From ab7b3167b383b2af9bace432c17b5301ce4b8bc2 Mon Sep 17 00:00:00 2001 From: Peter Krempa Date: Tue, 30 Jun 2020 17:08:44 +0200 Subject: [PATCH] tests: qemuxml2argv: Test encrypted TLS key for nbd/vxhs disks Add a dummy secret so that we see what command line is generated. Signed-off-by: Peter Krempa Reviewed-by: Eric Blake --- .../disk-network-tlsx509.x86_64-2.12.0.args | 15 ++++++++++++--- .../disk-network-tlsx509.x86_64-latest.args | 18 +++++++++++++++--- tests/qemuxml2argvtest.c | 2 ++ 3 files changed, 29 insertions(+), 6 deletions(-) diff --git a/tests/qemuxml2argvdata/disk-network-tlsx509.x86_64-2.12.0.args b/tests/qemuxml2argvdata/disk-network-tlsx509.x86_64-2.12.0.args index 06686f801d..2a30ad02c9 100644 --- a/tests/qemuxml2argvdata/disk-network-tlsx509.x86_64-2.12.0.args +++ b/tests/qemuxml2argvdata/disk-network-tlsx509.x86_64-2.12.0.args @@ -28,8 +28,11 @@ file=/tmp/lib/domain--1-QEMUGuest1/master-key.aes \ -no-acpi \ -boot strict=on \ -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 \ +-object secret,id=objvirtio-disk0_tls0-secret0,\ +data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\ +keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \ -object tls-creds-x509,id=objvirtio-disk0_tls0,dir=/etc/pki/libvirt-vxhs/dummy,\ -,path,endpoint=client,verify-peer=yes \ +,path,endpoint=client,verify-peer=yes,passwordid=objvirtio-disk0_tls0-secret0 \ -drive file.driver=vxhs,file.tls-creds=objvirtio-disk0_tls0,\ file.vdisk-id=eb90327c-8302-4725-9e1b-4e85ed4dc251,\ file.server.host=192.168.0.1,file.server.port=9999,format=raw,if=none,\ @@ -37,8 +40,11 @@ id=drive-virtio-disk0,cache=none \ -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,\ id=virtio-disk0,bootindex=1,write-cache=on,\ serial=eb90327c-8302-4725-9e1b-4e85ed4dc251 \ +-object secret,id=objvirtio-disk1_tls0-secret0,\ +data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\ +keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \ -object tls-creds-x509,id=objvirtio-disk1_tls0,dir=/etc/pki/libvirt-vxhs/dummy,\ -,path,endpoint=client,verify-peer=yes \ +,path,endpoint=client,verify-peer=yes,passwordid=objvirtio-disk1_tls0-secret0 \ -drive file.driver=vxhs,file.tls-creds=objvirtio-disk1_tls0,\ file.vdisk-id=eb90327c-8302-4725-9e1b-4e85ed4dc252,\ file.server.host=192.168.0.2,file.server.port=9999,format=raw,if=none,\ @@ -50,8 +56,11 @@ file.server.host=192.168.0.3,file.server.port=9999,format=raw,if=none,\ id=drive-virtio-disk2,cache=none \ -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x6,drive=drive-virtio-disk2,\ id=virtio-disk2,write-cache=on,serial=eb90327c-8302-4725-9e1b-4e85ed4dc252 \ +-object secret,id=objvirtio-disk3_tls0-secret0,\ +data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\ +keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \ -object tls-creds-x509,id=objvirtio-disk3_tls0,dir=/etc/pki/libvirt-nbd/dummy,,\ -path,endpoint=client,verify-peer=yes \ +path,endpoint=client,verify-peer=yes,passwordid=objvirtio-disk3_tls0-secret0 \ -drive file.driver=nbd,file.server.type=inet,file.server.host=example.com,\ file.server.port=1234,file.tls-creds=objvirtio-disk3_tls0,format=raw,if=none,\ id=drive-virtio-disk3,cache=none \ diff --git a/tests/qemuxml2argvdata/disk-network-tlsx509.x86_64-latest.args b/tests/qemuxml2argvdata/disk-network-tlsx509.x86_64-latest.args index 