conf: backup: Add 'tls' attribute for 'server' element

Allow enabling TLS for the NBD server used to do pull-mode backups. Note
that documentation already mentions 'tls', so this just implements the
schema and XML bits.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
This commit is contained in:
Peter Krempa 2020-07-01 12:25:42 +02:00
parent d37a2cd5ed
commit fc6aaf6a19
6 changed files with 29 additions and 4 deletions

View File

@ -51,6 +51,14 @@
</attribute>
<interleave>
<element name='server'>
<optional>
<attribute name='tls'>
<choice>
<value>yes</value>
<value>no</value>
</choice>
</attribute>
</optional>
<choice>
<group>
<optional>
@ -69,7 +77,6 @@
<ref name='unsignedInt'/>
</attribute>
</optional>
<!-- add tls? -->
</group>
<group>
<attribute name='transport'>

View File

@ -239,6 +239,8 @@ virDomainBackupDefParse(xmlXPathContextPtr ctxt,
def->incremental = virXPathString("string(./incremental)", ctxt);
if ((node = virXPathNode("./server", ctxt))) {
g_autofree char *tls = NULL;
if (def->type != VIR_DOMAIN_BACKUP_TYPE_PULL) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("use of <server> requires pull mode backup"));
@ -263,6 +265,19 @@ virDomainBackupDefParse(xmlXPathContextPtr ctxt,
def->server->socket);
return NULL;
}
if ((tls = virXMLPropString(node, "tls"))) {
int tmp;
if ((tmp = virTristateBoolTypeFromString(tls)) <= 0) {
virReportError(VIR_ERR_XML_ERROR,
_("unknown value '%s' of 'tls' attribute"),\
tls);
return NULL;
}
def->tls = tmp;
}
}
if ((n = virXPathNodeSet("./disks/*", ctxt, &nodes)) < 0)
@ -417,6 +432,8 @@ virDomainBackupDefFormat(virBufferPtr buf,
if (def->server) {
virBufferAsprintf(&serverAttrBuf, " transport='%s'",
virStorageNetHostTransportTypeToString(def->server->transport));
if (def->tls != VIR_TRISTATE_BOOL_ABSENT)
virBufferAsprintf(&serverAttrBuf, " tls='%s'", virTristateBoolTypeToString(def->tls));
virBufferEscapeString(&serverAttrBuf, " name='%s'", def->server->name);
if (def->server->port)
virBufferAsprintf(&serverAttrBuf, " port='%u'", def->server->port);

View File

@ -70,6 +70,7 @@ struct _virDomainBackupDef {
int type; /* virDomainBackupType */
char *incremental;
virStorageNetHostDefPtr server; /* only when type == PULL */
virTristateBool tls; /* use TLS for NBD */
size_t ndisks; /* should not exceed dom->ndisks */
virDomainBackupDiskDef *disks;

View File

@ -1,6 +1,6 @@
<domainbackup mode="pull">
<incremental>1525889631</incremental>
<server transport='tcp' name='localhost' port='10809'/>
<server transport='tcp' tls='yes' name='localhost' port='10809'/>
<disks>
<disk name='vda' type='file' exportname='test-vda' exportbitmap='blah'>
<driver type='qcow2'/>

View File

@ -1,6 +1,6 @@
<domainbackup mode='pull'>
<incremental>1525889631</incremental>
<server transport='tcp' name='localhost' port='10809'/>
<server transport='tcp' tls='yes' name='localhost' port='10809'/>
<disks>
<disk name='vda' backup='yes' state='running' type='file' exportname='test-vda' exportbitmap='blah'>
<driver type='qcow2'/>

View File

@ -1,6 +1,6 @@
<domainbackup mode='pull'>
<incremental>1525889631</incremental>
<server transport='tcp' name='localhost' port='10809'/>
<server transport='tcp' tls='yes' name='localhost' port='10809'/>
<disks>
<disk name='vda' backup='yes' type='file' exportname='test-vda' exportbitmap='blah'>
<driver type='qcow2'/>