11:23 a.m.
Please see 3/3 for explanation.
Peter Krempa (3):
qemustatusxml2xml: backup-pull: Test private data formatting/parsing
qemu: backup: Remove note that TLS should be implemented
qemu: backup: Write TLS cert and secret object aliases into status XML
src/qemu/qemu_backup.c | 7 +++----
tests/qemustatusxml2xmldata/backup-pull-in.xml | 8 +++++++-
2 files changed, 10 insertions(+), 5 deletions(-)
--
2.26.2
11:23 a.m.
New subject: [PATCH 1/3] qemustatusxml2xml: backup-pull: Test private data formatting/parsing
Modify the test case to enable TLS and add private data containing
aliases of objects corresponding to a TLS setup.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
tests/qemustatusxml2xmldata/backup-pull-in.xml | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/tests/qemustatusxml2xmldata/backup-pull-in.xml
b/tests/qemustatusxml2xmldata/backup-pull-in.xml
index 1db978a3ac..faaed67e38 100644
--- a/tests/qemustatusxml2xmldata/backup-pull-in.xml
+++ b/tests/qemustatusxml2xmldata/backup-pull-in.xml
@@ -254,12 +254,18 @@
<backups>
<domainbackup mode='pull'>
<incremental>12345</incremental>
- <server transport='tcp' name='localhost'
port='10809'/>
+ <server transport='tcp' tls='yes' name='localhost'
port='10809'/>
<disks>
<disk name='vda' backup='yes' state='running'
type='file'>
<scratch file='/path/to/file/'/>
</disk>
</disks>
+ <privateData>
+ <objects>
+ <secret type='tlskey' alias='testalias-secret'/>
+ <TLSx509 alias='testalias-tlsx509'/>
+ </objects>
+ </privateData>
</domainbackup>
</backups>
<domain type='kvm' id='4'>
--
2.26.2
7:38 a.m.
New subject: [PATCH 1/3] qemustatusxml2xml: backup-pull: Test private data formatting/parsing
On a Monday in 2020, Peter Krempa wrote:
Modify the test case to enable TLS and add private data containing
aliases of objects corresponding to a TLS setup.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
tests/qemustatusxml2xmldata/backup-pull-in.xml | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
Reviewed-by: Ján Tomko <jtomko(a)redhat.com>
Jano
11:23 a.m.
New subject: [PATCH 2/3] qemu: backup: Remove note that TLS should be implemented
Commit 423576679a5 implementing TLS forgot to remove the comment.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/qemu/qemu_backup.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/qemu/qemu_backup.c b/src/qemu/qemu_backup.c
index a402730d38..2f1a612803 100644
--- a/src/qemu/qemu_backup.c
+++ b/src/qemu/qemu_backup.c
@@ -805,7 +805,6 @@ qemuBackupBegin(virDomainObjPtr vm,
if (qemuDomainObjEnterMonitorAsync(priv->driver, vm, QEMU_ASYNC_JOB_BACKUP) <
0)
goto endjob;
- /* TODO: TLS is a must-have for the modern age */
if (pull) {
if (tlsSecretProps)
rc = qemuMonitorAddObject(priv->mon, &tlsSecretProps,
&tlsSecretAlias);
--
2.26.2
7:39 a.m.
New subject: [PATCH 2/3] qemu: backup: Remove note that TLS should be implemented
On a Monday in 2020, Peter Krempa wrote:
Commit 423576679a5 implementing TLS forgot to remove the comment.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/qemu/qemu_backup.c | 1 -
1 file changed, 1 deletion(-)
Reviewed-by: Ján Tomko <jtomko(a)redhat.com>
Jano
11:23 a.m.
New subject: [PATCH 3/3] qemu: backup: Write TLS cert and secret object aliases into status XML
We've put the aliases into the backup job definition after the status
XML was already writted so they didn't appear in the on-disk state.
Move the code putting them into the private definition earlier, so that
the status XML update done by saving blockjobs already writes them out.
Also add a note notifying that the block job status update writes the
status XML.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1870488
Fixes: 423576679a5
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/qemu/qemu_backup.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/qemu/qemu_backup.c b/src/qemu/qemu_backup.c
index 2f1a612803..4e61a5e52b 100644
--- a/src/qemu/qemu_backup.c
+++ b/src/qemu/qemu_backup.c
@@ -825,6 +825,9 @@ qemuBackupBegin(virDomainObjPtr vm,
goto endjob;
job_started = true;
+ priv->backup->tlsAlias = g_steal_pointer(&tlsAlias);
+ priv->backup->tlsSecretAlias = g_steal_pointer(&tlsSecretAlias);
+ /* qemuBackupDiskStarted saves the status XML */
qemuBackupDiskStarted(vm, dd, ndd);
if (chk) {
@@ -848,9 +851,6 @@ qemuBackupBegin(virDomainObjPtr vm,
}
}
- priv->backup->tlsAlias = g_steal_pointer(&tlsAlias);
- priv->backup->tlsSecretAlias = g_steal_pointer(&tlsSecretAlias);
-
ret = 0;
endjob:
--
2.26.2
7:37 a.m.
New subject: [PATCH 3/3] qemu: backup: Write TLS cert and secret object aliases into status XML
On a Monday in 2020, Peter Krempa wrote:
We've put the aliases into the backup job definition after the
status
XML was already writted so they didn't appear in the on-disk state.
s/writted/written/
Move the code putting them into the private definition earlier, so that
the status XML update done by saving blockjobs already writes them out.
Also add a note notifying that the block job status update writes the
status XML.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1870488
Fixes: 423576679a5
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/qemu/qemu_backup.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
Reviewed-by: Ján Tomko <jtomko(a)redhat.com>
Jano
7:35 a.m.
On 9/14/20 6:23 PM, Peter Krempa wrote:
Please see 3/3 for explanation.
Peter Krempa (3):
qemustatusxml2xml: backup-pull: Test private data formatting/parsing
qemu: backup: Remove note that TLS should be implemented
qemu: backup: Write TLS cert and secret object aliases into status XML
src/qemu/qemu_backup.c | 7 +++----
tests/qemustatusxml2xmldata/backup-pull-in.xml | 8 +++++++-
2 files changed, 10 insertions(+), 5 deletions(-)
Reviewed-by: Michal Privoznik <mprivozn(a)redhat.com>
Michal
1529
days inactive
1530
days old
7 comments
3 participants
participants (3)
-
Ján Tomko -
Michal Privoznik -
Peter Krempa