2argvtest.c libvirt-3.0.0/tests/qemuxm DO_TEST("graphics-spice-sasl", QEMU_CAPS_SPICE, QEMU_CAPS_DEVICE_QXL); -diff -urp libvirt-3.0.0.orig/tests/virconfdata/libvirtd.conf libvirt-3.0.0/tests/virconfdata/libvirtd.conf ---- libvirt-3.0.0.orig/tests/virconfdata/libvirtd.conf 2017-02-11 15:58:24.047363756 +0000 -+++ libvirt-3.0.0/tests/virconfdata/libvirtd.conf 2017-02-11 15:58:43.789363533 +0000 +diff -urp libvirt-3.2.0.orig/tests/virconfdata/libvirtd.conf libvirt-3.2.0/tests/virconfdata/libvirtd.conf +--- libvirt-3.2.0.orig/tests/virconfdata/libvirtd.conf 2016-04-26 02:20:09.322242995 +0000 ++++ libvirt-3.2.0/tests/virconfdata/libvirtd.conf 2017-04-11 12:47:00.916285869 +0000 @@ -108,7 +108,7 @@ unix_sock_admin_perms = "0700" # the network providing auth (eg, TLS/x509 certificates) # @@ -278,9 +278,9 @@ diff -urp libvirt-3.0.0.orig/tests/virconfdata/libvirtd.conf libvirt-3.0.0/tests auth_tcp = "sasl" # Change the authentication scheme for TLS sockets. -diff -urp libvirt-3.0.0.orig/tests/virconfdata/libvirtd.out libvirt-3.0.0/tests/virconfdata/libvirtd.out ---- libvirt-3.0.0.orig/tests/virconfdata/libvirtd.out 2017-02-11 15:58:24.047363756 +0000 -+++ libvirt-3.0.0/tests/virconfdata/libvirtd.out 2017-02-11 15:58:43.789363533 +0000 +diff -urp libvirt-3.2.0.orig/tests/virconfdata/libvirtd.out libvirt-3.2.0/tests/virconfdata/libvirtd.out +--- libvirt-3.2.0.orig/tests/virconfdata/libvirtd.out 2016-04-26 02:20:09.322242995 +0000 ++++ libvirt-3.2.0/tests/virconfdata/libvirtd.out 2017-04-11 12:46:58.300285682 +0000 @@ -87,7 +87,7 @@ unix_sock_admin_perms = "0700" # the network providing auth (eg, TLS/x509 certificates) #