[PATCH 11/24] tests: qemuxml2argv: Test encrypted TLS key for nbd/vxhs disks
Peter Krempa
pkrempa at redhat.com
Thu Jul 2 14:39:57 UTC 2020
Add a dummy secret so that we see what command line is generated.
Signed-off-by: Peter Krempa <pkrempa at redhat.com>
---
.../disk-network-tlsx509.x86_64-2.12.0.args | 15 ++++++++++++---
.../disk-network-tlsx509.x86_64-latest.args | 18 +++++++++++++++---
tests/qemuxml2argvtest.c | 2 ++
3 files changed, 29 insertions(+), 6 deletions(-)
diff --git a/tests/qemuxml2argvdata/disk-network-tlsx509.x86_64-2.12.0.args b/tests/qemuxml2argvdata/disk-network-tlsx509.x86_64-2.12.0.args
index 06686f801d..2a30ad02c9 100644
--- a/tests/qemuxml2argvdata/disk-network-tlsx509.x86_64-2.12.0.args
+++ b/tests/qemuxml2argvdata/disk-network-tlsx509.x86_64-2.12.0.args
@@ -28,8 +28,11 @@ file=/tmp/lib/domain--1-QEMUGuest1/master-key.aes \
-no-acpi \
-boot strict=on \
-device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 \
+-object secret,id=objvirtio-disk0_tls0-secret0,\
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
-object tls-creds-x509,id=objvirtio-disk0_tls0,dir=/etc/pki/libvirt-vxhs/dummy,\
-,path,endpoint=client,verify-peer=yes \
+,path,endpoint=client,verify-peer=yes,passwordid=objvirtio-disk0_tls0-secret0 \
-drive file.driver=vxhs,file.tls-creds=objvirtio-disk0_tls0,\
file.vdisk-id=eb90327c-8302-4725-9e1b-4e85ed4dc251,\
file.server.host=192.168.0.1,file.server.port=9999,format=raw,if=none,\
@@ -37,8 +40,11 @@ id=drive-virtio-disk0,cache=none \
-device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,\
id=virtio-disk0,bootindex=1,write-cache=on,\
serial=eb90327c-8302-4725-9e1b-4e85ed4dc251 \
+-object secret,id=objvirtio-disk1_tls0-secret0,\
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
-object tls-creds-x509,id=objvirtio-disk1_tls0,dir=/etc/pki/libvirt-vxhs/dummy,\
-,path,endpoint=client,verify-peer=yes \
+,path,endpoint=client,verify-peer=yes,passwordid=objvirtio-disk1_tls0-secret0 \
-drive file.driver=vxhs,file.tls-creds=objvirtio-disk1_tls0,\
file.vdisk-id=eb90327c-8302-4725-9e1b-4e85ed4dc252,\
file.server.host=192.168.0.2,file.server.port=9999,format=raw,if=none,\
@@ -50,8 +56,11 @@ file.server.host=192.168.0.3,file.server.port=9999,format=raw,if=none,\
id=drive-virtio-disk2,cache=none \
-device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x6,drive=drive-virtio-disk2,\
id=virtio-disk2,write-cache=on,serial=eb90327c-8302-4725-9e1b-4e85ed4dc252 \
+-object secret,id=objvirtio-disk3_tls0-secret0,\
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
-object tls-creds-x509,id=objvirtio-disk3_tls0,dir=/etc/pki/libvirt-nbd/dummy,,\
-path,endpoint=client,verify-peer=yes \
+path,endpoint=client,verify-peer=yes,passwordid=objvirtio-disk3_tls0-secret0 \
-drive file.driver=nbd,file.server.type=inet,file.server.host=example.com,\
file.server.port=1234,file.tls-creds=objvirtio-disk3_tls0,format=raw,if=none,\
id=drive-virtio-disk3,cache=none \
diff --git a/tests/qemuxml2argvdata/disk-network-tlsx509.x86_64-latest.args b/tests/qemuxml2argvdata/disk-network-tlsx509.x86_64-latest.args
index 5195107b7b..ec4c28e161 100644
