Iterate through the backing chain when setting up TLS for disks.
---
src/qemu/qemu_domain.c | 41 ++---
1 file changed, 22 insertions(+), 19 deletions(-)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index aebe24e7b..3560cdd29 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -7845,28 +7845,31 @@ int
qemuDomainPrepareDiskSourceTLS(virStorageSourcePtr src,
virQEMUDriverConfigPtr cfg)
{
+virStorageSourcePtr next;
-/* VxHS uses only client certificates and thus has no need for
- * the server-key.pem nor a secret that could be used to decrypt
- * the it, so no need to add a secinfo for a secret UUID. */
-if (src->type == VIR_STORAGE_TYPE_NETWORK &&
-src->protocol == VIR_STORAGE_NET_PROTOCOL_VXHS) {
-
-if (src->haveTLS == VIR_TRISTATE_BOOL_ABSENT) {
-if (cfg->vxhsTLS)
-src->haveTLS = VIR_TRISTATE_BOOL_YES;
-else
-src->haveTLS = VIR_TRISTATE_BOOL_NO;
-src->tlsFromConfig = true;
-}
+for (next = src; virStorageSourceIsBacking(next); next =
next->backingStore) {
+/* VxHS uses only client certificates and thus has no need for
+ * the server-key.pem nor a secret that could be used to decrypt
+ * the it, so no need to add a secinfo for a secret UUID. */
+if (next->type == VIR_STORAGE_TYPE_NETWORK &&
+next->protocol == VIR_STORAGE_NET_PROTOCOL_VXHS) {
+
+if (next->haveTLS == VIR_TRISTATE_BOOL_ABSENT) {
+if (cfg->vxhsTLS)
+next->haveTLS = VIR_TRISTATE_BOOL_YES;
+else
+next->haveTLS = VIR_TRISTATE_BOOL_NO;
+next->tlsFromConfig = true;
+}
-if (src->haveTLS == VIR_TRISTATE_BOOL_YES) {
-/* Grab the vxhsTLSx509certdir and set the verify/listen values.
- * NB: tlsAlias filled in during qemuDomainGetTLSObjects. */
-if (VIR_STRDUP(src->tlsCertdir, cfg->vxhsTLSx509certdir) < 0)
-return -1;
+if (next->haveTLS == VIR_TRISTATE_BOOL_YES) {
+/* Grab the vxhsTLSx509certdir and set the verify/listen
values.
+ * NB: tlsAlias filled in during qemuDomainGetTLSObjects. */
+if (VIR_STRDUP(next->tlsCertdir, cfg->vxhsTLSx509certdir) < 0)
+return -1;
-src->tlsVerify = true;
+next->tlsVerify = true;
+}
}
}
--
2.14.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list