'qemuDomainSecretGraphicsPrepare' always populates 'gfxPriv->tlsAlias'
when 'cfg->vncTLS' is enabled.
This means we can remove the fallback code setting up TLS for vnc via
the 'x509=' parameter.
Signed-off-by: Peter Krempa <pkrempa@xxxxxxxxxx>
---
src/qemu/qemu_command.c | 48 +++++++++++++++--------------------------
1 file changed, 17 insertions(+), 31 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index a8d2b1ce74..08c88b12f4 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -7963,40 +7963,26 @@ qemuBuildGraphicsVNCCommandLine(virQEMUDriverConfig *cfg,
if (cfg->vncTLS) {
qemuDomainGraphicsPrivate *gfxPriv = QEMU_DOMAIN_GRAPHICS_PRIVATE(graphics);
- if (gfxPriv->tlsAlias) {
- const char *secretAlias = NULL;
+ const char *secretAlias = NULL;
- if (gfxPriv->secinfo) {
- if (qemuBuildObjectSecretCommandLine(cmd,
- gfxPriv->secinfo,
- qemuCaps) < 0)
- return -1;
- secretAlias = gfxPriv->secinfo->alias;
- }
-
- if (qemuBuildTLSx509CommandLine(cmd,
- cfg->vncTLSx509certdir,
- true,
- cfg->vncTLSx509verify,
- secretAlias,
- gfxPriv->tlsAlias,
- qemuCaps) < 0)
+ if (gfxPriv->secinfo) {
+ if (qemuBuildObjectSecretCommandLine(cmd,
+ gfxPriv->secinfo,
+ qemuCaps) < 0)
return -1;
-
- virBufferAsprintf(&opt, ",tls-creds=%s", gfxPriv->tlsAlias);
- } else {
- if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_VNC_OPTS))
- virBufferAddLit(&opt, ",tls=on");
- else
- virBufferAddLit(&opt, ",tls");
- if (cfg->vncTLSx509verify) {
- virBufferAddLit(&opt, ",x509verify=");
- virQEMUBuildBufferEscapeComma(&opt, cfg->vncTLSx509certdir);
- } else {
- virBufferAddLit(&opt, ",x509=");
- virQEMUBuildBufferEscapeComma(&opt, cfg->vncTLSx509certdir);
- }
+ secretAlias = gfxPriv->secinfo->alias;
}
+
+ if (qemuBuildTLSx509CommandLine(cmd,
+ cfg->vncTLSx509certdir,
+ true,
+ cfg->vncTLSx509verify,
+ secretAlias,
+ gfxPriv->tlsAlias,
+ qemuCaps) < 0)
+ return -1;
+
+ virBufferAsprintf(&opt, ",tls-creds=%s", gfxPriv->tlsAlias);
}
if (cfg->vncSASL) {
--
2.31.1
