External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-23 13:05:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

qemu: Introduce qemuDomainGetTLSObjects

Browse Source 
Split apart and rename qemuDomainGetChardevTLSObjects in order to make a
more generic API that can create the TLS JSON prop objects (secret and
tls-creds-x509) to be used to create the objects

Signed-off-by: John Ferlan <jferlan@redhat.com>
This commit is contained in:
John Ferlan 2017-02-17 10:06:14 -05:00
parent 684b2170b0
commit 52c846afbe
2 changed files with 40 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
src/qemu/qemu_hotplug.c
View File

@ -1607,40 +1607,34 @@ qemuDomainAddTLSObjects(virQEMUDriverPtr driver,
}
static int
qemuDomainGetChardevTLSObjects(virQEMUDriverConfigPtr cfg,
qemuDomainObjPrivatePtr priv,
virDomainChrSourceDefPtr dev,
char *charAlias,
virJSONValuePtr *tlsProps,
char **tlsAlias,
virJSONValuePtr *secProps,
char **secAlias)
int
qemuDomainGetTLSObjects(virQEMUCapsPtr qemuCaps,
qemuDomainSecretInfoPtr secinfo,
const char *tlsCertdir,
bool tlsListen,
bool tlsVerify,
const char *srcAlias,
virJSONValuePtr *tlsProps,
char **tlsAlias,
virJSONValuePtr *secProps,
char **secAlias)
{
qemuDomainChrSourcePrivatePtr chrSourcePriv =
QEMU_DOMAIN_CHR_SOURCE_PRIVATE(dev);
/* Add a secret object in order to access the TLS environment.
* The secinfo will only be created for serial TCP device. */
if (chrSourcePriv && chrSourcePriv->secinfo) {
if (qemuBuildSecretInfoProps(chrSourcePriv->secinfo, secProps) < 0)
if (secinfo) {
if (qemuBuildSecretInfoProps(secinfo, secProps) < 0)
return -1;
if (!(*secAlias = qemuDomainGetSecretAESAlias(charAlias, false)))
if (!(*secAlias = qemuDomainGetSecretAESAlias(srcAlias, false)))
return -1;
}
if (qemuBuildTLSx509BackendProps(cfg->chardevTLSx509certdir,
dev->data.tcp.listen,
cfg->chardevTLSx509verify,
*secAlias,
priv->qemuCaps,
tlsProps) < 0)
if (qemuBuildTLSx509BackendProps(tlsCertdir, tlsListen, tlsVerify,
*secAlias, qemuCaps, tlsProps) < 0)
return -1;
if (!(*tlsAlias = qemuAliasTLSObjFromSrcAlias(charAlias)))
if (!(*tlsAlias = qemuAliasTLSObjFromSrcAlias(srcAlias)))
return -1;
dev->data.tcp.tlscreds = true;
return 0;
}
@ -1659,6 +1653,8 @@ qemuDomainAddChardevTLSObjects(virConnectPtr conn,
int ret = -1;
virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
qemuDomainObjPrivatePtr priv = vm->privateData;
qemuDomainChrSourcePrivatePtr chrSourcePriv;
qemuDomainSecretInfoPtr secinfo = NULL;
virJSONValuePtr tlsProps = NULL;
virJSONValuePtr secProps = NULL;
@ -1674,10 +1670,17 @@ qemuDomainAddChardevTLSObjects(virConnectPtr conn,
if (qemuDomainSecretChardevPrepare(conn, cfg, priv, devAlias, dev) < 0)
goto cleanup;
if (qemuDomainGetChardevTLSObjects(cfg, priv, dev, charAlias,
&tlsProps, tlsAlias,
&secProps, secAlias) < 0)
if ((chrSourcePriv = QEMU_DOMAIN_CHR_SOURCE_PRIVATE(dev)))
secinfo = chrSourcePriv->secinfo;
if (qemuDomainGetTLSObjects(priv->qemuCaps, secinfo,
cfg->chardevTLSx509certdir,
dev->data.tcp.listen,
cfg->chardevTLSx509verify,
charAlias, &tlsProps, tlsAlias,
&secProps, secAlias) < 0)
goto cleanup;
dev->data.tcp.tlscreds = true;
if (qemuDomainAddTLSObjects(driver, vm, *secAlias, &secProps,
*tlsAlias, &tlsProps) < 0)

11
src/qemu/qemu_hotplug.h
View File

@ -46,6 +46,17 @@ int qemuDomainAddTLSObjects(virQEMUDriverPtr driver,
const char *tlsAlias,
virJSONValuePtr *tlsProps);
int qemuDomainGetTLSObjects(virQEMUCapsPtr qemuCaps,
qemuDomainSecretInfoPtr secinfo,
const char *tlsCertdir,
bool tlsListen,
bool tlsVerify,
const char *srcAlias,
virJSONValuePtr *tlsProps,
char **tlsAlias,
virJSONValuePtr *secProps,
char **secAlias);
int qemuDomainAttachControllerDevice(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainControllerDefPtr controller);