On Thu, Feb 23, 2017 at 13:42:04 -0500, John Ferlan wrote:
Introduce API to Prepare a qemuDomainSecretInfoPtr to be used with a migrate or nbd TLS object
Also alter the error message in ChardevPrepare when UUIDParse fails to be consistent with the message for MigratePrepare
Signed-off-by: John Ferlan <jferlan@redhat.com> --- src/qemu/qemu_domain.c | 48 ++++++++++++++++++++++++++-- src/qemu/qemu_domain.h | 85 ++++++++++++++++++++++++++++---------------------- 2 files changed, 94 insertions(+), 39 deletions(-)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index b7594b3..40c9dab 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1353,8 +1353,9 @@ qemuDomainSecretChardevPrepare(virConnectPtr conn,
if (virUUIDParse(cfg->chardevTLSx509secretUUID, seclookupdef.u.uuid) < 0) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("malformed chardev TLS secret uuid in qemu.conf")); + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("malformed TLS secret uuid '%s' in qemu.conf"), + cfg->chardevTLSx509secretUUID); return -1; } seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_UUID; @@ -1379,6 +1380,47 @@ qemuDomainSecretChardevPrepare(virConnectPtr conn, }
+/* qemuDomainSecretMigratePrepare + * @conn: Pointer to connection + * @priv: pointer to domain private object + * @srcAlias: Alias to use (either migrate or nbd) + * @secretUUID: UUID for the secret from the cfg (migrate or nbd) + * + * Create and prepare the qemuDomainSecretInfoPtr to be used for either + * a migration or nbd. Unlike other domain secret prepare functions, this + * is only expected to be called for a single object/instance. Theoretically + * the object could be reused, although that results in keeping a secret + * stored in memory for perhaps longer than expected or necessary. + * + * Returns 0 on success, -1 on failure + */ +int +qemuDomainSecretMigratePrepare(virConnectPtr conn, + qemuDomainObjPrivatePtr priv, + const char *srcAlias, + const char *secretUUID) +{ + virSecretLookupTypeDef seclookupdef = {0}; + + if (virUUIDParse(secretUUID, seclookupdef.u.uuid) < 0) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("malformed TLS secret uuid '%s' in qemu.conf"), + secretUUID); + return -1; + } + seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_UUID;
I hoped this would go inside qemuDomainSecretInfoNew, but you made it general so that it can be used in places which need different seclookupdef...
+ + if (!(priv->migSecinfo = + qemuDomainSecretInfoNew(conn, priv, srcAlias, + VIR_SECRET_USAGE_TYPE_TLS, NULL, + &seclookupdef, false, "TLS X.509")))
This will obviously need to be changed according to the changes in the previous patch. Jirka