Add fields for storing the aliases necessary to clean up the TLS env for
a backup job after it finishes.
Signed-off-by: Peter Krempa <pkrempa@xxxxxxxxxx>
---
src/conf/backup_conf.c | 42 +++++++++++++++++++
src/conf/backup_conf.h | 5 +++
.../backup-pull-internal-invalid.xml | 36 ++++++++++++++++
.../backup-pull-internal-invalid.xml | 1 +
tests/genericxml2xmltest.c | 2 +
5 files changed, 86 insertions(+)
create mode 100644 tests/domainbackupxml2xmlin/backup-pull-internal-invalid.xml
create mode 120000 tests/domainbackupxml2xmlout/backup-pull-internal-invalid.xml
diff --git a/src/conf/backup_conf.c b/src/conf/backup_conf.c
index 4f28073ab2..74f6e4b020 100644
--- a/src/conf/backup_conf.c
+++ b/src/conf/backup_conf.c
@@ -86,6 +86,10 @@ virDomainBackupDefFree(virDomainBackupDefPtr def)
}
g_free(def->disks);
+
+ g_free(def->tlsAlias);
+ g_free(def->tlsSecretAlias);
+
g_free(def);
}
@@ -213,6 +217,19 @@ virDomainBackupDiskDefParseXML(xmlNodePtr node,
}
+static void
+virDomainBackupDefParsePrivate(virDomainBackupDefPtr def,
+ xmlXPathContextPtr ctxt,
+ unsigned int flags)
+{
+ if (!(flags & VIR_DOMAIN_BACKUP_PARSE_INTERNAL))
+ return;
+
+ def->tlsSecretAlias = virXPathString("string(./privateData/objects/secret[@type='tlskey']/@alias)", ctxt);
+ def->tlsAlias = virXPathString("string(./privateData/objects/TLSx509/@alias)", ctxt);
+}
+
+
static virDomainBackupDefPtr
virDomainBackupDefParse(xmlXPathContextPtr ctxt,
virDomainXMLOptionPtr xmlopt,
@@ -282,6 +299,8 @@ virDomainBackupDefParse(xmlXPathContextPtr ctxt,
return NULL;
}
+ virDomainBackupDefParsePrivate(def, ctxt, flags);
+
return g_steal_pointer(&def);
}
@@ -388,6 +407,26 @@ virDomainBackupDiskDefFormat(virBufferPtr buf,
}
+static void
+virDomainBackupDefFormatPrivate(virBufferPtr buf,
+ virDomainBackupDefPtr def,
+ bool internal)
+{
+ g_auto(virBuffer) privChildBuf = VIR_BUFFER_INIT_CHILD(buf);
+ g_auto(virBuffer) objectsChildBuf = VIR_BUFFER_INIT_CHILD(&privChildBuf);
+
+ if (!internal)
+ return;
+
+ virBufferEscapeString(&objectsChildBuf, "<secret type='tlskey' alias='%s'/>\n",
+ def->tlsSecretAlias);
+ virBufferEscapeString(&objectsChildBuf, "<TLSx509 alias='%s'/>\n", def->tlsAlias);
+
+ virXMLFormatElement(&privChildBuf, "objects", NULL, &objectsChildBuf);
+ virXMLFormatElement(buf, "privateData", NULL, &privChildBuf);
+}
+
+
int
virDomainBackupDefFormat(virBufferPtr buf,
virDomainBackupDefPtr def,
@@ -422,6 +461,9 @@ virDomainBackupDefFormat(virBufferPtr buf,
}
virXMLFormatElement(&childBuf, "disks", NULL, &disksChildBuf);
+
+ virDomainBackupDefFormatPrivate(&childBuf, def, internal);
+
virXMLFormatElement(buf, "domainbackup", &attrBuf, &childBuf);
return 0;
diff --git a/src/conf/backup_conf.h b/src/conf/backup_conf.h
index 3f8b592b8d..a1d1e453c1 100644
--- a/src/conf/backup_conf.h
+++ b/src/conf/backup_conf.h
@@ -86,6 +86,11 @@ struct _virDomainBackupDef {
virDomainBackupDiskDef *disks;
/* internal data */
+
+ /* NBD TLS internals */
+ char *tlsAlias;
+ char *tlsSecretAlias;
+
/* statistic totals for completed disks */
unsigned long long push_transferred;
unsigned long long push_total;
diff --git a/tests/domainbackupxml2xmlin/backup-pull-internal-invalid.xml b/tests/domainbackupxml2xmlin/backup-pull-internal-invalid.xml
new file mode 100644
index 0000000000..261dec0eea
--- /dev/null
+++ b/tests/domainbackupxml2xmlin/backup-pull-internal-invalid.xml
@@ -0,0 +1,36 @@
+<domainbackup mode='pull'>
+ <incremental>1525889631</incremental>
+ <server transport='tcp' name='localhost' port='10809'/>
+ <disks>
+ <disk name='vda' backup='yes' state='running' type='file' exportname='test-vda' exportbitmap='blah'>
+ <driver type='qcow2'/>
+ <scratch file='/path/to/file'>
+ <encryption format='luks'>
+ <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f'/>
+ </encryption>
+ </scratch>
+ </disk>
+ <disk name='vdb' backup='yes' state='complete' type='file' exportname='test-vda' exportbitmap='blah'>
+ <driver type='qcow2'/>
+ <scratch file='/path/to/file'>
+ <encryption format='luks'>
+ <secret type='passphrase' usage='/storage/backup/vdb'/>
+ </encryption>
+ </scratch>
+ </disk>
+ <disk name='vdc' backup='yes' state='running' type='block'>
+ <driver type='qcow2'/>
+ <scratch dev='/dev/block'>
+ <encryption format='luks'>
+ <secret type='passphrase' usage='/storage/backup/vdc'/>
+ </encryption>
+ </scratch>
+ </disk>
+ </disks>
+ <privateData>
+ <objects>
+ <secret type='tlskey' alias='test-tlskey'/>
+ <TLSx509 alias='test-tlsobj'/>
+ </objects>
+ </privateData>
+</domainbackup>
diff --git a/tests/domainbackupxml2xmlout/backup-pull-internal-invalid.xml b/tests/domainbackupxml2xmlout/backup-pull-internal-invalid.xml
new file mode 120000
index 0000000000..055ca37a0b
--- /dev/null
+++ b/tests/domainbackupxml2xmlout/backup-pull-internal-invalid.xml
@@ -0,0 +1 @@
+../domainbackupxml2xmlin/backup-pull-internal-invalid.xml
\ No newline at end of file
diff --git a/tests/genericxml2xmltest.c b/tests/genericxml2xmltest.c
index cf07f9bb79..2c1e8616dd 100644
--- a/tests/genericxml2xmltest.c
+++ b/tests/genericxml2xmltest.c
@@ -215,6 +215,8 @@ mymain(void)
DO_TEST_BACKUP("backup-push-seclabel");
DO_TEST_BACKUP("backup-push-encrypted");
+ DO_TEST_BACKUP_FULL("backup-pull-internal-invalid", true);
+
virObjectUnref(caps);
virObjectUnref(xmlopt);
--
2.26.2
