[PATCH 05/14] qemu: command: Simplify 'vnc' commandline generator

Thu Sep 23 15:37:11 UTC 2021

'qemuDomainSecretGraphicsPrepare' always populates 'gfxPriv->tlsAlias'
when 'cfg->vncTLS' is enabled.

This means we can remove the fallback code setting up TLS for vnc via
the 'x509=' parameter.

Signed-off-by: Peter Krempa <pkrempa at redhat.com>
---
 src/qemu/qemu_command.c | 48 +++++++++++++++--------------------------
 1 file changed, 17 insertions(+), 31 deletions(-)

diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index a8d2b1ce74..08c88b12f4 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -7963,40 +7963,26 @@ qemuBuildGraphicsVNCCommandLine(virQEMUDriverConfig *cfg,

     if (cfg->vncTLS) {
         qemuDomainGraphicsPrivate *gfxPriv = QEMU_DOMAIN_GRAPHICS_PRIVATE(graphics);
-        if (gfxPriv->tlsAlias) {
-            const char *secretAlias = NULL;
+        const char *secretAlias = NULL;

-            if (gfxPriv->secinfo) {
-                if (qemuBuildObjectSecretCommandLine(cmd,
-                                                     gfxPriv->secinfo,
-                                                     qemuCaps) < 0)
-                    return -1;
-                secretAlias = gfxPriv->secinfo->alias;
-            }
-
-            if (qemuBuildTLSx509CommandLine(cmd,
-                                            cfg->vncTLSx509certdir,
-                                            true,
-                                            cfg->vncTLSx509verify,
-                                            secretAlias,
-                                            gfxPriv->tlsAlias,
-                                            qemuCaps) < 0)
+        if (gfxPriv->secinfo) {
+            if (qemuBuildObjectSecretCommandLine(cmd,
+                                                 gfxPriv->secinfo,
+                                                 qemuCaps) < 0)
                 return -1;
-
-            virBufferAsprintf(&opt, ",tls-creds=%s", gfxPriv->tlsAlias);
-        } else {
-            if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_VNC_OPTS))
-                virBufferAddLit(&opt, ",tls=on");
-            else
-                virBufferAddLit(&opt, ",tls");
-            if (cfg->vncTLSx509verify) {
-                virBufferAddLit(&opt, ",x509verify=");
-                virQEMUBuildBufferEscapeComma(&opt, cfg->vncTLSx509certdir);
-            } else {
-                virBufferAddLit(&opt, ",x509=");
-                virQEMUBuildBufferEscapeComma(&opt, cfg->vncTLSx509certdir);
-            }
+            secretAlias = gfxPriv->secinfo->alias;
         }
+
+        if (qemuBuildTLSx509CommandLine(cmd,
+                                        cfg->vncTLSx509certdir,
+                                        true,
+                                        cfg->vncTLSx509verify,
+                                        secretAlias,
+                                        gfxPriv->tlsAlias,
+                                        qemuCaps) < 0)
+            return -1;
+
+        virBufferAsprintf(&opt, ",tls-creds=%s", gfxPriv->tlsAlias);
     }

     if (cfg->vncSASL) {
-- 
2.31.1


