Append 'x509' to the function identifiers managing the tls-creds-x509 objects. This defines the functions' scope and prevents naming conflicts with the introduction of functions related to tls-creds-psk in subsequent commits.
Additionally, update the TLS x509 object alias from "obj%s_tls0" to "obj%s_tlsx5090" along with relevant testcase changes. Suggested-by: Tejus GK <[email protected]> Signed-off-by: Abhisek Panda <[email protected]> --- src/qemu/qemu_alias.c | 8 +- src/qemu/qemu_alias.h | 2 +- src/qemu/qemu_backup.c | 2 +- src/qemu/qemu_command.c | 2 +- src/qemu/qemu_domain.c | 2 +- src/qemu/qemu_hotplug.c | 76 +++++++++---------- src/qemu/qemu_hotplug.h | 26 +++---- src/qemu/qemu_migration.c | 24 +++--- src/qemu/qemu_migration_params.c | 44 +++++------ src/qemu/qemu_migration_params.h | 14 ++-- src/qemu/qemu_postparse.c | 2 +- tests/qemumigparamsdata/tls-enabled.json | 2 +- tests/qemumigparamsdata/tls-enabled.reply | 2 +- tests/qemumigparamsdata/tls-enabled.xml | 2 +- tests/qemumigparamsdata/tls-hostname.json | 2 +- tests/qemumigparamsdata/tls-hostname.reply | 2 +- tests/qemumigparamsdata/tls-hostname.xml | 2 +- tests/qemumonitorjsontest.c | 4 +- tests/qemustatusxml2xmldata/upgrade-out.xml | 2 +- .../chardev-backends-json.x86_64-9.1.0.args | 8 +- .../chardev-backends-json.x86_64-latest.args | 8 +- .../chardev-backends.x86_64-9.1.0.args | 8 +- .../chardev-backends.x86_64-latest.args | 8 +- ...rk-tlsx509-nbd-hostname.x86_64-latest.args | 6 +- ...isk-network-tlsx509-nbd.x86_64-latest.args | 6 +- ...-tlsx509-chardev-verify.x86_64-latest.args | 4 +- ...ial-tcp-tlsx509-chardev.x86_64-latest.args | 4 +- ...-tlsx509-secret-chardev.x86_64-latest.args | 4 +- 28 files changed, 138 insertions(+), 138 deletions(-) diff --git a/src/qemu/qemu_alias.c b/src/qemu/qemu_alias.c index 400ce73283..9133389df1 100644 --- a/src/qemu/qemu_alias.c +++ b/src/qemu/qemu_alias.c @@ -872,15 +872,15 @@ qemuAliasForSecret(const char *parentalias, return g_strdup_printf("%s-secret%zu", parentalias, secret_idx); } -/* qemuAliasTLSObjFromSrcAlias +/* qemuAliasTLSx509ObjFromSrcAlias * @srcAlias: Pointer to a source alias string * - * Generate and return a string to be used as the TLS object alias + * Generate and return a string to be used as the TLS X509 object alias */ char * -qemuAliasTLSObjFromSrcAlias(const char *srcAlias) +qemuAliasTLSx509ObjFromSrcAlias(const char *srcAlias) { - return g_strdup_printf("obj%s_tls0", srcAlias); + return g_strdup_printf("obj%s_tlsx5090", srcAlias); } diff --git a/src/qemu/qemu_alias.h b/src/qemu/qemu_alias.h index eae08020dc..dd7bfdcc0f 100644 --- a/src/qemu/qemu_alias.h +++ b/src/qemu/qemu_alias.h @@ -89,7 +89,7 @@ char *qemuAliasForSecret(const char *parentalias, const char *obj, size_t secret_idx); -char *qemuAliasTLSObjFromSrcAlias(const char *srcAlias) +char *qemuAliasTLSx509ObjFromSrcAlias(const char *srcAlias) ATTRIBUTE_NONNULL(1); char *qemuAliasChardevFromDevAlias(const char *devAlias) diff --git a/src/qemu/qemu_backup.c b/src/qemu/qemu_backup.c index a0544c83dc..9c496ee0c8 100644 --- a/src/qemu/qemu_backup.c +++ b/src/qemu/qemu_backup.c @@ -745,7 +745,7 @@ qemuBackupBeginPrepareTLS(virDomainObj *vm, virJSONValue **tlsSecretProps) { qemuDomainObjPrivate *priv = vm->privateData; - g_autofree char *tlsObjAlias = qemuAliasTLSObjFromSrcAlias(QEMU_BACKUP_TLS_ALIAS_BASE); + g_autofree char *tlsObjAlias = qemuAliasTLSx509ObjFromSrcAlias(QEMU_BACKUP_TLS_ALIAS_BASE); g_autoptr(qemuDomainSecretInfo) secinfo = NULL; const char *tlsKeySecretAlias = NULL; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 69324a523f..efa1d10a57 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -1387,7 +1387,7 @@ qemuBuildChardevCommand(virCommand *cmd, tlsCertEncSecAlias = chrSourcePriv->secinfo->alias; } - if (!(objalias = qemuAliasTLSObjFromSrcAlias(charAlias))) + if (!(objalias = qemuAliasTLSx509ObjFromSrcAlias(charAlias))) return -1; if (qemuBuildTLSx509CommandLine(cmd, chrSourcePriv->tlsCertPath, diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index dde257bb70..99660e684f 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -9030,7 +9030,7 @@ qemuProcessPrepareStorageSourceTLSNBD(virStorageSource *src, return -1; } - src->tlsAlias = qemuAliasTLSObjFromSrcAlias(parentAlias); + src->tlsAlias = qemuAliasTLSx509ObjFromSrcAlias(parentAlias); src->tlsCertdir = g_strdup(cfg->nbdTLSx509certdir); src->tlsPriority = g_strdup(cfg->nbdTLSpriority); diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index 8d45a6db9d..9e7055f5da 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -1702,12 +1702,12 @@ void qemuDomainDelTLSObjects(virDomainObj *vm, virDomainAsyncJob asyncJob, const char *secAlias, - const char *tlsAlias) + const char *tlsx509Alias) { qemuDomainObjPrivate *priv = vm->privateData; virErrorPtr orig_err; - if (!tlsAlias && !secAlias) + if (!tlsx509Alias && !secAlias) return; virErrorPreserveLast(&orig_err); @@ -1715,8 +1715,8 @@ qemuDomainDelTLSObjects(virDomainObj *vm, if (qemuDomainObjEnterMonitorAsync(vm, asyncJob) < 0) goto cleanup; - if (tlsAlias) - ignore_value(qemuMonitorDelObject(priv->mon, tlsAlias, false)); + if (tlsx509Alias) + ignore_value(qemuMonitorDelObject(priv->mon, tlsx509Alias, false)); if (secAlias) ignore_value(qemuMonitorDelObject(priv->mon, secAlias, false)); @@ -1729,10 +1729,10 @@ qemuDomainDelTLSObjects(virDomainObj *vm, int -qemuDomainAddTLSObjects(virDomainObj *vm, - virDomainAsyncJob asyncJob, - virJSONValue **secProps, - virJSONValue **tlsProps) +qemuDomainAddTLSx509Objects(virDomainObj *vm, + virDomainAsyncJob asyncJob, + virJSONValue **secProps, + virJSONValue **tlsProps) { qemuDomainObjPrivate *priv = vm->privateData; virErrorPtr orig_err; @@ -1766,14 +1766,14 @@ qemuDomainAddTLSObjects(virDomainObj *vm, int -qemuDomainGetTLSObjects(qemuDomainSecretInfo *secinfo, - const char *tlsCertdir, - bool tlsListen, - bool tlsVerify, - const char *tlsPriority, - const char *alias, - virJSONValue **tlsProps, - virJSONValue **secProps) +qemuDomainGetTLSx509Objects(qemuDomainSecretInfo *secinfo, + const char *tlsCertdir, + bool tlsListen, + bool tlsVerify, + const char *tlsPriority, + const char *alias, + virJSONValue **tlsProps, + virJSONValue **secProps) { const char *secAlias = NULL; @@ -1798,7 +1798,7 @@ qemuDomainAddChardevTLSObjects(virQEMUDriver *driver, virDomainChrSourceDef *dev, char *devAlias, char *charAlias, - char **tlsAlias, + char **tlsx509Alias, const char **secAlias) { g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver); @@ -1821,21 +1821,21 @@ qemuDomainAddChardevTLSObjects(virQEMUDriver *driver, if (secinfo) *secAlias = secinfo->alias; - if (!(*tlsAlias = qemuAliasTLSObjFromSrcAlias(charAlias))) + if (!(*tlsx509Alias = qemuAliasTLSx509ObjFromSrcAlias(charAlias))) return -1; - if (qemuDomainGetTLSObjects(secinfo, - cfg->chardevTLSx509certdir, - dev->data.tcp.listen, - cfg->chardevTLSx509verify, - cfg->chardevTLSpriority, - *tlsAlias, &tlsProps, &secProps) < 0) + if (qemuDomainGetTLSx509Objects(secinfo, + cfg->chardevTLSx509certdir, + dev->data.tcp.listen, + cfg->chardevTLSx509verify, + cfg->chardevTLSpriority, + *tlsx509Alias, &tlsProps, &secProps) < 0) return -1; dev->data.tcp.tlscreds = true; - if (qemuDomainAddTLSObjects(vm, VIR_ASYNC_JOB_NONE, - &secProps, &tlsProps) < 0) + if (qemuDomainAddTLSx509Objects(vm, VIR_ASYNC_JOB_NONE, + &secProps, &tlsProps) < 0) return -1; return 0; @@ -1850,7 +1850,7 @@ qemuDomainDelChardevTLSObjects(virQEMUDriver *driver, { g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver); qemuDomainObjPrivate *priv = vm->privateData; - g_autofree char *tlsAlias = NULL; + g_autofree char *tlsx509Alias = NULL; g_autofree char *secAlias = NULL; if (dev->type != VIR_DOMAIN_CHR_TYPE_TCP || @@ -1858,7 +1858,7 @@ qemuDomainDelChardevTLSObjects(virQEMUDriver *driver, return 0; } - if (!(tlsAlias = qemuAliasTLSObjFromSrcAlias(inAlias))) + if (!(tlsx509Alias = qemuAliasTLSx509ObjFromSrcAlias(inAlias))) return -1; /* Best shot at this as the secinfo is destroyed after process launch @@ -1871,7 +1871,7 @@ qemuDomainDelChardevTLSObjects(virQEMUDriver *driver, qemuDomainObjEnterMonitor(vm); - ignore_value(qemuMonitorDelObject(priv->mon, tlsAlias, false)); + ignore_value(qemuMonitorDelObject(priv->mon, tlsx509Alias, false)); if (secAlias) ignore_value(qemuMonitorDelObject(priv->mon, secAlias, false)); @@ -1892,7 +1892,7 @@ qemuDomainAttachRedirdevDevice(virQEMUDriver *driver, g_autofree char *charAlias = NULL; g_autoptr(virJSONValue) devprops = NULL; bool chardevAdded = false; - g_autofree char *tlsAlias = NULL; + g_autofree char *tlsx509Alias = NULL; const char *secAlias = NULL; virErrorPtr orig_err; @@ -1911,7 +1911,7 @@ qemuDomainAttachRedirdevDevice(virQEMUDriver *driver, if (qemuDomainAddChardevTLSObjects(driver, vm, redirdev->source, redirdev->info.alias, charAlias, - &tlsAlias, &secAlias) < 0) + &tlsx509Alias, &secAlias) < 0) goto audit; qemuDomainObjEnterMonitor(vm); @@ -1941,7 +1941,7 @@ qemuDomainAttachRedirdevDevice(virQEMUDriver *driver, ignore_value(qemuMonitorDetachCharDev(priv->mon, charAlias)); qemuDomainObjExitMonitor(vm); virErrorRestore(&orig_err); - qemuDomainDelTLSObjects(vm, VIR_ASYNC_JOB_NONE, secAlias, tlsAlias); + qemuDomainDelTLSObjects(vm, VIR_ASYNC_JOB_NONE, secAlias, tlsx509Alias); goto audit; } @@ -2127,7 +2127,7 @@ qemuDomainAttachChrDevice(virQEMUDriver *driver, bool teardowncgroup = false; bool teardowndevice = false; bool teardownlabel = false; - g_autofree char *tlsAlias = NULL; + g_autofree char *tlsx509Alias = NULL; const char *secAlias = NULL; bool need_release = false; bool guestfwd = false; @@ -2181,7 +2181,7 @@ qemuDomainAttachChrDevice(virQEMUDriver *driver, if (qemuDomainAddChardevTLSObjects(driver, vm, chr->source, chr->info.alias, charAlias, - &tlsAlias, &secAlias) < 0) + &tlsx509Alias, &secAlias) < 0) goto audit; qemuDomainObjEnterMonitor(vm); @@ -2240,7 +2240,7 @@ qemuDomainAttachChrDevice(virQEMUDriver *driver, qemuDomainObjExitMonitor(vm); virErrorRestore(&orig_err); - qemuDomainDelTLSObjects(vm, VIR_ASYNC_JOB_NONE, secAlias, tlsAlias); + qemuDomainDelTLSObjects(vm, VIR_ASYNC_JOB_NONE, secAlias, tlsx509Alias); goto audit; } @@ -2256,7 +2256,7 @@ qemuDomainAttachRNGDevice(virQEMUDriver *driver, g_autoptr(virJSONValue) devprops = NULL; g_autofree char *charAlias = NULL; g_autofree char *objAlias = NULL; - g_autofree char *tlsAlias = NULL; + g_autofree char *tlsx509Alias = NULL; const char *secAlias = NULL; bool releaseaddr = false; bool teardowncgroup = false; @@ -2294,7 +2294,7 @@ qemuDomainAttachRNGDevice(virQEMUDriver *driver, if (qemuDomainAddChardevTLSObjects(driver, vm, rng->source.chardev, rng->info.alias, charAlias, - &tlsAlias, &secAlias) < 0) + &tlsx509Alias, &secAlias) < 0) goto audit; } @@ -2345,7 +2345,7 @@ qemuDomainAttachRNGDevice(virQEMUDriver *driver, qemuDomainObjExitMonitor(vm); virErrorRestore(&orig_err); - qemuDomainDelTLSObjects(vm, VIR_ASYNC_JOB_NONE, secAlias, tlsAlias); + qemuDomainDelTLSObjects(vm, VIR_ASYNC_JOB_NONE, secAlias, tlsx509Alias); goto audit; } diff --git a/src/qemu/qemu_hotplug.h b/src/qemu/qemu_hotplug.h index 60ed0e174c..2d9b10204c 100644 --- a/src/qemu/qemu_hotplug.h +++ b/src/qemu/qemu_hotplug.h @@ -28,23 +28,23 @@ void qemuDomainDelTLSObjects(virDomainObj *vm, virDomainAsyncJob asyncJob, const char *secAlias, - const char *tlsAlias); + const char *tlsx509Alias); int -qemuDomainAddTLSObjects(virDomainObj *vm, - virDomainAsyncJob asyncJob, - virJSONValue **secProps, - virJSONValue **tlsProps); +qemuDomainAddTLSx509Objects(virDomainObj *vm, + virDomainAsyncJob asyncJob, + virJSONValue **secProps, + virJSONValue **tlsProps); int -qemuDomainGetTLSObjects(qemuDomainSecretInfo *secinfo, - const char *tlsCertdir, - bool tlsListen, - bool tlsVerify, - const char *tlsPriority, - const char *alias, - virJSONValue **tlsProps, - virJSONValue **secProps); +qemuDomainGetTLSx509Objects(qemuDomainSecretInfo *secinfo, + const char *tlsCertdir, + bool tlsListen, + bool tlsVerify, + const char *tlsPriority, + const char *alias, + virJSONValue **tlsProps, + virJSONValue **secProps); int qemuDomainAttachDiskGeneric(virDomainObj *vm, diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c index af981fb992..15e3571c99 100644 --- a/src/qemu/qemu_migration.c +++ b/src/qemu/qemu_migration.c @@ -3326,7 +3326,7 @@ qemuMigrationDstPrepareActive(virQEMUDriver *driver, qemuDomainObjPrivate *priv = vm->privateData; qemuDomainJobPrivate *jobPriv = vm->job->privateData; qemuProcessIncomingDef *incoming = NULL; - g_autofree char *tlsAlias = NULL; + g_autofree char *tlsx509Alias = NULL; virObjectEvent *event = NULL; virErrorPtr origErr = NULL; int dataFD[2] = { -1, -1 }; @@ -3412,10 +3412,10 @@ qemuMigrationDstPrepareActive(virQEMUDriver *driver, /* Migrations using TLS need to add the "tls-creds-x509" object and * set the migration TLS parameters */ if (flags & VIR_MIGRATE_TLS) { - if (qemuMigrationParamsEnableTLS(driver, vm, true, - VIR_ASYNC_JOB_MIGRATION_IN, - &tlsAlias, NULL, - migParams) < 0) + if (qemuMigrationParamsEnableTLSx509(driver, vm, true, + VIR_ASYNC_JOB_MIGRATION_IN, + &tlsx509Alias, NULL, + migParams) < 0) goto error; } else { if (qemuMigrationParamsDisableTLS(vm, migParams) < 0) @@ -3433,7 +3433,7 @@ qemuMigrationDstPrepareActive(virQEMUDriver *driver, goto error; } - nbdTLSAlias = tlsAlias; + nbdTLSAlias = tlsx509Alias; } if (qemuMigrationDstStartNBDServer(driver, vm, incoming->address, @@ -4977,7 +4977,7 @@ qemuMigrationSrcRun(virQEMUDriver *driver, int ret = -1; qemuDomainObjPrivate *priv = vm->privateData; g_autoptr(qemuMigrationCookie) mig = NULL; - g_autofree char *tlsAlias = NULL; + g_autofree char *tlsx509Alias = NULL; qemuMigrationIOThread *iothread = NULL; VIR_AUTOCLOSE fd = -1; unsigned long restore_max_bandwidth = priv->migMaxBandwidth; @@ -5070,10 +5070,10 @@ qemuMigrationSrcRun(virQEMUDriver *driver, spec->destType == MIGRATION_DEST_FD) hostname = spec->dest.host.name; - if (qemuMigrationParamsEnableTLS(driver, vm, false, - VIR_ASYNC_JOB_MIGRATION_OUT, - &tlsAlias, hostname, - migParams) < 0) + if (qemuMigrationParamsEnableTLSx509(driver, vm, false, + VIR_ASYNC_JOB_MIGRATION_OUT, + &tlsx509Alias, hostname, + migParams) < 0) goto error; } else { if (qemuMigrationParamsDisableTLS(vm, migParams) < 0) @@ -5128,7 +5128,7 @@ qemuMigrationSrcRun(virQEMUDriver *driver, migrate_disks, migrate_disks_detect_zeroes, migrate_disks_target_zero, - dconn, tlsAlias, tlsHostname, + dconn, tlsx509Alias, tlsHostname, nbdURI, flags) < 0) { goto error; } diff --git a/src/qemu/qemu_migration_params.c b/src/qemu/qemu_migration_params.c index dd47516742..c91ae89c9b 100644 --- a/src/qemu/qemu_migration_params.c +++ b/src/qemu/qemu_migration_params.c @@ -1150,12 +1150,12 @@ qemuMigrationParamsSetString(qemuMigrationParams *migParams, } -/* qemuMigrationParamsEnableTLS +/* qemuMigrationParamsEnableTLSx509 * @driver: pointer to qemu driver * @vm: domain object * @tlsListen: server or client * @asyncJob: Migration job to join - * @tlsAlias: alias to be generated for TLS object + * @tlsx509Alias: alias to be generated for TLS X.509 object * @hostname: hostname of the migration destination * @migParams: migration parameters to set * @@ -1166,17 +1166,17 @@ qemuMigrationParamsSetString(qemuMigrationParams *migParams, * Returns 0 on success, -1 on failure */ int -qemuMigrationParamsEnableTLS(virQEMUDriver *driver, - virDomainObj *vm, - bool tlsListen, - int asyncJob, - char **tlsAlias, - const char *hostname, - qemuMigrationParams *migParams) +qemuMigrationParamsEnableTLSx509(virQEMUDriver *driver, + virDomainObj *vm, + bool tlsListen, + int asyncJob, + char **tlsx509Alias, + const char *hostname, + qemuMigrationParams *migParams) { qemuDomainObjPrivate *priv = vm->privateData; qemuDomainJobPrivate *jobPriv = vm->job->privateData; - g_autoptr(virJSONValue) tlsProps = NULL; + g_autoptr(virJSONValue) tlsx509Props = NULL; g_autoptr(virJSONValue) secProps = NULL; g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver); const char *secAlias = NULL; @@ -1202,28 +1202,28 @@ qemuMigrationParamsEnableTLS(virQEMUDriver *driver, secAlias = priv->migSecinfo->alias; } - if (!