[libvirt] [PATCH 10/13] qemu: hotplug: Refactor tls-credential props formatting to qemuMonitorCreateObjectProps
Peter Krempa
pkrempa at redhat.com
Wed May 30 17:06:34 UTC 2018
Note that it's okay to pass NULL to qemuDomainDelTLSObjects in
qemuDomainAddTLSObjects as the tls-creds-x509 object was either not
created or qemu crashed.
Signed-off-by: Peter Krempa <pkrempa at redhat.com>
---
src/qemu/qemu_command.c | 29 +++++++++++++++--------------
src/qemu/qemu_command.h | 1 +
src/qemu/qemu_hotplug.c | 25 +++++++++++--------------
src/qemu/qemu_hotplug.h | 2 +-
src/qemu/qemu_migration_params.c | 4 ++--
5 files changed, 30 insertions(+), 31 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index f604a9e8aa..00ca557025 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -684,6 +684,7 @@ qemuBuildRBDSecinfoURI(virBufferPtr buf,
* @tlspath: path to the TLS credentials
* @listen: boolen listen for client or server setting
* @verifypeer: boolean to enable peer verification (form of authorization)
+ * @alias: alias for the TLS credentials object
* @secalias: if one exists, the alias of the security object for passwordid
* @qemuCaps: capabilities
* @propsret: json properties to return
@@ -696,6 +697,7 @@ int
qemuBuildTLSx509BackendProps(const char *tlspath,
bool isListen,
bool verifypeer,
+ const char *alias,
const char *secalias,
virQEMUCapsPtr qemuCaps,
virJSONValuePtr *propsret)
@@ -706,12 +708,12 @@ qemuBuildTLSx509BackendProps(const char *tlspath,
return -1;
}
- if (virJSONValueObjectCreate(propsret,
- "s:dir", tlspath,
- "s:endpoint", (isListen ? "server": "client"),
- "b:verify-peer", (isListen ? verifypeer : true),
- "S:passwordid", secalias,
- NULL) < 0)
+ if (qemuMonitorCreateObjectProps(propsret, "tls-creds-x509", alias,
+ "s:dir", tlspath,
+ "s:endpoint", (isListen ? "server": "client"),
+ "b:verify-peer", (isListen ? verifypeer : true),
+ "S:passwordid", secalias,
+ NULL) < 0)
return -1;
return 0;
@@ -741,26 +743,25 @@ qemuBuildTLSx509CommandLine(virCommandPtr cmd,
const char *alias,
virQEMUCapsPtr qemuCaps)
{
+ virBuffer buf = VIR_BUFFER_INITIALIZER;
int ret = -1;
virJSONValuePtr props = NULL;
- char *tmp = NULL;
- if (qemuBuildTLSx509BackendProps(tlspath, isListen, verifypeer,
- certEncSecretAlias,
- qemuCaps, &props) < 0)
+ if (qemuBuildTLSx509BackendProps(tlspath, isListen, verifypeer, alias,
+ certEncSecretAlias, qemuCaps, &props) < 0)
goto cleanup;
- if (!(tmp = virQEMUBuildObjectCommandlineFromJSONType("tls-creds-x509",
- alias, props)))
+ if (virQEMUBuildObjectCommandlineFromJSON(&buf, props) < 0)
goto cleanup;
- virCommandAddArgList(cmd, "-object", tmp, NULL);
+ virCommandAddArg(cmd, "-object");
+ virCommandAddArgBuffer(cmd, &buf);
ret = 0;
cleanup:
+ virBufferFreeAndReset(&buf);
virJSONValueFree(props);
- VIR_FREE(tmp);
return ret;
}
diff --git a/src/qemu/qemu_command.h b/src/qemu/qemu_command.h
index e4f56cf89d..e85efcc980 100644
--- a/src/qemu/qemu_command.h
+++ b/src/qemu/qemu_command.h
@@ -66,6 +66,7 @@ int qemuBuildSecretInfoProps(qemuDomainSecretInfoPtr secinfo,
int qemuBuildTLSx509BackendProps(const char *tlspath,
bool isListen,
bool verifypeer,
+ const char *alias,
const char *secalias,
virQEMUCapsPtr qemuCaps,
virJSONValuePtr *propsret);
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 02bc88f863..a6ab73b1af 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -166,11 +166,12 @@ qemuDomainAddDiskSrcTLSObject(virQEMUDriverPtr driver,
src->tlsCertdir,
false,
src->tlsVerify,
+ src->tlsAlias,
&tlsProps, NULL) < 0)
goto cleanup;
if (qemuDomainAddTLSObjects(driver, vm, QEMU_ASYNC_JOB_NONE,
- NULL, NULL, src->tlsAlias, &tlsProps) < 0)
