On Mon, Jul 11, 2016 at 02:07:54PM -0400, John Ferlan wrote:
Commit id 'c84380106' added support for a secret usage type 'passphrase' that was designed to be used for both LUKS encryption and TLS credentials since both used a 'simple' passphrase in order to handle the authentication. However, a post commit review deemed that usage model to be invalid. This patch repurposes the 'passphrase' usage type for 'tls' specific usage. A previous patch has already adjusted the various LUKS usages to utilize a 'volume' secret. Signed-off-by: John Ferlan <jferlan@xxxxxxxxxx> --- docs/aclpolkit.html.in | 2 +- docs/formatsecret.html.in | 59 +++++++++++++++++++++++++++++- docs/schemas/secret.rng | 6 +-- include/libvirt/libvirt-secret.h | 2 +- src/access/viraccessdriverpolkit.c | 2 +- src/conf/secret_conf.c | 12 +++--- src/conf/virsecretobj.c | 2 +- tests/secretxml2xmlin/usage-passphrase.xml | 7 ---- tests/secretxml2xmlin/usage-tls.xml | 7 ++++ tests/secretxml2xmltest.c | 2 +- 10 files changed, 78 insertions(+), 23 deletions(-) delete mode 100644 tests/secretxml2xmlin/usage-passphrase.xml create mode 100644 tests/secretxml2xmlin/usage-tls.xml
This should be two separate patches. [A] Removing usage type='passphrase' (possibly merged into 2/7), pushed before the next release, to avoid ever releasing it. [B] would only add the TLS usage and be a part of the TLS series. It would basically consist of this patch [3/7] and a revert of [A], so splitting them out should not be much pain. [B] should be pushed along with the rest of TLS functionality, which might or might not end up in this release. Jan -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list