diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index a051e5a4e8..48f6ccbf50 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -767,15 +767,9 @@ qemuBuildTLSx509BackendProps(const char *tlspath, bool verifypeer, const char *alias, const char *secalias, - virQEMUCaps *qemuCaps, + virQEMUCaps *qemuCaps G_GNUC_UNUSED, virJSONValue **propsret) { - if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_OBJECT_TLS_CREDS_X509)) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("tls-creds-x509 not supported in this QEMU binary")); - return -1; - } - if (qemuMonitorCreateObjectProps(propsret, "tls-creds-x509", alias, "s:dir", tlspath, "s:endpoint", (isListen ? "server": "client"), diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 9a20938417..584bf5003f 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1406,15 +1406,11 @@ qemuDomainSecretGraphicsPrepare(virQEMUDriverConfig *cfg, qemuDomainObjPrivate *priv, virDomainGraphicsDef *graphics) { - virQEMUCaps *qemuCaps = priv->qemuCaps; qemuDomainGraphicsPrivate *gfxPriv = QEMU_DOMAIN_GRAPHICS_PRIVATE(graphics); if (graphics->type != VIR_DOMAIN_GRAPHICS_TYPE_VNC) return 0; - if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_OBJECT_TLS_CREDS_X509)) - return 0; - if (!cfg->vncTLS) return 0; diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index 4fc344b493..865b42f81f 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -1083,7 +1083,6 @@ qemuValidateDomainDef(const virDomainDef *def, void *parseOpaque) { virQEMUDriver *driver = opaque; - g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver); g_autoptr(virQEMUCaps) qemuCapsLocal = NULL; virQEMUCaps *qemuCaps = parseOpaque; size_t i; @@ -1218,18 +1217,6 @@ qemuValidateDomainDef(const virDomainDef *def, if (qemuValidateDomainDefConsole(def, qemuCaps) < 0) return -1; - if (cfg->vncTLS && cfg->vncTLSx509secretUUID && - !virQEMUCapsGet(qemuCaps, QEMU_CAPS_OBJECT_TLS_CREDS_X509)) { - for (i = 0; i < def->ngraphics; i++) { - if (def->graphics[i]->type == VIR_DOMAIN_GRAPHICS_TYPE_VNC) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("encrypted VNC TLS keys are not supported with " - "this QEMU binary")); - return -1; - } - } - } - for (i = 0; i < def->nsysinfo; i++) { if (qemuValidateDomainDefSysinfo(def->sysinfo[i]) < 0) return -1; diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index c3ba9df9af..d6aeccba3f 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1660,22 +1660,18 @@ mymain(void) QEMU_CAPS_DEVICE_ISA_SERIAL); driver.config->chardevTLS = 1; DO_TEST("serial-tcp-tlsx509-chardev", - QEMU_CAPS_DEVICE_ISA_SERIAL, - QEMU_CAPS_OBJECT_TLS_CREDS_X509); + QEMU_CAPS_DEVICE_ISA_SERIAL); driver.config->chardevTLSx509verify = 1; DO_TEST("serial-tcp-tlsx509-chardev-verify", - QEMU_CAPS_DEVICE_ISA_SERIAL, - QEMU_CAPS_OBJECT_TLS_CREDS_X509); + QEMU_CAPS_DEVICE_ISA_SERIAL); driver.config->chardevTLSx509verify = 0; DO_TEST("serial-tcp-tlsx509-chardev-notls", - QEMU_CAPS_DEVICE_ISA_SERIAL, - QEMU_CAPS_OBJECT_TLS_CREDS_X509); + QEMU_CAPS_DEVICE_ISA_SERIAL); VIR_FREE(driver.config->chardevTLSx509certdir); driver.config->chardevTLSx509certdir = g_strdup("/etc/pki/libvirt-chardev"); driver.config->chardevTLSx509secretUUID = g_strdup("6fd3f62d-9fe7-4a4e-a869-7acd6376d8ea"); DO_TEST("serial-tcp-tlsx509-secret-chardev", - QEMU_CAPS_DEVICE_ISA_SERIAL, - QEMU_CAPS_OBJECT_TLS_CREDS_X509); + QEMU_CAPS_DEVICE_ISA_SERIAL); driver.config->chardevTLS = 0; VIR_FREE(driver.config->chardevTLSx509certdir); DO_TEST("serial-many-chardev",