(*tlsAlias = qemuAliasTLSObjFromSrcAlias(QEMU_MIGRATION_TLS_ALIAS_BASE))) + if (!(*tlsx509Alias = qemuAliasTLSx509ObjFromSrcAlias(QEMU_MIGRATION_TLS_ALIAS_BASE))) return -1; - if (qemuDomainGetTLSObjects(priv->migSecinfo, - cfg->migrateTLSx509certdir, tlsListen, - cfg->migrateTLSx509verify, - cfg->migrateTLSpriority, - *tlsAlias, &tlsProps, &secProps) < 0) + if (qemuDomainGetTLSx509Objects(priv->migSecinfo, + cfg->migrateTLSx509certdir, tlsListen, + cfg->migrateTLSx509verify, + cfg->migrateTLSpriority, + *tlsx509Alias, &tlsx509Props, &secProps) < 0) return -1; /* Ensure the domain doesn't already have the TLS objects defined... * This should prevent any issues just in case some cleanup wasn't * properly completed (both src and dst use the same alias) or * some other error path between now and perform . */ - qemuDomainDelTLSObjects(vm, asyncJob, secAlias, *tlsAlias); + qemuDomainDelTLSObjects(vm, asyncJob, secAlias, *tlsx509Alias); - if (qemuDomainAddTLSObjects(vm, asyncJob, &secProps, &tlsProps) < 0) + if (qemuDomainAddTLSx509Objects(vm, asyncJob, &secProps, &tlsx509Props) < 0) return -1; if (qemuMigrationParamsSetString(migParams, QEMU_MIGRATION_PARAM_TLS_CREDS, - *tlsAlias) < 0) + *tlsx509Alias) < 0) return -1; /* QEMU interprets an empty string for hostname as if it is not populated */ @@ -1290,7 +1290,7 @@ qemuMigrationParamsResetTLS(virDomainObj *vm, qemuMigrationParams *origParams, unsigned int apiFlags) { - g_autofree char *tlsAlias = NULL; + g_autofree char *tlsx509Alias = NULL; g_autofree char *secAlias = NULL; /* There's nothing to do if QEMU does not support TLS migration or we were @@ -1299,10 +1299,10 @@ qemuMigrationParamsResetTLS(virDomainObj *vm, !(apiFlags & VIR_MIGRATE_TLS)) return; - tlsAlias = qemuAliasTLSObjFromSrcAlias(QEMU_MIGRATION_TLS_ALIAS_BASE); + tlsx509Alias = qemuAliasTLSx509ObjFromSrcAlias(QEMU_MIGRATION_TLS_ALIAS_BASE); secAlias = qemuAliasForSecret(QEMU_MIGRATION_TLS_ALIAS_BASE, NULL, 0); - qemuDomainDelTLSObjects(vm, asyncJob, secAlias, tlsAlias); + qemuDomainDelTLSObjects(vm, asyncJob, secAlias, tlsx509Alias); g_clear_pointer(&QEMU_DOMAIN_PRIVATE(vm)->migSecinfo, qemuDomainSecretInfoFree); } diff --git a/src/qemu/qemu_migration_params.h b/src/qemu/qemu_migration_params.h index b7a829b85a..b578cf5091 100644 --- a/src/qemu/qemu_migration_params.h +++ b/src/qemu/qemu_migration_params.h @@ -115,13 +115,13 @@ qemuMigrationParamsApply(virDomainObj *vm, unsigned int apiFlags); int -qemuMigrationParamsEnableTLS(virQEMUDriver *driver, - virDomainObj *vm, - bool tlsListen, - int asyncJob, - char **tlsAlias, - const char *hostname, - qemuMigrationParams *migParams); +qemuMigrationParamsEnableTLSx509(virQEMUDriver *driver, + virDomainObj *vm, + bool tlsListen, + int asyncJob, + char **tlsx509Alias, + const char *hostname, + qemuMigrationParams *migParams); int qemuMigrationParamsDisableTLS(virDomainObj *vm, diff --git a/src/qemu/qemu_postparse.c b/src/qemu/qemu_postparse.c index 79e02e34ac..7e3e714fae 100644 --- a/src/qemu/qemu_postparse.c +++ b/src/qemu/qemu_postparse.c @@ -278,7 +278,7 @@ qemuDomainDeviceDiskDefPostParse(virDomainDiskDef *disk, if (parseFlags & VIR_DOMAIN_DEF_PARSE_STATUS && disk->src->haveTLS == VIR_TRISTATE_BOOL_YES && !disk->src->tlsAlias && - !(disk->src->tlsAlias = qemuAliasTLSObjFromSrcAlias(disk->info.alias))) + !(disk->src->tlsAlias = qemuAliasTLSx509ObjFromSrcAlias(disk->info.alias))) return -1; return 0; diff --git a/tests/qemumigparamsdata/tls-enabled.json b/tests/qemumigparamsdata/tls-enabled.json index 098d3ae148..c16d24684f 100644 --- a/tests/qemumigparamsdata/tls-enabled.json +++ b/tests/qemumigparamsdata/tls-enabled.json @@ -1,7 +1,7 @@ { "cpu-throttle-initial": 20, "cpu-throttle-increment": 10, - "tls-creds": "objlibvirt_migrate_tls0", + "tls-creds": "objlibvirt_migrate_tlsx5090", "tls-hostname": "", "max-bandwidth": 33554432, "downtime-limit": 300 diff --git a/tests/qemumigparamsdata/tls-enabled.reply b/tests/qemumigparamsdata/tls-enabled.reply index e3ce8e7778..679df2d638 100644 --- a/tests/qemumigparamsdata/tls-enabled.reply +++ b/tests/qemumigparamsdata/tls-enabled.reply @@ -4,7 +4,7 @@ "cpu-throttle-increment": 10, "tls-hostname": "", "cpu-throttle-initial": 20, - "tls-creds": "objlibvirt_migrate_tls0", + "tls-creds": "objlibvirt_migrate_tlsx5090", "max-bandwidth": 33554432, "downtime-limit": 300 } diff --git a/tests/qemumigparamsdata/tls-enabled.xml b/tests/qemumigparamsdata/tls-enabled.xml index 554b6855d4..e786896165 100644 --- a/tests/qemumigparamsdata/tls-enabled.xml +++ b/tests/qemumigparamsdata/tls-enabled.xml @@ -2,7 +2,7 @@ <migParams> <param name='cpu-throttle-initial' value='20'/> <param name='cpu-throttle-increment' value='10'/> - <param name='tls-creds' value='objlibvirt_migrate_tls0'/> + <param name='tls-creds' value='objlibvirt_migrate_tlsx5090'/> <param name='tls-hostname' value=''/> <param name='max-bandwidth' value='33554432'/> <param name='downtime-limit' value='300'/> diff --git a/tests/qemumigparamsdata/tls-hostname.json b/tests/qemumigparamsdata/tls-hostname.json index 2943df769b..4fb1f011fe 100644 --- a/tests/qemumigparamsdata/tls-hostname.json +++ b/tests/qemumigparamsdata/tls-hostname.json @@ -1,7 +1,7 @@ { "cpu-throttle-initial": 20, "cpu-throttle-increment": 10, - "tls-creds": "objlibvirt_migrate_tls0", + "tls-creds": "objlibvirt_migrate_tlsx5090", "tls-hostname": "f27-1.virt", "max-bandwidth": 33554432, "downtime-limit": 300 diff --git a/tests/qemumigparamsdata/tls-hostname.reply b/tests/qemumigparamsdata/tls-hostname.reply index f7e7a96bc5..07fa788135 100644 --- a/tests/qemumigparamsdata/tls-hostname.reply +++ b/tests/qemumigparamsdata/tls-hostname.reply @@ -4,7 +4,7 @@ "cpu-throttle-increment": 10, "tls-hostname": "f27-1.virt", "cpu-throttle-initial": 20, - "tls-creds": "objlibvirt_migrate_tls0", + "tls-creds": "objlibvirt_migrate_tlsx5090", "max-bandwidth": 33554432, "downtime-limit": 300 } diff --git a/tests/qemumigparamsdata/tls-hostname.xml b/tests/qemumigparamsdata/tls-hostname.xml index addb5e68a4..099e28b5fc 100644 --- a/tests/qemumigparamsdata/tls-hostname.xml +++ b/tests/qemumigparamsdata/tls-hostname.xml @@ -2,7 +2,7 @@ <migParams> <param name='cpu-throttle-initial' value='20'/> <param name='cpu-throttle-increment' value='10'/> - <param name='tls-creds' value='objlibvirt_migrate_tls0'/> + <param name='tls-creds' value='objlibvirt_migrate_tlsx5090'/> <param name='tls-hostname' value='f27-1.virt'/> <param name='max-bandwidth' value='33554432'/> <param name='downtime-limit' value='300'/> diff --git a/tests/qemumonitorjsontest.c b/tests/qemumonitorjsontest.c index e34dbad7cd..67586bd84b 100644 --- a/tests/qemumonitorjsontest.c +++ b/tests/qemumonitorjsontest.c @@ -665,7 +665,7 @@ qemuMonitorJSONTestAttachChardev(virDomainXMLOption *xmlopt, "'server':false}}}"); chr->data.tcp.tlscreds = true; - chrSourcePriv->tlsCredsAlias = qemuAliasTLSObjFromSrcAlias("alias"); + chrSourcePriv->tlsCredsAlias = qemuAliasTLSx509ObjFromSrcAlias("alias"); chr->logfile = g_strdup("/test/log"); CHECK("tcp", false, "{'id':'alias'," @@ -675,7 +675,7 @@ qemuMonitorJSONTestAttachChardev(virDomainXMLOption *xmlopt, "'port':'1234'}}," "'telnet':false," "'server':false," - "'tls-creds':'objalias_tls0'," + "'tls-creds':'objalias_tlsx5090'," "'logfile':'/test/log'}}}"); } diff --git a/tests/qemustatusxml2xmldata/upgrade-out.xml b/tests/qemustatusxml2xmldata/upgrade-out.xml index c7bc7128df..bd2323862d 100644 --- a/tests/qemustatusxml2xmldata/upgrade-out.xml +++ b/tests/qemustatusxml2xmldata/upgrade-out.xml @@ -414,7 +414,7 @@ <host name='example.org' port='9999'/> <privateData> <objects> - <TLSx509 alias='objvirtio-disk6_tls0'/> + <TLSx509 alias='objvirtio-disk6_tlsx5090'/> </objects> </privateData> </source> diff --git a/tests/qemuxmlconfdata/chardev-backends-json.x86_64-9.1.0.args b/tests/qemuxmlconfdata/chardev-backends-json.x86_64-9.1.0.args index dce4a582d2..c0fc1ea722 100644 --- a/tests/qemuxmlconfdata/chardev-backends-json.x86_64-9.1.0.args +++ b/tests/qemuxmlconfdata/chardev-backends-json.x86_64-9.1.0.args @@ -54,11 +54,11 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":10,"chardev":"charchannel9","id":"channel9","name":"chardev-tcp-listen-raw"}' \ -chardev '{"id":"charchannel10","backend":{"type":"socket","data":{"addr":{"type":"inet","data":{"host":"1.2.3.4","port":"5679"}},"telnet":true,"server":true,"wait":false}}}' \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":11,"chardev":"charchannel10","id":"channel10","name":"chardev-tcp-listen-telnet"}' \ --object '{"qom-type":"tls-creds-x509","id":"objcharchannel11_tls0","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ --chardev '{"id":"charchannel11","backend":{"type":"socket","data":{"addr":{"type":"inet","data":{"host":"1.2.3.4","port":"5678"}},"telnet":false,"server":false,"reconnect":2,"tls-creds":"objcharchannel11_tls0"}}}' \ +-object '{"qom-type":"tls-creds-x509","id":"objcharchannel11_tlsx5090","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ +-chardev '{"id":"charchannel11","backend":{"type":"socket","data":{"addr":{"type":"inet","data":{"host":"1.2.3.4","port":"5678"}},"telnet":false,"server":false,"reconnect":2,"tls-creds":"objcharchannel11_tlsx5090"}}}' \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":12,"chardev":"charchannel11","id":"channel11","name":"chardev-tcp-connect-raw"}' \ --object '{"qom-type":"tls-creds-x509","id":"objcharchannel12_tls0","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ --chardev '{"id":"charchannel12","backend":{"type":"socket","data":{"addr":{"type":"inet","data":{"host":"hostname.global.","port":"5679"}},"telnet":true,"server":false,"reconnect":2,"tls-creds":"objcharchannel12_tls0"}}}' \ +-object '{"qom-type":"tls-creds-x509","id":"objcharchannel12_tlsx5090","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ +-chardev '{"id":"charchannel12","backend":{"type":"socket","data":{"addr":{"type":"inet","data":{"host":"hostname.global.","port":"5679"}},"telnet":true,"server":false,"reconnect":2,"tls-creds":"objcharchannel12_tlsx5090"}}}' \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":13,"chardev":"charchannel12","id":"channel12","name":"chardev-tcp-connect-telnet"}' \ -chardev '{"id":"charchannel13","backend":{"type":"udp","data":{"remote":{"type":"inet","data":{"host":"127.0.0.1","port":"2222"}}}}}' \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":14,"chardev":"charchannel13","id":"channel13","name":"chardev-udp-nobind"}' \ diff --git a/tests/qemuxmlconfdata/chardev-backends-json.x86_64-latest.args b/tests/qemuxmlconfdata/chardev-backends-json.x86_64-latest.args index 2b7e614e8b..925d2f25e3 100644 --- a/tests/qemuxmlconfdata/chardev-backends-json.x86_64-latest.args +++ b/tests/qemuxmlconfdata/chardev-backends-json.x86_64-latest.args @@ -54,11 +54,11 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":10,"chardev":"charchannel9","id":"channel9","name":"chardev-tcp-listen-raw"}' \ -chardev '{"id":"charchannel10","backend":{"type":"socket","data":{"addr":{"type":"inet","data":{"host":"1.2.3.4","port":"5679"}},"telnet":true,"server":true,"wait":false}}}' \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":11,"chardev":"charchannel10","id":"channel10","name":"chardev-tcp-listen-telnet"}' \ --object '{"qom-type":"tls-creds-x509","id":"objcharchannel11_tls0","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ --chardev '{"id":"charchannel11","backend":{"type":"socket","data":{"addr":{"type":"inet","data":{"host":"1.2.3.4","port":"5678"}},"telnet":false,"server":false,"reconnect-ms":2000,"tls-creds":"objcharchannel11_tls0"}}}' \ +-object '{"qom-type":"tls-creds-x509","id":"objcharchannel11_tlsx5090","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ +-chardev '{"id":"charchannel11","backend":{"type":"socket","data":{"addr":{"type":"inet","data":{"host":"1.2.3.4","port":"5678"}},"telnet":false,"server":false,"reconnect-ms":2000,"tls-creds":"objcharchannel11_tlsx5090"}}}' \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":12,"chardev":"charchannel11","id":"channel11","name":"chardev-tcp-connect-raw"}' \ --object '{"qom-type":"tls-creds-x509","id":"objcharchannel12_tls0","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ --chardev '{"id":"charchannel12","backend":{"type":"socket","data":{"addr":{"type":"inet","data":{"host":"hostname.global.","port":"5679"}},"telnet":true,"server":false,"reconnect-ms":2000,"tls-creds":"objcharchannel12_tls0"}}}' \ +-object '{"qom-type":"tls-creds-x509","id":"objcharchannel12_tlsx5090","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ +-chardev '{"id":"charchannel12","backend":{"type":"socket","data":{"addr":{"type":"inet","data":{"host":"hostname.global.","port":"5679"}},"telnet":true,"server":false,"reconnect-ms":2000,"tls-creds":"objcharchannel12_tlsx5090"}}}' \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":13,"chardev":"charchannel12","id":"channel12","name":"chardev-tcp-connect-telnet"}' \ -chardev '{"id":"charchannel13","backend":{"type":"udp","data":{"remote":{"type":"inet","data":{"host":"127.0.0.1","port":"2222"}}}}}' \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":14,"chardev":"charchannel13","id":"channel13","name":"chardev-udp-nobind"}' \ diff --git a/tests/qemuxmlconfdata/chardev-backends.x86_64-9.1.0.args b/tests/qemuxmlconfdata/chardev-backends.x86_64-9.1.0.args index 81773dcacd..c5924d44c5 100644 --- a/tests/qemuxmlconfdata/chardev-backends.x86_64-9.1.0.args +++ b/tests/qemuxmlconfdata/chardev-backends.x86_64-9.1.0.args @@ -54,11 +54,11 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":10,"chardev":"charchannel9","id":"channel9","name":"chardev-tcp-listen-raw"}' \ -chardev socket,id=charchannel10,host=1.2.3.4,port=5679,telnet=on,server=on,wait=off \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":11,"chardev":"charchannel10","id":"channel10","name":"chardev-tcp-listen-telnet"}' \ --object '{"qom-type":"tls-creds-x509","id":"objcharchannel11_tls0","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ --chardev socket,id=charchannel11,host=1.2.3.4,port=5678,reconnect=2,tls-creds=objcharchannel11_tls0 \ +-object '{"qom-type":"tls-creds-x509","id":"objcharchannel11_tlsx5090","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ +-chardev socket,id=charchannel11,host=1.2.3.4,port=5678,reconnect=2,tls-creds=objcharchannel11_tlsx5090 \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":12,"chardev":"charchannel11","id":"channel11","name":"chardev-tcp-connect-raw"}' \ --object '{"qom-type":"tls-creds-x509","id":"objcharchannel12_tls0","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ --chardev socket,id=charchannel12,host=hostname.global.,port=5679,telnet=on,reconnect=2,tls-creds=objcharchannel12_tls0 \ +-object '{"qom-type":"tls-creds-x509","id":"objcharchannel12_tlsx5090","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ +-chardev socket,id=charchannel12,host=hostname.global.,port=5679,telnet=on,reconnect=2,tls-creds=objcharchannel12_tlsx5090 \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":13,"chardev":"charchannel12","id":"channel12","name":"chardev-tcp-connect-telnet"}' \ -chardev udp,id=charchannel13,host=127.0.0.1,port=2222,localaddr=,localport=0 \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":14,"chardev":"charchannel13","id":"channel13","name":"chardev-udp-nobind"}' \ diff --git a/tests/qemuxmlconfdata/chardev-backends.x86_64-latest.args b/tests/qemuxmlconfdata/chardev-backends.x86_64-latest.args index 9708b18735..092f5f7921 