[libvirt] [PATCH 29/38] qemu: command: Don't generate alias for TLS private key password secret
Peter Krempa
pkrempa at redhat.com
Wed May 30 12:41:25 UTC 2018
qemuBuildTLSx509CommandLine has no business guessing which alias should
be used. The alias needs to be passed in.
Note that there's a lingering bad design of this, since the secret
object alias is based on the device name and not on the fact that the
secret is used for decrypting of the TLS private key. If we ever add
authentication for chardevs this will bite us.
Thankfully disk code does not support encrypted private keys for TLS so
it can be happily refactored there.
Signed-off-by: Peter Krempa <pkrempa at redhat.com>
---
src/qemu/qemu_command.c | 30 +++++++++++++++---------------
1 file changed, 15 insertions(+), 15 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 9ec1d30c80..c63963adfa 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -723,7 +723,8 @@ qemuBuildTLSx509BackendProps(const char *tlspath,
* @tlspath: path to the TLS credentials
* @listen: boolen listen for client or server setting
* @verifypeer: boolean to enable peer verification (form of authorization)
- * @addpasswordid: boolean to handle adding passwordid to object
+ * @certEncSecretAlias: alias of a 'secret' object for decrypting TLS private key
+ * (optional)
* @inalias: Alias for the parent to generate object alias
* @qemuCaps: capabilities
*
@@ -736,7 +737,7 @@ qemuBuildTLSx509CommandLine(virCommandPtr cmd,
const char *tlspath,
bool isListen,
bool verifypeer,
- bool addpasswordid,
+ const char *certEncSecretAlias,
const char *inalias,
virQEMUCapsPtr qemuCaps)
{
@@ -744,13 +745,9 @@ qemuBuildTLSx509CommandLine(virCommandPtr cmd,
char *objalias = NULL;
virJSONValuePtr props = NULL;
char *tmp = NULL;
- char *secalias = NULL;
- if (addpasswordid &&
- !(secalias = qemuDomainGetSecretAESAlias(inalias, false)))
- return -1;
-
- if (qemuBuildTLSx509BackendProps(tlspath, isListen, verifypeer, secalias,
+ if (qemuBuildTLSx509BackendProps(tlspath, isListen, verifypeer,
+ certEncSecretAlias,
qemuCaps, &props) < 0)
goto cleanup;
@@ -769,7 +766,6 @@ qemuBuildTLSx509CommandLine(virCommandPtr cmd,
virJSONValueFree(props);
VIR_FREE(objalias);
VIR_FREE(tmp);
- VIR_FREE(secalias);
return ret;
}
@@ -793,7 +789,7 @@ qemuBuildDiskSrcTLSx509CommandLine(virCommandPtr cmd,
src->haveTLS == VIR_TRISTATE_BOOL_YES) {
return qemuBuildTLSx509CommandLine(cmd, src->tlsCertdir,
false, src->tlsVerify,
- false, srcalias, qemuCaps);
+ NULL, srcalias, qemuCaps);
}
return 0;
@@ -4986,20 +4982,24 @@ qemuBuildChrChardevStr(virLogManagerPtr logManager,
qemuDomainChrSourcePrivatePtr chrSourcePriv =
QEMU_DOMAIN_CHR_SOURCE_PRIVATE(dev);
char *objalias = NULL;
+ const char *tlsCertEncSecAlias = NULL;
/* Add the secret object first if necessary. The
* secinfo is added only to a TCP serial device during
* qemuDomainSecretChardevPrepare. Subsequently called
* functions can just check the config fields */
- if (chrSourcePriv && chrSourcePriv->secinfo &&
- qemuBuildObjectSecretCommandLine(cmd,
- chrSourcePriv->secinfo) < 0)
- goto cleanup;
+ if (chrSourcePriv && chrSourcePriv->secinfo) {
+ if (qemuBuildObjectSecretCommandLine(cmd,
+ chrSourcePriv->secinfo) < 0)
+ goto cleanup;
+
+ tlsCertEncSecAlias = chrSourcePriv->secinfo->s.aes.alias;
+ }
if (qemuBuildTLSx509CommandLine(cmd, cfg->chardevTLSx509certdir,
dev->data.tcp.listen,
cfg->chardevTLSx509verify,
- !!cfg->chardevTLSx509secretUUID,
+ tlsCertEncSecAlias,
charAlias, qemuCaps) < 0)
goto cleanup;
--
2.16.2
More information about the libvir-list
mailing list