--- a/tests/qemuxml2argvdata/disk-network-tlsx509.x86_64-latest.args
+++ b/tests/qemuxml2argvdata/disk-network-tlsx509.x86_64-latest.args
@@ -28,8 +28,12 @@ file=/tmp/lib/domain--1-QEMUGuest1/master-key.aes \
-no-acpi \
-boot strict=on \
-device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 \
+-object secret,id=objlibvirt-4-storage_tls0-secret0,\
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
-object tls-creds-x509,id=objlibvirt-4-storage_tls0,\
-dir=/etc/pki/libvirt-vxhs/dummy,,path,endpoint=client,verify-peer=yes \
+dir=/etc/pki/libvirt-vxhs/dummy,,path,endpoint=client,verify-peer=yes,\
+passwordid=objlibvirt-4-storage_tls0-secret0 \
-blockdev '{"driver":"vxhs","tls-creds":"objlibvirt-4-storage_tls0",\
"vdisk-id":"eb90327c-8302-4725-9e1b-4e85ed4dc251",\
"server":{"host":"192.168.0.1","port":"9999"},"node-name":"libvirt-4-storage",\
@@ -41,8 +45,12 @@ dir=/etc/pki/libvirt-vxhs/dummy,,path,endpoint=client,verify-peer=yes \
-device virtio-blk-pci,bus=pci.0,addr=0x4,drive=libvirt-4-format,\
id=virtio-disk0,bootindex=1,write-cache=on,\
serial=eb90327c-8302-4725-9e1b-4e85ed4dc251 \
+-object secret,id=objlibvirt-3-storage_tls0-secret0,\
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
-object tls-creds-x509,id=objlibvirt-3-storage_tls0,\
-dir=/etc/pki/libvirt-vxhs/dummy,,path,endpoint=client,verify-peer=yes \
+dir=/etc/pki/libvirt-vxhs/dummy,,path,endpoint=client,verify-peer=yes,\
+passwordid=objlibvirt-3-storage_tls0-secret0 \
-blockdev '{"driver":"vxhs","tls-creds":"objlibvirt-3-storage_tls0",\
"vdisk-id":"eb90327c-8302-4725-9e1b-4e85ed4dc252",\
"server":{"host":"192.168.0.2","port":"9999"},"node-name":"libvirt-3-storage",\
@@ -62,8 +70,12 @@ id=virtio-disk1,write-cache=on,serial=eb90327c-8302-4725-9e1b-4e85ed4dc252 \
"file":"libvirt-2-storage"}' \
-device virtio-blk-pci,bus=pci.0,addr=0x6,drive=libvirt-2-format,\
id=virtio-disk2,write-cache=on,serial=eb90327c-8302-4725-9e1b-4e85ed4dc252 \
+-object secret,id=objlibvirt-1-storage_tls0-secret0,\
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
-object tls-creds-x509,id=objlibvirt-1-storage_tls0,\
-dir=/etc/pki/libvirt-nbd/dummy,,path,endpoint=client,verify-peer=yes \
+dir=/etc/pki/libvirt-nbd/dummy,,path,endpoint=client,verify-peer=yes,\
+passwordid=objlibvirt-1-storage_tls0-secret0 \
-blockdev '{"driver":"nbd","server":{"type":"inet","host":"example.com",\
"port":"1234"},"tls-creds":"objlibvirt-1-storage_tls0",\
"node-name":"libvirt-1-storage","cache":{"direct":true,"no-flush":false},\
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 2e06140ea1..26333d8f40 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -1192,6 +1192,8 @@ mymain(void)
driver.config->vxhsTLS = 1;
DO_TEST("disk-network-tlsx509", QEMU_CAPS_VXHS,
QEMU_CAPS_OBJECT_TLS_CREDS_X509, QEMU_CAPS_NBD_TLS);
+ driver.config->nbdTLSx509secretUUID = g_strdup("6fd3f62d-9fe7-4a4e-a869-7acd6376d8ea");
+ driver.config->vxhsTLSx509secretUUID = g_strdup("6fd3f62d-9fe7-4a4e-a869-7acd6376d8ea");
DO_TEST_CAPS_VER("disk-network-tlsx509", "2.12.0");
DO_TEST_CAPS_LATEST("disk-network-tlsx509");
DO_TEST_CAPS_LATEST("disk-network-http");
--
2.26.2
More information about the libvir-list
mailing list