On Fri, Feb 07, 2025 at 11:27:51AM -0300, Fabiano Rosas wrote:
> QEMU's TLS session code provides no way to call gnutls_bye() to
> terminate a TLS session. Callers of qcrypto_tls_session_read() can
> choose to ignore a GNUTLS_E_PREMATURE_TERMINATION error by setting the
> gracefulTermination argument.
>
> The QIOChannelTLS ignores the premature termination error whenever
> shutdown() has already been issued. This is not enough anymore for the
> migration code due to changes [1] in the synchronization between
> migration source and destination.
>
> Add support for calling gnutls_bye() in the tlssession layer so users
> of QIOChannelTLS can clearly identify the end of a TLS session.
>
> 1- 1d457daf86 ("migration/multifd: Further remove the SYNC on complete")
Would be slightly clearer as "[1] 1d457daf86 ...."
>
> Signed-off-by: Fabiano Rosas <faro...@suse.de>
> ---
> crypto/tlssession.c | 41 +++++++++++++++++++++++++++++++++++++
> include/crypto/tlssession.h | 22 ++++++++++++++++++++
> 2 files changed, 63 insertions(+)
Reviewed-by: Daniel P. Berrangé <berra...@redhat.com>
Acked-by: Daniel P. Berrangé <berra...@redhat.com>
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
