On 08/05/2016 04:19 AM, Daniel P. Berrange wrote: > In the subject s/chartcp/chardev/ > > On Thu, Aug 04, 2016 at 11:21:20AM -0400, John Ferlan wrote: >> Add a new TLS X.509 certificate type - "chardev". This will handle the >> creation of a TLS certificate capability (and possibly repository) for >> properly configured character device TCP backends. >> >> Unlike the vnc and spice there is no "listen" or "passwd" associated. The >> credentials will be handled via a libvirt secret provided to a specific >> backend. >> >> Make use of the default verify option as well. >> >> Signed-off-by: John Ferlan <jferlan@xxxxxxxxxx> >> --- >> src/qemu/libvirtd_qemu.aug | 5 +++ >> src/qemu/qemu.conf | 28 ++++++++++++ >> src/qemu/qemu_conf.c | 9 ++++ >> src/qemu/qemu_conf.h | 4 ++ >> src/qemu/test_libvirtd_qemu.aug.in | 3 ++ >> .../qemuxml2argv-serial-tcp-tlsx509-chardev.xml | 41 ++++++++++++++++++ >> .../qemuxml2xmlout-serial-tcp-tlsx509-chardev.xml | 50 ++++++++++++++++++++++ >> tests/qemuxml2xmltest.c | 1 + >> 8 files changed, 141 insertions(+) >> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.xml >> create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-serial-tcp-tlsx509-chardev.xml > > ACK > > Regards, > Daniel > As noted in my response in 6/9, I somehow missed fetching the chardevTLS, so I'll squash the following in before pushing the ACK'd patches, so that I can repost the secret changes in a v6: diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index f2d27a1..ce2a890 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -505,6 +505,8 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr cfg, if (virConfGetValueBool(conf, "spice_auto_unix_socket", &cfg->spiceAutoUnixSocket) < 0) goto cleanup; + if ((rv = virConfGetValueBool(conf, "chardev_tls", &cfg->chardevTLS)) < 0) + goto cleanup; if (virConfGetValueString(conf, "chardev_tls_x509_cert_dir", &cfg->chardevTLSx509certdir) < 0) goto cleanup; if ((rv = virConfGetValueBool(conf, "chardev_tls_x509_verify", &cfg->chardevTLSx509verify)) < 0) -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list