qemu: Store TLS config options for chardevs in qemuDomainChrSourcePrivate

When setting up TLS options from config in qemuDomainPrepareChardevSourceOne
we can also extract the x509 certificate path and default tlsVerify
setting so that 'qemuBuildChardevCommand' doesn't need to access the
config object any more.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>

src/qemu/qemu_command.c

@@ -1476,7 +1476,7 @@ qemuBuildChardevStr(const virDomainChrSourceDef *dev,
 
 static int
 qemuBuildChardevCommand(virCommand *cmd,
-                        virQEMUDriverConfig *cfg,
+                        virQEMUDriverConfig *cfg G_GNUC_UNUSED,
                         const virDomainChrSourceDef *dev,
                         const char *charAlias,
                         virQEMUCaps *qemuCaps)
@@ -1506,9 +1506,9 @@ qemuBuildChardevCommand(virCommand *cmd,
             if (!(objalias = qemuAliasTLSObjFromSrcAlias(charAlias)))
                 return -1;
 
-            if (qemuBuildTLSx509CommandLine(cmd, cfg->chardevTLSx509certdir,
+            if (qemuBuildTLSx509CommandLine(cmd, chrSourcePriv->tlsCertPath,
                                             dev->data.tcp.listen,
-                                            cfg->chardevTLSx509verify,
+                                            chrSourcePriv->tlsVerify,
                                             tlsCertEncSecAlias,
                                             objalias, qemuCaps) < 0) {
                 return -1;

src/qemu/qemu_domain.c

@@ -867,6 +867,8 @@ qemuDomainChrSourcePrivateDispose(void *obj)
     VIR_FORCE_CLOSE(priv->fd);
     VIR_FORCE_CLOSE(priv->logfd);
 
+    g_free(priv->tlsCertPath);
+
     g_free(priv->fdset);
     g_free(priv->logFdset);
     g_free(priv->tlsCredsAlias);
@@ -9754,6 +9756,11 @@ qemuDomainPrepareChardevSourceOne(virDomainDeviceDef *dev,
                 charsrc->data.tcp.haveTLS = virTristateBoolFromBool(data->cfg->chardevTLS);
                 charsrc->data.tcp.tlsFromConfig = true;
             }
+
+            if (charsrc->data.tcp.haveTLS == VIR_TRISTATE_BOOL_YES) {
+                charpriv->tlsCertPath = g_strdup(data->cfg->chardevTLSx509certdir);
+                charpriv->tlsVerify = data->cfg->chardevTLSx509verify;
+            }
         }
         break;
 

src/qemu/qemu_domain.h

@@ -346,6 +346,9 @@ struct _qemuDomainChrSourcePrivate {
     int logfd; /* file descriptor of the logging source */
     bool wait; /* wait for incomming connections on chardev */
 
+    char *tlsCertPath; /* path to certificates if TLS is requested */
+    bool tlsVerify; /* whether server should verify client certificates */
+
     char *fdset; /* fdset path corresponding to the passed filedescriptor */
     char *logFdset; /* fdset path corresponding to the passed filedescriptor for logfile */
     int passedFD; /* filedescriptor number when fdset passing it directly */