5195107b7b..ec4c28e161 100644 --- a/tests/qemuxml2argvdata/disk-network-tlsx509.x86_64-latest.args +++ b/tests/qemuxml2argvdata/disk-network-tlsx509.x86_64-latest.args @@ -28,8 +28,12 @@ file=/tmp/lib/domain--1-QEMUGuest1/master-key.aes \ -no-acpi \ -boot strict=on \ -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 \ +-object secret,id=objlibvirt-4-storage_tls0-secret0,\ +data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\ +keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \ -object tls-creds-x509,id=objlibvirt-4-storage_tls0,\ -dir=/etc/pki/libvirt-vxhs/dummy,,path,endpoint=client,verify-peer=yes \ +dir=/etc/pki/libvirt-vxhs/dummy,,path,endpoint=client,verify-peer=yes,\ +passwordid=objlibvirt-4-storage_tls0-secret0 \ -blockdev '{"driver":"vxhs","tls-creds":"objlibvirt-4-storage_tls0",\ "vdisk-id":"eb90327c-8302-4725-9e1b-4e85ed4dc251",\ "server":{"host":"192.168.0.1","port":"9999"},"node-name":"libvirt-4-storage",\ @@ -41,8 +45,12 @@ dir=/etc/pki/libvirt-vxhs/dummy,,path,endpoint=client,verify-peer=yes \ -device virtio-blk-pci,bus=pci.0,addr=0x4,drive=libvirt-4-format,\ id=virtio-disk0,bootindex=1,write-cache=on,\ serial=eb90327c-8302-4725-9e1b-4e85ed4dc251 \ +-object secret,id=objlibvirt-3-storage_tls0-secret0,\ +data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\ +keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \ -object tls-creds-x509,id=objlibvirt-3-storage_tls0,\ -dir=/etc/pki/libvirt-vxhs/dummy,,path,endpoint=client,verify-peer=yes \ +dir=/etc/pki/libvirt-vxhs/dummy,,path,endpoint=client,verify-peer=yes,\ +passwordid=objlibvirt-3-storage_tls0-secret0 \ -blockdev '{"driver":"vxhs","tls-creds":"objlibvirt-3-storage_tls0",\ "vdisk-id":"eb90327c-8302-4725-9e1b-4e85ed4dc252",\ "server":{"host":"192.168.0.2","port":"9999"},"node-name":"libvirt-3-storage",\ @@ -62,8 +70,12 @@ id=virtio-disk1,write-cache=on,serial=eb90327c-8302-4725-9e1b-4e85ed4dc252 \ "file":"libvirt-2-storage"}' \ -device virtio-blk-pci,bus=pci.0,addr=0x6,drive=libvirt-2-format,\ id=virtio-disk2,write-cache=on,serial=eb90327c-8302-4725-9e1b-4e85ed4dc252 \ +-object secret,id=objlibvirt-1-storage_tls0-secret0,\ +data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\ +keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \ -object tls-creds-x509,id=objlibvirt-1-storage_tls0,\ -dir=/etc/pki/libvirt-nbd/dummy,,path,endpoint=client,verify-peer=yes \ +dir=/etc/pki/libvirt-nbd/dummy,,path,endpoint=client,verify-peer=yes,\ +passwordid=objlibvirt-1-storage_tls0-secret0 \ -blockdev '{"driver":"nbd","server":{"type":"inet","host":"example.com",\ "port":"1234"},"tls-creds":"objlibvirt-1-storage_tls0",\ "node-name":"libvirt-1-storage","cache":{"direct":true,"no-flush":false},\ diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 2e06140ea1..26333d8f40 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1192,6 +1192,8 @@ mymain(void) driver.config->vxhsTLS = 1; DO_TEST("disk-network-tlsx509", QEMU_CAPS_VXHS, QEMU_CAPS_OBJECT_TLS_CREDS_X509, QEMU_CAPS_NBD_TLS); + driver.config->nbdTLSx509secretUUID = g_strdup("6fd3f62d-9fe7-4a4e-a869-7acd6376d8ea"); + driver.config->vxhsTLSx509secretUUID = g_strdup("6fd3f62d-9fe7-4a4e-a869-7acd6376d8ea"); DO_TEST_CAPS_VER("disk-network-tlsx509", "2.12.0"); DO_TEST_CAPS_LATEST("disk-network-tlsx509"); DO_TEST_CAPS_LATEST("disk-network-http");