mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-23 21:15:20 +00:00
qemu: Introduce qemuDomainGetTLSObjects
Split apart and rename qemuDomainGetChardevTLSObjects in order to make a more generic API that can create the TLS JSON prop objects (secret and tls-creds-x509) to be used to create the objects Signed-off-by: John Ferlan <jferlan@redhat.com>
This commit is contained in:
John Ferlan
parent
684b2170b0
commit
52c846afbe
@ -1607,40 +1607,34 @@ qemuDomainAddTLSObjects(virQEMUDriverPtr driver,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int
|
int
|
||||||
qemuDomainGetChardevTLSObjects(virQEMUDriverConfigPtr cfg,
|
qemuDomainGetTLSObjects(virQEMUCapsPtr qemuCaps,
|
||||||
qemuDomainObjPrivatePtr priv,
|
qemuDomainSecretInfoPtr secinfo,
|
||||||
virDomainChrSourceDefPtr dev,
|
const char *tlsCertdir,
|
||||||
char *charAlias,
|
bool tlsListen,
|
||||||
|
bool tlsVerify,
|
||||||
|
const char *srcAlias,
|
||||||
virJSONValuePtr *tlsProps,
|
virJSONValuePtr *tlsProps,
|
||||||
char **tlsAlias,
|
char **tlsAlias,
|
||||||
virJSONValuePtr *secProps,
|
virJSONValuePtr *secProps,
|
||||||
char **secAlias)
|
char **secAlias)
|
||||||
{
|
{
|
||||||
qemuDomainChrSourcePrivatePtr chrSourcePriv =
|
|
||||||
QEMU_DOMAIN_CHR_SOURCE_PRIVATE(dev);
|
|
||||||
|
|
||||||
/* Add a secret object in order to access the TLS environment.
|
/* Add a secret object in order to access the TLS environment.
|
||||||
* The secinfo will only be created for serial TCP device. */
|
* The secinfo will only be created for serial TCP device. */
|
||||||
if (chrSourcePriv && chrSourcePriv->secinfo) {
|
if (secinfo) {
|
||||||
if (qemuBuildSecretInfoProps(chrSourcePriv->secinfo, secProps) < 0)
|
if (qemuBuildSecretInfoProps(secinfo, secProps) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
if (!(*secAlias = qemuDomainGetSecretAESAlias(charAlias, false)))
|
if (!(*secAlias = qemuDomainGetSecretAESAlias(srcAlias, false)))
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (qemuBuildTLSx509BackendProps(cfg->chardevTLSx509certdir,
|
if (qemuBuildTLSx509BackendProps(tlsCertdir, tlsListen, tlsVerify,
|
||||||
dev->data.tcp.listen,
|
*secAlias, qemuCaps, tlsProps) < 0)
|
||||||
cfg->chardevTLSx509verify,
|
|
||||||
*secAlias,
|
|
||||||
priv->qemuCaps,
|
|
||||||
tlsProps) < 0)
|
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
if (!(*tlsAlias = qemuAliasTLSObjFromSrcAlias(charAlias)))
|
if (!(*tlsAlias = qemuAliasTLSObjFromSrcAlias(srcAlias)))
|
||||||
return -1;
|
return -1;
|
||||||
dev->data.tcp.tlscreds = true;
|
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -1659,6 +1653,8 @@ qemuDomainAddChardevTLSObjects(virConnectPtr conn,
|
|||||||
int ret = -1;
|
int ret = -1;
|
||||||
virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
|
virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
|
||||||
qemuDomainObjPrivatePtr priv = vm->privateData;
|
qemuDomainObjPrivatePtr priv = vm->privateData;
|
||||||
|
qemuDomainChrSourcePrivatePtr chrSourcePriv;
|
||||||
|
qemuDomainSecretInfoPtr secinfo = NULL;
|
||||||
virJSONValuePtr tlsProps = NULL;
|
virJSONValuePtr tlsProps = NULL;
|
||||||
virJSONValuePtr secProps = NULL;
|
virJSONValuePtr secProps = NULL;
|
||||||
|
|
||||||
@ -1674,10 +1670,17 @@ qemuDomainAddChardevTLSObjects(virConnectPtr conn,
|
|||||||
if (qemuDomainSecretChardevPrepare(conn, cfg, priv, devAlias, dev) < 0)
|
if (qemuDomainSecretChardevPrepare(conn, cfg, priv, devAlias, dev) < 0)
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
|
|
||||||
if (qemuDomainGetChardevTLSObjects(cfg, priv, dev, charAlias,
|
if ((chrSourcePriv = QEMU_DOMAIN_CHR_SOURCE_PRIVATE(dev)))
|
||||||
&tlsProps, tlsAlias,
|
secinfo = chrSourcePriv->secinfo;
|
||||||
|
|
||||||
|
if (qemuDomainGetTLSObjects(priv->qemuCaps, secinfo,
|
||||||
|
cfg->chardevTLSx509certdir,
|
||||||
|
dev->data.tcp.listen,
|
||||||
|
cfg->chardevTLSx509verify,
|
||||||
|
charAlias, &tlsProps, tlsAlias,
|
||||||
&secProps, secAlias) < 0)
|
&secProps, secAlias) < 0)
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
|
dev->data.tcp.tlscreds = true;
|
||||||
|
|
||||||
if (qemuDomainAddTLSObjects(driver, vm, *secAlias, &secProps,
|
if (qemuDomainAddTLSObjects(driver, vm, *secAlias, &secProps,
|
||||||
*tlsAlias, &tlsProps) < 0)
|
*tlsAlias, &tlsProps) < 0)
|
||||||
|
|||||||
@ -46,6 +46,17 @@ int qemuDomainAddTLSObjects(virQEMUDriverPtr driver,
|
|||||||
const char *tlsAlias,
|
const char *tlsAlias,
|
||||||
virJSONValuePtr *tlsProps);
|
virJSONValuePtr *tlsProps);
|
||||||
|
|
||||||
|
int qemuDomainGetTLSObjects(virQEMUCapsPtr qemuCaps,
|
||||||
|
qemuDomainSecretInfoPtr secinfo,
|
||||||
|
const char *tlsCertdir,
|
||||||
|
bool tlsListen,
|
||||||
|
bool tlsVerify,
|
||||||
|
const char *srcAlias,
|
||||||
|
virJSONValuePtr *tlsProps,
|
||||||
|
char **tlsAlias,
|
||||||
|
virJSONValuePtr *secProps,
|
||||||
|
char **secAlias);
|
||||||
|
|
||||||
int qemuDomainAttachControllerDevice(virQEMUDriverPtr driver,
|
int qemuDomainAttachControllerDevice(virQEMUDriverPtr driver,
|
||||||
virDomainObjPtr vm,
|
virDomainObjPtr vm,
|
||||||
virDomainControllerDefPtr controller);
|
virDomainControllerDefPtr controller);
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user