On 11/13/20 4:01 PM, Peter Krempa wrote:
Store whether "default_tls_x509_verify" was provided and enhance the
SET_TLS_VERIFY_DEFAULT macro so that indiviual users can provide their
own default if "default_tls_x509_verify" config option was not provided.
For now we keep setting it to 'false'.
Signed-off-by: Peter Krempa <pkrempa@xxxxxxxxxx>
---
src/qemu/qemu.conf | 6 ++++++
src/qemu/qemu_conf.c | 22 ++++++++++++++--------
src/qemu/qemu_conf.h | 1 +
3 files changed, 21 insertions(+), 8 deletions(-)
diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index 2fb2f021c2..c3a61816a4 100644
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -406,8 +406,10 @@ virQEMUDriverConfigLoadDefaultTLSEntry(virQEMUDriverConfigPtr cfg,
if ((rv = virConfGetValueString(conf, "default_tls_x509_cert_dir", &cfg->defaultTLSx509certdir)) < 0)
return -1;
cfg->defaultTLSx509certdirPresent = (rv == 1);
- if (virConfGetValueBool(conf, "default_tls_x509_verify", &cfg->defaultTLSx509verify) < 0)
+ if ((rv = virConfGetValueBool(conf, "default_tls_x509_verify", &cfg->defaultTLSx509verify)) < 0)
return -1;
+ if (rv == 1)
+ cfg->defaultTLSx509verifyPresent = true;
if (virConfGetValueString(conf, "default_tls_x509_secret_uuid",
&cfg->defaultTLSx509secretUUID) < 0)
return -1;
@@ -1240,16 +1242,20 @@ virQEMUDriverConfigSetDefaults(virQEMUDriverConfigPtr cfg)
#undef SET_TLS_X509_CERT_DEFAULT
-#define SET_TLS_VERIFY_DEFAULT(val) \
+#define SET_TLS_VERIFY_DEFAULT(val, defaultverify) \
do { \
- if (!cfg->val## TLSx509verifyPresent) \
- cfg->val## TLSx509verify = cfg->defaultTLSx509verify; \
+ if (!cfg->val## TLSx509verifyPresent) {\
+ if (cfg->defaultTLSx509verifyPresent) \
+ cfg->val## TLSx509verify = cfg->defaultTLSx509verify; \
+ else \
+ cfg->val## TLSx509verify = defaultverify;\
Alignment.
+ }\
} while (0)
Michal
