9:41 a.m.
The code can be merged directly in qemuMigrationParamsAddTLSObjects.
Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com>
---
src/qemu/qemu_migration.c | 15 -------
src/qemu/qemu_migration_params.c | 73 ++++++++++----------------------
src/qemu/qemu_migration_params.h | 6 ---
3 files changed, 23 insertions(+), 71 deletions(-)
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 3c25e0e27f..072a5c95ae 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -2045,7 +2045,6 @@ qemuMigrationSrcBegin(virConnectPtr conn,
unsigned long flags)
{
virQEMUDriverPtr driver = conn->privateData;
- virQEMUDriverConfigPtr cfg = NULL;
char *xml = NULL;
qemuDomainAsyncJob asyncJob;
@@ -2079,12 +2078,6 @@ qemuMigrationSrcBegin(virConnectPtr conn,
nmigrate_disks, migrate_disks, flags)))
goto endjob;
- if (flags & VIR_MIGRATE_TLS) {
- cfg = virQEMUDriverGetConfig(driver);
- if (qemuMigrationParamsCheckSetupTLS(driver, cfg, vm, asyncJob) < 0)
- goto endjob;
- }
-
if ((flags & VIR_MIGRATE_CHANGE_PROTECTION)) {
/* We keep the job active across API calls until the confirm() call.
* This prevents any other APIs being invoked while migration is taking
@@ -2101,7 +2094,6 @@ qemuMigrationSrcBegin(virConnectPtr conn,
}
cleanup:
- virObjectUnref(cfg);
virDomainObjEndAPI(&vm);
return xml;
@@ -2463,10 +2455,6 @@ qemuMigrationDstPrepareAny(virQEMUDriverPtr driver,
* set the migration TLS parameters */
if (flags & VIR_MIGRATE_TLS) {
cfg = virQEMUDriverGetConfig(driver);
- if (qemuMigrationParamsCheckSetupTLS(driver, cfg, vm,
- QEMU_ASYNC_JOB_MIGRATION_IN) < 0)
- goto stopjob;
-
if (qemuMigrationParamsAddTLSObjects(driver, vm, cfg, true,
QEMU_ASYNC_JOB_MIGRATION_IN,
&tlsAlias, &secAlias, migParams)
< 0)
@@ -3424,9 +3412,6 @@ qemuMigrationSrcRun(virQEMUDriverPtr driver,
if (flags & VIR_MIGRATE_TLS) {
cfg = virQEMUDriverGetConfig(driver);
-
- /* Begin/CheckSetupTLS already set up migTLSAlias, the following
- * assumes that and adds the TLS objects to the domain. */
if (qemuMigrationParamsAddTLSObjects(driver, vm, cfg, false,
QEMU_ASYNC_JOB_MIGRATION_OUT,
&tlsAlias, &secAlias, migParams)
< 0)
diff --git a/src/qemu/qemu_migration_params.c b/src/qemu/qemu_migration_params.c
index 43098de904..bee7d9796f 100644
--- a/src/qemu/qemu_migration_params.c
+++ b/src/qemu/qemu_migration_params.c
@@ -179,56 +179,6 @@ qemuMigrationParamsCheckTLSCreds(virQEMUDriverPtr driver,
}
-/* qemuMigrationParamsCheckSetupTLS
- * @driver: pointer to qemu driver
- * @vm: domain object
- * @cfg: configuration pointer
- * @asyncJob: migration job to join
- *
- * Check if TLS is possible and set up the environment. Assumes the caller
- * desires to use TLS (e.g. caller found VIR_MIGRATE_TLS flag).
- *
- * Ensure the qemu.conf has been properly configured to add an entry for
- * "migrate_tls_x509_cert_dir". Also check if the "tls-creds"
parameter
- * was present from a query of migration parameters
- *
- * Returns 0 on success, -1 on error/failure
- */
-int
-qemuMigrationParamsCheckSetupTLS(virQEMUDriverPtr driver,
- virQEMUDriverConfigPtr cfg,
- virDomainObjPtr vm,
- int asyncJob)
-{
- qemuDomainObjPrivatePtr priv = vm->privateData;
-
- if (!cfg->migrateTLSx509certdir) {
- virReportError(VIR_ERR_OPERATION_INVALID, "%s",
- _("host migration TLS directory not configured"));
- return -1;
- }
-
- if (qemuMigrationParamsCheckTLSCreds(driver, vm, asyncJob) < 0)
- return -1;
-
- if (!priv->migTLSAlias) {
- virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
- _("TLS migration is not supported with this "
- "QEMU binary"));
- return -1;
- }
-
- /* If there's a secret, then grab/store it now using the connection */
- if (cfg->migrateTLSx509secretUUID &&
- !(priv->migSecinfo =
- qemuDomainSecretInfoTLSNew(priv, QEMU_MIGRATION_TLS_ALIAS_BASE,
- cfg->migrateTLSx509secretUUID)))
- return -1;
-
- return 0;
-}
-
-
/* qemuMigrationParamsAddTLSObjects
* @driver: pointer to qemu driver
* @vm: domain object
@@ -257,6 +207,29 @@ qemuMigrationParamsAddTLSObjects(virQEMUDriverPtr driver,
virJSONValuePtr tlsProps = NULL;
virJSONValuePtr secProps = NULL;
+ if (!cfg->migrateTLSx509certdir) {
+ virReportError(VIR_ERR_OPERATION_INVALID, "%s",
+ _("host migration TLS directory not configured"));
+ goto error;
+ }
+
+ if (qemuMigrationParamsCheckTLSCreds(driver, vm, asyncJob) < 0)
+ goto error;
+
+ if (!priv->migTLSAlias) {
+ virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
+ _("TLS migration is not supported with this "
+ "QEMU binary"));
+ goto error;
+ }
+
+ /* If there's a secret, then grab/store it now using the connection */
+ if (cfg->migrateTLSx509secretUUID &&
+ !(priv->migSecinfo =
+ qemuDomainSecretInfoTLSNew(priv, QEMU_MIGRATION_TLS_ALIAS_BASE,
+ cfg->migrateTLSx509secretUUID)))
+ goto error;
+
if (qemuDomainGetTLSObjects(priv->qemuCaps, priv->migSecinfo,
cfg->migrateTLSx509certdir, tlsListen,
cfg->migrateTLSx509verify,
diff --git a/src/qemu/qemu_migration_params.h b/src/qemu/qemu_migration_params.h
index 5e5e81ee07..1c41a5620f 100644
--- a/src/qemu/qemu_migration_params.h
+++ b/src/qemu/qemu_migration_params.h
@@ -71,12 +71,6 @@ qemuMigrationParamsSet(virQEMUDriverPtr driver,
int asyncJob,
qemuMigrationParamsPtr migParams);
-int
-qemuMigrationParamsCheckSetupTLS(virQEMUDriverPtr driver,
- virQEMUDriverConfigPtr cfg,
- virDomainObjPtr vm,
- int asyncJob);
-
int
qemuMigrationParamsAddTLSObjects(virQEMUDriverPtr driver,
virDomainObjPtr vm,
--
2.17.0