<div dir="ltr">It seems resolved <a href="https://bugzilla.redhat.com/show_bug.cgi?id=1596511">https://bugzilla.redhat.com/show_bug.cgi?id=1596511</a> . If so, please add this link in commit msg.<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Jul 9, 2018 at 10:12 PM, Peter Krempa <span dir="ltr"><<a href="mailto:pkrempa@redhat.com" target="_blank">pkrempa@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">To allow using -blockdev with RBD we need to support the recently added<br>
RBD authentication.<br>
<br>
Signed-off-by: Peter Krempa <<a href="mailto:pkrempa@redhat.com">pkrempa@redhat.com</a>><br>
---<br>
I must say that it looks quite fishy that we use also the "none" method<br>
as acceptable but we've done so for a very long time.<br>
<br>
 src/qemu/qemu_block.c                              | 26 +++++++++++++++++++++-<br>
 .../network-qcow2-backing-<wbr>chain-cache-unsafe.json  |  5 +++++<br>
 ...etwork-qcow2-backing-chain-<wbr>encryption_auth.json |  5 +++++<br>
 3 files changed, 35 insertions(+), 1 deletion(-)<br>
<br>
diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c<br>
index 0ebf2d2aff..7ad79c7e7d 100644<br>
--- a/src/qemu/qemu_block.c<br>
+++ b/src/qemu/qemu_block.c<br>
@@ -906,13 +906,33 @@ qemuBlockStorageSourceGetRBDPr<wbr>ops(virStorageSourcePtr src)<br>
     virJSONValuePtr servers = NULL;<br>
     virJSONValuePtr ret = NULL;<br>
     const char *username = NULL;<br>
+    virJSONValuePtr authmodes = NULL;<br>
+    virJSONValuePtr mode = NULL;<br>
+    const char *keysecret = NULL;<br>
<br>
     if (src->nhosts > 0 &&<br>
         !(servers = qemuBlockStorageSourceBuildHos<wbr>tsJSONInetSocketAddress(src)))<br>
         return NULL;<br>
<br>
-    if (src->auth)<br>
+    if (src->auth) {<br>
         username = srcPriv->secinfo->s.aes.<wbr>username;<br>
+        keysecret = srcPriv->secinfo->s.aes.alias;<br>
+        /* the auth modes are modelled after our old command line generator */<br>
+        if (!(authmodes = virJSONValueNewArray()))<br>
+            goto cleanup;<br>
+<br>
+        if (!(mode = virJSONValueNewString("cephx")<wbr>) ||<br>
+            virJSONValueArrayAppend(<wbr>authmodes, mode) < 0)<br>
+            goto cleanup;<br>
+<br>
+        mode = NULL;<br>
+<br>
+        if (!(mode = virJSONValueNewString("none")) ||<br>
+            virJSONValueArrayAppend(<wbr>authmodes, mode) < 0)<br>
+            goto cleanup;<br>
+<br>
+        mode = NULL;<br>
+    }<br>
<br>
     if (virJSONValueObjectCreate(&<wbr>ret,<br>
                                  "s:driver", "rbd",<br>
@@ -922,10 +942,14 @@ qemuBlockStorageSourceGetRBDPr<wbr>ops(virStorageSourcePtr src)<br>
                                  "S:conf", src->configFile,<br>
                                  "A:server", &servers,<br>
                                  "S:user", username,<br>
+                                 "A:auth-client-required", &authmodes,<br>
+                                 "S:key-secret", keysecret,<br>
                                  NULL) < 0)<br>
         goto cleanup;<br>
<br>
  cleanup:<br>
+    virJSONValueFree(authmodes);<br>
+    virJSONValueFree(mode);<br>
     virJSONValueFree(servers);<br>
     return ret;<br>
 }<br>
diff --git a/tests/qemublocktestdata/<wbr>xml2json/network-qcow2-<wbr>backing-chain-cache-unsafe.<wbr>json b/tests/qemublocktestdata/<wbr>xml2json/network-qcow2-<wbr>backing-chain-cache-unsafe.<wbr>json<br>
index 80a694eee4..e66f62d24b 100644<br>
--- a/tests/qemublocktestdata/<wbr>xml2json/network-qcow2-<wbr>backing-chain-cache-unsafe.<wbr>json<br>
+++ b/tests/qemublocktestdata/<wbr>xml2json/network-qcow2-<wbr>backing-chain-cache-unsafe.<wbr>json<br>
@@ -24,6 +24,11 @@<br>
     }<br>
   ],<br>
   "user": "testuser-rbd",<br>
+  "auth-client-required": [<br>
+    "cephx",<br>
+    "none"<br>
+  ],<br>
+  "key-secret": "node-a-s-secalias",<br>
   "node-name": "node-a-s",<br>
   "cache": {<br>
     "direct": false,<br>
diff --git a/tests/qemublocktestdata/<wbr>xml2json/network-qcow2-<wbr>backing-chain-encryption_auth.<wbr>json b/tests/qemublocktestdata/<wbr>xml2json/network-qcow2-<wbr>backing-chain-encryption_auth.<wbr>json<br>
index fdb6f2ab1a..921cb3ea69 100644<br>
--- a/tests/qemublocktestdata/<wbr>xml2json/network-qcow2-<wbr>backing-chain-encryption_auth.<wbr>json<br>
+++ b/tests/qemublocktestdata/<wbr>xml2json/network-qcow2-<wbr>backing-chain-encryption_auth.<wbr>json<br>
@@ -24,6 +24,11 @@<br>
     }<br>
   ],<br>
   "user": "testuser-rbd",<br>
+  "auth-client-required": [<br>
+    "cephx",<br>
+    "none"<br>
+  ],<br>
+  "key-secret": "node-a-s-secalias",<br>
   "node-name": "node-a-s",<br>
   "read-only": false,<br>
   "discard": "unmap"<br>
<span class="HOEnZb"><font color="#888888">-- <br>
2.16.2<br>
<br>
--<br>
libvir-list mailing list<br>
<a href="mailto:libvir-list@redhat.com">libvir-list@redhat.com</a><br>
<a href="https://www.redhat.com/mailman/listinfo/libvir-list" rel="noreferrer" target="_blank">https://www.redhat.com/<wbr>mailman/listinfo/libvir-list</a><br>
</font></span></blockquote></div><br><br clear="all"><br>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr">Best regards,</div><div dir="ltr">-----------------------------------<br></div><div dir="ltr">Han Han<br>Quality Engineer<br>Redhat.<br><br>Email: <a href="mailto:hhan@redhat.com" target="_blank">hhan@redhat.com</a><br>Phone: +861065339333<br></div></div></div></div></div></div>
</div>