On 02/24/2017 12:08 PM, Jiri Denemark wrote:
> On Thu, Feb 23, 2017 at 13:42:04 -0500, John Ferlan wrote:
>> Introduce API to Prepare a qemuDomainSecretInfoPtr to be
>> used with a migrate or nbd TLS object
>>
>> Also alter the error message in ChardevPrepare when UUIDParse fails
>> to be consistent with the message for MigratePrepare
>>
>> Signed-off-by: John Ferlan <jferlan@xxxxxxxxxx>
>> ---
>> src/qemu/qemu_domain.c | 48 ++++++++++++++++++++++++++--
>> src/qemu/qemu_domain.h | 85 ++++++++++++++++++++++++++++----------------------
>> 2 files changed, 94 insertions(+), 39 deletions(-)
>>
>> diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
>> index b7594b3..40c9dab 100644
>> --- a/src/qemu/qemu_domain.c
>> +++ b/src/qemu/qemu_domain.c
>> @@ -1353,8 +1353,9 @@ qemuDomainSecretChardevPrepare(virConnectPtr conn,
>>
>> if (virUUIDParse(cfg->chardevTLSx509secretUUID,
>> seclookupdef.u.uuid) < 0) {
>> - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
>> - _("malformed chardev TLS secret uuid in qemu.conf"));
>> + virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
>> + _("malformed TLS secret uuid '%s' in qemu.conf"),
>> + cfg->chardevTLSx509secretUUID);
>> return -1;
>> }
>> seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_UUID;
>> @@ -1379,6 +1380,47 @@ qemuDomainSecretChardevPrepare(virConnectPtr conn,
>> }
>>
>>
>> +/* qemuDomainSecretMigratePrepare
>> + * @conn: Pointer to connection
>> + * @priv: pointer to domain private object
>> + * @srcAlias: Alias to use (either migrate or nbd)
>> + * @secretUUID: UUID for the secret from the cfg (migrate or nbd)
>> + *
>> + * Create and prepare the qemuDomainSecretInfoPtr to be used for either
>> + * a migration or nbd. Unlike other domain secret prepare functions, this
>> + * is only expected to be called for a single object/instance. Theoretically
>> + * the object could be reused, although that results in keeping a secret
>> + * stored in memory for perhaps longer than expected or necessary.
>> + *
>> + * Returns 0 on success, -1 on failure
>> + */
>> +int
>> +qemuDomainSecretMigratePrepare(virConnectPtr conn,
>> + qemuDomainObjPrivatePtr priv,
>> + const char *srcAlias,
>> + const char *secretUUID)
>> +{
>> + virSecretLookupTypeDef seclookupdef = {0};
>> +
>> + if (virUUIDParse(secretUUID, seclookupdef.u.uuid) < 0) {
>> + virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
>> + _("malformed TLS secret uuid '%s' in qemu.conf"),
>> + secretUUID);
>> + return -1;
>> + }
>> + seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_UUID;
>
> I hoped this would go inside qemuDomainSecretInfoNew, but you made it
> general so that it can be used in places which need different
> seclookupdef...
>
Right... and chardev/migration are the only two using a secret UUID from
qemu.conf. The migration one is generic (secretUUID)
I could move the code into the SecretInfoNew, but then someone could say
what does parsing the UUID have to do with creating a SecretInfo - it's
damned if you do and damned if you don't type situation.
I'd rather keep this as is and pass the &seclookupdef
>> +
>> + if (!(priv->migSecinfo =
>> + qemuDomainSecretInfoNew(conn, priv, srcAlias,
>> + VIR_SECRET_USAGE_TYPE_TLS, NULL,
>> + &seclookupdef, false, "TLS X.509")))
>
> This will obviously need to be changed according to the changes in the
> previous patch.
Yep.
John
>
> Jirka
>
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
