mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-23 14:15:28 +00:00
qemu: Store TLS config options for chardevs in qemuDomainChrSourcePrivate
When setting up TLS options from config in qemuDomainPrepareChardevSourceOne we can also extract the x509 certificate path and default tlsVerify setting so that 'qemuBuildChardevCommand' doesn't need to access the config object any more. Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
parent
1ea28569a0
commit
7b94408db5
@ -1476,7 +1476,7 @@ qemuBuildChardevStr(const virDomainChrSourceDef *dev,
|
|||||||
|
|
||||||
static int
|
static int
|
||||||
qemuBuildChardevCommand(virCommand *cmd,
|
qemuBuildChardevCommand(virCommand *cmd,
|
||||||
virQEMUDriverConfig *cfg,
|
virQEMUDriverConfig *cfg G_GNUC_UNUSED,
|
||||||
const virDomainChrSourceDef *dev,
|
const virDomainChrSourceDef *dev,
|
||||||
const char *charAlias,
|
const char *charAlias,
|
||||||
virQEMUCaps *qemuCaps)
|
virQEMUCaps *qemuCaps)
|
||||||
@ -1506,9 +1506,9 @@ qemuBuildChardevCommand(virCommand *cmd,
|
|||||||
if (!(objalias = qemuAliasTLSObjFromSrcAlias(charAlias)))
|
if (!(objalias = qemuAliasTLSObjFromSrcAlias(charAlias)))
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
if (qemuBuildTLSx509CommandLine(cmd, cfg->chardevTLSx509certdir,
|
if (qemuBuildTLSx509CommandLine(cmd, chrSourcePriv->tlsCertPath,
|
||||||
dev->data.tcp.listen,
|
dev->data.tcp.listen,
|
||||||
cfg->chardevTLSx509verify,
|
chrSourcePriv->tlsVerify,
|
||||||
tlsCertEncSecAlias,
|
tlsCertEncSecAlias,
|
||||||
objalias, qemuCaps) < 0) {
|
objalias, qemuCaps) < 0) {
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -867,6 +867,8 @@ qemuDomainChrSourcePrivateDispose(void *obj)
|
|||||||
VIR_FORCE_CLOSE(priv->fd);
|
VIR_FORCE_CLOSE(priv->fd);
|
||||||
VIR_FORCE_CLOSE(priv->logfd);
|
VIR_FORCE_CLOSE(priv->logfd);
|
||||||
|
|
||||||
|
g_free(priv->tlsCertPath);
|
||||||
|
|
||||||
g_free(priv->fdset);
|
g_free(priv->fdset);
|
||||||
g_free(priv->logFdset);
|
g_free(priv->logFdset);
|
||||||
g_free(priv->tlsCredsAlias);
|
g_free(priv->tlsCredsAlias);
|
||||||
@ -9754,6 +9756,11 @@ qemuDomainPrepareChardevSourceOne(virDomainDeviceDef *dev,
|
|||||||
charsrc->data.tcp.haveTLS = virTristateBoolFromBool(data->cfg->chardevTLS);
|
charsrc->data.tcp.haveTLS = virTristateBoolFromBool(data->cfg->chardevTLS);
|
||||||
charsrc->data.tcp.tlsFromConfig = true;
|
charsrc->data.tcp.tlsFromConfig = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (charsrc->data.tcp.haveTLS == VIR_TRISTATE_BOOL_YES) {
|
||||||
|
charpriv->tlsCertPath = g_strdup(data->cfg->chardevTLSx509certdir);
|
||||||
|
charpriv->tlsVerify = data->cfg->chardevTLSx509verify;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
@ -346,6 +346,9 @@ struct _qemuDomainChrSourcePrivate {
|
|||||||
int logfd; /* file descriptor of the logging source */
|
int logfd; /* file descriptor of the logging source */
|
||||||
bool wait; /* wait for incomming connections on chardev */
|
bool wait; /* wait for incomming connections on chardev */
|
||||||
|
|
||||||
|
char *tlsCertPath; /* path to certificates if TLS is requested */
|
||||||
|
bool tlsVerify; /* whether server should verify client certificates */
|
||||||
|
|
||||||
char *fdset; /* fdset path corresponding to the passed filedescriptor */
|
char *fdset; /* fdset path corresponding to the passed filedescriptor */
|
||||||
char *logFdset; /* fdset path corresponding to the passed filedescriptor for logfile */
|
char *logFdset; /* fdset path corresponding to the passed filedescriptor for logfile */
|
||||||
int passedFD; /* filedescriptor number when fdset passing it directly */
|
int passedFD; /* filedescriptor number when fdset passing it directly */
|
||||||
|
Loading…
Reference in New Issue
Block a user