100644 --- a/tests/qemuxmlconfdata/chardev-backends.x86_64-latest.args +++ b/tests/qemuxmlconfdata/chardev-backends.x86_64-latest.args @@ -54,11 +54,11 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":10,"chardev":"charchannel9","id":"channel9","name":"chardev-tcp-listen-raw"}' \ -chardev socket,id=charchannel10,host=1.2.3.4,port=5679,telnet=on,server=on,wait=off \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":11,"chardev":"charchannel10","id":"channel10","name":"chardev-tcp-listen-telnet"}' \ --object '{"qom-type":"tls-creds-x509","id":"objcharchannel11_tls0","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ --chardev socket,id=charchannel11,host=1.2.3.4,port=5678,reconnect-ms=2000,tls-creds=objcharchannel11_tls0 \ +-object '{"qom-type":"tls-creds-x509","id":"objcharchannel11_tlsx5090","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ +-chardev socket,id=charchannel11,host=1.2.3.4,port=5678,reconnect-ms=2000,tls-creds=objcharchannel11_tlsx5090 \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":12,"chardev":"charchannel11","id":"channel11","name":"chardev-tcp-connect-raw"}' \ --object '{"qom-type":"tls-creds-x509","id":"objcharchannel12_tls0","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ --chardev socket,id=charchannel12,host=hostname.global.,port=5679,telnet=on,reconnect-ms=2000,tls-creds=objcharchannel12_tls0 \ +-object '{"qom-type":"tls-creds-x509","id":"objcharchannel12_tlsx5090","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ +-chardev socket,id=charchannel12,host=hostname.global.,port=5679,telnet=on,reconnect-ms=2000,tls-creds=objcharchannel12_tlsx5090 \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":13,"chardev":"charchannel12","id":"channel12","name":"chardev-tcp-connect-telnet"}' \ -chardev udp,id=charchannel13,host=127.0.0.1,port=2222,localaddr=,localport=0 \ -device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":14,"chardev":"charchannel13","id":"channel13","name":"chardev-udp-nobind"}' \ diff --git a/tests/qemuxmlconfdata/disk-network-tlsx509-nbd-hostname.x86_64-latest.args b/tests/qemuxmlconfdata/disk-network-tlsx509-nbd-hostname.x86_64-latest.args index 77d38c3020..0e758834fc 100644 --- a/tests/qemuxmlconfdata/disk-network-tlsx509-nbd-hostname.x86_64-latest.args +++ b/tests/qemuxmlconfdata/disk-network-tlsx509-nbd-hostname.x86_64-latest.args @@ -27,9 +27,9 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \ -no-shutdown \ -boot strict=on \ -device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0x2"}' \ --object '{"qom-type":"secret","id":"objlibvirt-1-storage_tls0-secret0","data":"9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1","keyid":"masterKey0","iv":"AAECAwQFBgcICQoLDA0ODw==","format":"base64"}' \ --object '{"qom-type":"tls-creds-x509","id":"objlibvirt-1-storage_tls0","dir":"/etc/pki/libvirt-nbd","endpoint":"client","verify-peer":true,"priority":"@SYSTEM:-VERS-TLS1.3","passwordid":"objlibvirt-1-storage_tls0-secret0"}' \ --blockdev '{"driver":"nbd","server":{"type":"inet","host":"example.com","port":"1234"},"tls-creds":"objlibvirt-1-storage_tls0","tls-hostname":"test-hostname","node-name":"libvirt-1-storage","read-only":false,"cache":{"direct":true,"no-flush":false}}' \ +-object '{"qom-type":"secret","id":"objlibvirt-1-storage_tlsx5090-secret0","data":"9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1","keyid":"masterKey0","iv":"AAECAwQFBgcICQoLDA0ODw==","format":"base64"}' \ +-object '{"qom-type":"tls-creds-x509","id":"objlibvirt-1-storage_tlsx5090","dir":"/etc/pki/libvirt-nbd","endpoint":"client","verify-peer":true,"priority":"@SYSTEM:-VERS-TLS1.3","passwordid":"objlibvirt-1-storage_tlsx5090-secret0"}' \ +-blockdev '{"driver":"nbd","server":{"type":"inet","host":"example.com","port":"1234"},"tls-creds":"objlibvirt-1-storage_tlsx5090","tls-hostname":"test-hostname","node-name":"libvirt-1-storage","read-only":false,"cache":{"direct":true,"no-flush":false}}' \ -device '{"driver":"virtio-blk-pci","bus":"pci.0","addr":"0x7","drive":"libvirt-1-storage","id":"virtio-disk3","bootindex":1,"write-cache":"on"}' \ -audiodev '{"id":"audio1","driver":"none"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ diff --git a/tests/qemuxmlconfdata/disk-network-tlsx509-nbd.x86_64-latest.args b/tests/qemuxmlconfdata/disk-network-tlsx509-nbd.x86_64-latest.args index fb68ac54fb..675e266400 100644 --- a/tests/qemuxmlconfdata/disk-network-tlsx509-nbd.x86_64-latest.args +++ b/tests/qemuxmlconfdata/disk-network-tlsx509-nbd.x86_64-latest.args @@ -27,9 +27,9 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \ -no-shutdown \ -boot strict=on \ -device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0x2"}' \ --object '{"qom-type":"secret","id":"objlibvirt-1-storage_tls0-secret0","data":"9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1","keyid":"masterKey0","iv":"AAECAwQFBgcICQoLDA0ODw==","format":"base64"}' \ --object '{"qom-type":"tls-creds-x509","id":"objlibvirt-1-storage_tls0","dir":"/etc/pki/libvirt-nbd","endpoint":"client","verify-peer":true,"passwordid":"objlibvirt-1-storage_tls0-secret0"}' \ --blockdev '{"driver":"nbd","server":{"type":"inet","host":"example.com","port":"1234"},"tls-creds":"objlibvirt-1-storage_tls0","node-name":"libvirt-1-storage","read-only":false,"cache":{"direct":true,"no-flush":false}}' \ +-object '{"qom-type":"secret","id":"objlibvirt-1-storage_tlsx5090-secret0","data":"9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1","keyid":"masterKey0","iv":"AAECAwQFBgcICQoLDA0ODw==","format":"base64"}' \ +-object '{"qom-type":"tls-creds-x509","id":"objlibvirt-1-storage_tlsx5090","dir":"/etc/pki/libvirt-nbd","endpoint":"client","verify-peer":true,"passwordid":"objlibvirt-1-storage_tlsx5090-secret0"}' \ +-blockdev '{"driver":"nbd","server":{"type":"inet","host":"example.com","port":"1234"},"tls-creds":"objlibvirt-1-storage_tlsx5090","node-name":"libvirt-1-storage","read-only":false,"cache":{"direct":true,"no-flush":false}}' \ -device '{"driver":"virtio-blk-pci","bus":"pci.0","addr":"0x7","drive":"libvirt-1-storage","id":"virtio-disk3","bootindex":1,"write-cache":"on"}' \ -audiodev '{"id":"audio1","driver":"none"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ diff --git a/tests/qemuxmlconfdata/serial-tcp-tlsx509-chardev-verify.x86_64-latest.args b/tests/qemuxmlconfdata/serial-tcp-tlsx509-chardev-verify.x86_64-latest.args index f8f1bb8502..787ecbb5ec 100644 --- a/tests/qemuxmlconfdata/serial-tcp-tlsx509-chardev-verify.x86_64-latest.args +++ b/tests/qemuxmlconfdata/serial-tcp-tlsx509-chardev-verify.x86_64-latest.args @@ -31,8 +31,8 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \ -device '{"driver":"ide-hd","bus":"ide.0","unit":0,"drive":"libvirt-1-storage","id":"ide0-0-0","bootindex":1}' \ -chardev udp,id=charserial0,host=127.0.0.1,port=2222,localaddr=127.0.0.1,localport=1111 \ -device '{"driver":"isa-serial","chardev":"charserial0","id":"serial0","index":0}' \ --object '{"qom-type":"tls-creds-x509","id":"objcharserial1_tls0","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ --chardev socket,id=charserial1,host=127.0.0.1,port=5555,tls-creds=objcharserial1_tls0 \ +-object '{"qom-type":"tls-creds-x509","id":"objcharserial1_tlsx5090","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ +-chardev socket,id=charserial1,host=127.0.0.1,port=5555,tls-creds=objcharserial1_tlsx5090 \ -device '{"driver":"isa-serial","chardev":"charserial1","id":"serial1","index":1}' \ -audiodev '{"id":"audio1","driver":"none"}' \ -device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.0","addr":"0x2"}' \ diff --git a/tests/qemuxmlconfdata/serial-tcp-tlsx509-chardev.x86_64-latest.args b/tests/qemuxmlconfdata/serial-tcp-tlsx509-chardev.x86_64-latest.args index f8f1bb8502..787ecbb5ec 100644 --- a/tests/qemuxmlconfdata/serial-tcp-tlsx509-chardev.x86_64-latest.args +++ b/tests/qemuxmlconfdata/serial-tcp-tlsx509-chardev.x86_64-latest.args @@ -31,8 +31,8 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \ -device '{"driver":"ide-hd","bus":"ide.0","unit":0,"drive":"libvirt-1-storage","id":"ide0-0-0","bootindex":1}' \ -chardev udp,id=charserial0,host=127.0.0.1,port=2222,localaddr=127.0.0.1,localport=1111 \ -device '{"driver":"isa-serial","chardev":"charserial0","id":"serial0","index":0}' \ --object '{"qom-type":"tls-creds-x509","id":"objcharserial1_tls0","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ --chardev socket,id=charserial1,host=127.0.0.1,port=5555,tls-creds=objcharserial1_tls0 \ +-object '{"qom-type":"tls-creds-x509","id":"objcharserial1_tlsx5090","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true}' \ +-chardev socket,id=charserial1,host=127.0.0.1,port=5555,tls-creds=objcharserial1_tlsx5090 \ -device '{"driver":"isa-serial","chardev":"charserial1","id":"serial1","index":1}' \ -audiodev '{"id":"audio1","driver":"none"}' \ -device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.0","addr":"0x2"}' \ diff --git a/tests/qemuxmlconfdata/serial-tcp-tlsx509-secret-chardev.x86_64-latest.args b/tests/qemuxmlconfdata/serial-tcp-tlsx509-secret-chardev.x86_64-latest.args index 492d1be626..59f7b7be83 100644 --- a/tests/qemuxmlconfdata/serial-tcp-tlsx509-secret-chardev.x86_64-latest.args +++ b/tests/qemuxmlconfdata/serial-tcp-tlsx509-secret-chardev.x86_64-latest.args @@ -32,8 +32,8 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \ -chardev udp,id=charserial0,host=127.0.0.1,port=2222,localaddr=127.0.0.1,localport=1111 \ -device '{"driver":"isa-serial","chardev":"charserial0","id":"serial0","index":0}' \ -object '{"qom-type":"secret","id":"charserial1-secret0","data":"9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1","keyid":"masterKey0","iv":"AAECAwQFBgcICQoLDA0ODw==","format":"base64"}' \ --object '{"qom-type":"tls-creds-x509","id":"objcharserial1_tls0","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true,"priority":"@SYSTEM:-VERS-TLS1.3","passwordid":"charserial1-secret0"}' \ --chardev socket,id=charserial1,host=127.0.0.1,port=5555,tls-creds=objcharserial1_tls0 \ +-object '{"qom-type":"tls-creds-x509","id":"objcharserial1_tlsx5090","dir":"/etc/pki/libvirt-chardev","endpoint":"client","verify-peer":true,"priority":"@SYSTEM:-VERS-TLS1.3","passwordid":"charserial1-secret0"}' \ +-chardev socket,id=charserial1,host=127.0.0.1,port=5555,tls-creds=objcharserial1_tlsx5090 \ -device '{"driver":"isa-serial","chardev":"charserial1","id":"serial1","index":1}' \ -audiodev '{"id":"audio1","driver":"none"}' \ -device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.0","addr":"0x3"}' \ -- 2.39.3
