]> git.ipfire.org Git - thirdparty/qemu.git/commit
projects / thirdparty / qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 495de0f) | patch
crypto: Allow gracefully ending the TLS session
authorFabiano Rosas <farosas@suse.de>
Wed, 5 Feb 2025 16:13:53 +0000 (13:13 -0300)
committerFabiano Rosas <farosas@suse.de>
Fri, 14 Feb 2025 18:19:03 +0000 (15:19 -0300)
commitab1cb3683bd0462695a75aa9a8c1d07731caf304
treec9ba2fdd7a1dbe381c308d9ed4bcde27afcadb50tree
parent495de0fd82d8bb2d7035f82d9869cfeb48de2f9ecommit | diff
crypto: Allow gracefully ending the TLS session

QEMU's TLS session code provides no way to call gnutls_bye() to
terminate a TLS session. Callers of qcrypto_tls_session_read() can
choose to ignore a GNUTLS_E_PREMATURE_TERMINATION error by setting the
gracefulTermination argument.

The QIOChannelTLS ignores the premature termination error whenever
shutdown() has already been issued. This was found to be not enough for
the migration code because shutdown() might not have been issued before
the connection is terminated.

Add support for calling gnutls_bye() in the tlssession layer so users
of QIOChannelTLS can clearly identify the end of a TLS session.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Acked-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Fabiano Rosas <farosas@suse.de>
crypto/tlssession.c diff | blob | blame | history
include/crypto/tlssession.h diff | blob | blame | history
Mirror of https://git.qemu.org/git/qemu.git