External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-11 07:17:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

qemu: command: Don't generate alias for TLS private key password secret

Browse Source 
qemuBuildTLSx509CommandLine has no business guessing which alias should
be used. The alias needs to be passed in.

Note that there's a lingering bad design of this, since the secret
object alias is based on the device name and not on the fact that the
secret is used for decrypting of the TLS private key. If we ever add
authentication for chardevs this will bite us.

Thankfully disk code does not support encrypted private keys for TLS so
it can be happily refactored there.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
Peter Krempa 2018-05-29 18:04:42 +02:00
parent 9083586b21
commit 8a5cd05b55
1 changed files with 15 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/qemu/qemu_command.c
View File

@ -723,7 +723,8 @@ qemuBuildTLSx509BackendProps(const char *tlspath,
* @tlspath: path to the TLS credentials
* @listen: boolen listen for client or server setting
* @verifypeer: boolean to enable peer verification (form of authorization)
* @addpasswordid: boolean to handle adding passwordid to object
* @certEncSecretAlias: alias of a 'secret' object for decrypting TLS private key
* (optional)
* @inalias: Alias for the parent to generate object alias
* @qemuCaps: capabilities
*
@ -736,7 +737,7 @@ qemuBuildTLSx509CommandLine(virCommandPtr cmd,
const char *tlspath,
bool isListen,
bool verifypeer,
bool addpasswordid,
const char *certEncSecretAlias,
const char *inalias,
virQEMUCapsPtr qemuCaps)
{
@ -744,13 +745,9 @@ qemuBuildTLSx509CommandLine(virCommandPtr cmd,
char *objalias = NULL;
virJSONValuePtr props = NULL;
char *tmp = NULL;
char *secalias = NULL;
if (addpasswordid &&
!(secalias = qemuDomainGetSecretAESAlias(inalias, false)))
return -1;
if (qemuBuildTLSx509BackendProps(tlspath, isListen, verifypeer, secalias,
if (qemuBuildTLSx509BackendProps(tlspath, isListen, verifypeer,
certEncSecretAlias,
qemuCaps, &props) < 0)
goto cleanup;
@ -769,7 +766,6 @@ qemuBuildTLSx509CommandLine(virCommandPtr cmd,
virJSONValueFree(props);
VIR_FREE(objalias);
VIR_FREE(tmp);
VIR_FREE(secalias);
return ret;
}
@ -793,7 +789,7 @@ qemuBuildDiskSrcTLSx509CommandLine(virCommandPtr cmd,
src->haveTLS == VIR_TRISTATE_BOOL_YES) {
return qemuBuildTLSx509CommandLine(cmd, src->tlsCertdir,
false, src->tlsVerify,
false, srcalias, qemuCaps);
NULL, srcalias, qemuCaps);
}
return 0;
@ -4986,20 +4982,24 @@ qemuBuildChrChardevStr(virLogManagerPtr logManager,
qemuDomainChrSourcePrivatePtr chrSourcePriv =
QEMU_DOMAIN_CHR_SOURCE_PRIVATE(dev);
char *objalias = NULL;
const char *tlsCertEncSecAlias = NULL;
/* Add the secret object first if necessary. The
* secinfo is added only to a TCP serial device during
* qemuDomainSecretChardevPrepare. Subsequently called
* functions can just check the config fields */
if (chrSourcePriv && chrSourcePriv->secinfo &&
qemuBuildObjectSecretCommandLine(cmd,
chrSourcePriv->secinfo) < 0)
goto cleanup;
if (chrSourcePriv && chrSourcePriv->secinfo) {
if (qemuBuildObjectSecretCommandLine(cmd,
chrSourcePriv->secinfo) < 0)
goto cleanup;
tlsCertEncSecAlias = chrSourcePriv->secinfo->s.aes.alias;
}
if (qemuBuildTLSx509CommandLine(cmd, cfg->chardevTLSx509certdir,
dev->data.tcp.listen,
cfg->chardevTLSx509verify,
!!cfg->chardevTLSx509secretUUID,
tlsCertEncSecAlias,
charAlias, qemuCaps) < 0)
goto cleanup;