+ NULL, NULL, &tlsProps) < 0)
goto cleanup;
ret = 0;
@@ -1446,14 +1447,13 @@ qemuDomainAddTLSObjects(virQEMUDriverPtr driver,
qemuDomainAsyncJob asyncJob,
const char *secAlias,
virJSONValuePtr *secProps,
- const char *tlsAlias,
virJSONValuePtr *tlsProps)
{
qemuDomainObjPrivatePtr priv = vm->privateData;
int rc;
virErrorPtr orig_err;
- if (!tlsAlias && !secAlias)
+ if (!tlsProps && !secAlias)
return 0;
if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0)
@@ -1467,13 +1467,9 @@ qemuDomainAddTLSObjects(virQEMUDriverPtr driver,
goto error;
}
- if (tlsAlias) {
- rc = qemuMonitorAddObjectType(priv->mon, "tls-creds-x509",
- tlsAlias, *tlsProps);
- *tlsProps = NULL; /* qemuMonitorAddObjectType consumes */
- if (rc < 0)
- goto error;
- }
+ if (tlsProps &&
+ qemuMonitorAddObject(priv->mon, tlsProps, NULL) < 0)
+ goto error;
return qemuDomainObjExitMonitor(driver, vm);
@@ -1481,7 +1477,7 @@ qemuDomainAddTLSObjects(virQEMUDriverPtr driver,
virErrorPreserveLast(&orig_err);
ignore_value(qemuDomainObjExitMonitor(driver, vm));
virErrorRestore(&orig_err);
- qemuDomainDelTLSObjects(driver, vm, asyncJob, secAlias, tlsAlias);
+ qemuDomainDelTLSObjects(driver, vm, asyncJob, secAlias, NULL);
return -1;
}
@@ -1493,6 +1489,7 @@ qemuDomainGetTLSObjects(virQEMUCapsPtr qemuCaps,
const char *tlsCertdir,
bool tlsListen,
bool tlsVerify,
+ const char *alias,
virJSONValuePtr *tlsProps,
virJSONValuePtr *secProps)
{
@@ -1506,7 +1503,7 @@ qemuDomainGetTLSObjects(virQEMUCapsPtr qemuCaps,
}
if (qemuBuildTLSx509BackendProps(tlsCertdir, tlsListen, tlsVerify,
- secAlias, qemuCaps, tlsProps) < 0)
+ alias, secAlias, qemuCaps, tlsProps) < 0)
return -1;
return 0;
@@ -1555,12 +1552,12 @@ qemuDomainAddChardevTLSObjects(virQEMUDriverPtr driver,
cfg->chardevTLSx509certdir,
dev->data.tcp.listen,
cfg->chardevTLSx509verify,
- &tlsProps, &secProps) < 0)
+ *tlsAlias, &tlsProps, &secProps) < 0)
goto cleanup;
dev->data.tcp.tlscreds = true;
if (qemuDomainAddTLSObjects(driver, vm, QEMU_ASYNC_JOB_NONE,
- *secAlias, &secProps, *tlsAlias, &tlsProps) < 0)
+ *secAlias, &secProps, &tlsProps) < 0)
goto cleanup;
ret = 0;
diff --git a/src/qemu/qemu_hotplug.h b/src/qemu/qemu_hotplug.h
index 2059baf47f..f978780c30 100644
--- a/src/qemu/qemu_hotplug.h
+++ b/src/qemu/qemu_hotplug.h
@@ -45,7 +45,6 @@ int qemuDomainAddTLSObjects(virQEMUDriverPtr driver,
qemuDomainAsyncJob asyncJob,
const char *secAlias,
virJSONValuePtr *secProps,
- const char *tlsAlias,
virJSONValuePtr *tlsProps);
int qemuDomainGetTLSObjects(virQEMUCapsPtr qemuCaps,
@@ -53,6 +52,7 @@ int qemuDomainGetTLSObjects(virQEMUCapsPtr qemuCaps,
const char *tlsCertdir,
bool tlsListen,
bool tlsVerify,
+ const char *alias,
virJSONValuePtr *tlsProps,
virJSONValuePtr *secProps);
diff --git a/src/qemu/qemu_migration_params.c b/src/qemu/qemu_migration_params.c
index 5976bfdaf2..78688c397f 100644
--- a/src/qemu/qemu_migration_params.c
+++ b/src/qemu/qemu_migration_params.c
@@ -862,7 +862,7 @@ qemuMigrationParamsEnableTLS(virQEMUDriverPtr driver,
if (qemuDomainGetTLSObjects(priv->qemuCaps, priv->migSecinfo,
cfg->migrateTLSx509certdir, tlsListen,
cfg->migrateTLSx509verify,
- &tlsProps, &secProps) < 0)
+ *tlsAlias, &tlsProps, &secProps) < 0)
goto error;
/* Ensure the domain doesn't already have the TLS objects defined...
@@ -872,7 +872,7 @@ qemuMigrationParamsEnableTLS(virQEMUDriverPtr driver,
qemuDomainDelTLSObjects(driver, vm, asyncJob, secAlias, *tlsAlias);
if (qemuDomainAddTLSObjects(driver, vm, asyncJob, secAlias, &secProps,
- *tlsAlias, &tlsProps) < 0)
+ &tlsProps) < 0)
goto error;
if (qemuMigrationParamsSetString(migParams,
--
2.16.2
More information about the libvir-list
mailing list