[PATCH 5/6] virt-admin: Introduce command srv-update-tls

Zhangbo (Oscar) oscar.zhangbo at huawei.com
Sun Feb 9 13:59:05 UTC 2020


wire-up virAdmServerUpdateTlsFiles API into virt-admin client.
---
 tools/virt-admin.c | 88 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 88 insertions(+)

diff --git a/tools/virt-admin.c b/tools/virt-admin.c
index 32edfe5757..85235ae03d 100644
--- a/tools/virt-admin.c
+++ b/tools/virt-admin.c
@@ -957,6 +957,84 @@ cmdSrvClientsSet(vshControl *ctl, const vshCmd *cmd)
     goto cleanup;
 }

+/* ------------------------
+ *  Command srv-update-tls
+ * ------------------------
+ */
+static const vshCmdInfo info_srv_update_tls_file[] = {
+    {.name = "help",
+     .data = N_("notify server to update TLS related files online.")
+    },
+    {.name = "desc",
+     .data = N_("notify server to update the CA cert, "
+                "CA CRL, server cert / key without restarts. "
+                "See OPTIONS for currently supported attributes.")
+    },
+    {.name = NULL}
+};
+
+static const vshCmdOptDef opts_srv_update_tls_file[] = {
+    {.name = "server",
+     .type = VSH_OT_DATA,
+     .flags = VSH_OFLAG_REQ,
+     .help = N_("Available servers on a daemon. "
+                "Currently only supports 'libvirtd'.")
+    },
+    {.name = "filetypes",
+     .type = VSH_OT_INT,
+     .flags = VSH_OFLAG_REQ,
+     .help = N_("filetypes that need to be updated. "
+                "bitwise-OR of tls filetypes flags.\n"
+                "  parameter Description:\n"
+                "    --filetypes 1  ===>  cacert\n"
+                "    --filetypes 2  ===>  cacrl\n"
+                "    --filetypes 4  ===>  server-cert\n"
+                "    --filetypes 8  ===>  server-key\n"
+                "  or a combination of several values. eg:\n"
+                "    --filetypes 3  ===>  cacert | cacrl\n"
+                "  notice:\n"
+                "    server cert and key must be updated together.\n")
+    },
+    {.name = NULL}
+};
+
+static bool
+cmdSrvUpdateTlsFiles(vshControl *ctl, const vshCmd *cmd)
+{
+    bool ret = false;
+    const char *srvname = NULL;
+    unsigned int filetypes;
+
+    virAdmServerPtr srv = NULL;
+    vshAdmControlPtr priv = ctl->privData;
+
+    if (vshCommandOptStringReq(ctl, cmd, "server", &srvname) < 0)
+        return false;
+
+    if (vshCommandOptUInt(ctl, cmd, "filetypes", &filetypes) < 0)
+        return false;
+
+    if (filetypes == 0) {
+        vshError(ctl, "%s", _("filetypes can not be 0."));
+        goto cleanup;
+    }
+
+    if (!(srv = virAdmConnectLookupServer(priv->conn, srvname, 0)))
+        goto cleanup;
+
+    if (virAdmServerUpdateTlsFiles(srv, filetypes, VIR_TLS_UPDATE_CLEAR) < 0) {
+        vshError(ctl, "%s", _("Unable to update server's tls related files."));
+        goto cleanup;
+    }
+
+    ret = true;
+    vshPrint(ctl, "update tls related files succeed\n");
+
+ cleanup:
+    virAdmServerFree(srv);
+    return ret;
+}
+
 /* --------------------------
  * Command daemon-log-filters
  * --------------------------
@@ -1436,6 +1514,16 @@ static const vshCmdDef managementCmds[] = {
      .info = info_srv_clients_set,
      .flags = 0
     },
+    {.name = "srv-update-tls",
+     .flags = VSH_CMD_FLAG_ALIAS,
+     .alias = "server-update-tls"
+    },
+    {.name = "server-update-tls",
+     .handler = cmdSrvUpdateTlsFiles,
+     .opts = opts_srv_update_tls_file,
+     .info = info_srv_update_tls_file,
+     .flags = 0
+    },
     {.name = "daemon-log-filters",
      .handler = cmdDaemonLogFilters,
      .opts = opts_daemon_log_filters,
--
2.23.0.windows.1





More information about the libvir-list mailing list