qemu: Always assume presence of QEMU_CAPS_OBJECT_TLS_CREDS_X509

The 'tls-creds-x509' object is always registered even when qemu is built
without gnutls for all supported qemu versions. This means we cannot
probe for its support and thus simplify the code using TLS.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>

diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index a051e5a4e8991c995d419dfdeabcb5a517f31e57..48f6ccbf50c2f59013c010a556c95eda670a461c 100644 (file)
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -767,15 +767,9 @@ qemuBuildTLSx509BackendProps(const char *tlspath,
                              bool verifypeer,
                              const char *alias,
                              const char *secalias,
-                             virQEMUCaps *qemuCaps,
+                             virQEMUCaps *qemuCaps G_GNUC_UNUSED,
                              virJSONValue **propsret)
 {
-    if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_OBJECT_TLS_CREDS_X509)) {
-        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                       _("tls-creds-x509 not supported in this QEMU binary"));
-        return -1;
-    }
-
     if (qemuMonitorCreateObjectProps(propsret, "tls-creds-x509", alias,
                                      "s:dir", tlspath,
                                      "s:endpoint", (isListen ? "server": "client"),

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 9a20938417a3e912e210ab1641b3485cbc340da3..584bf5003f34275e12ca2018bea3ef69e0dfbbf2 100644 (file)
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -1406,15 +1406,11 @@ qemuDomainSecretGraphicsPrepare(virQEMUDriverConfig *cfg,
                                 qemuDomainObjPrivate *priv,
                                 virDomainGraphicsDef *graphics)
 {
-    virQEMUCaps *qemuCaps = priv->qemuCaps;
     qemuDomainGraphicsPrivate *gfxPriv = QEMU_DOMAIN_GRAPHICS_PRIVATE(graphics);
 
     if (graphics->type != VIR_DOMAIN_GRAPHICS_TYPE_VNC)
         return 0;
 
-    if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_OBJECT_TLS_CREDS_X509))
-        return 0;
-
     if (!cfg->vncTLS)
         return 0;
 

diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index 4fc344b493cd1fe81c0a1dde7b92c3249f6603ca..865b42f81f5b65116fb633b048d93123f4a51432 100644 (file)
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -1083,7 +1083,6 @@ qemuValidateDomainDef(const virDomainDef *def,
                       void *parseOpaque)
 {
     virQEMUDriver *driver = opaque;
-    g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
     g_autoptr(virQEMUCaps) qemuCapsLocal = NULL;
     virQEMUCaps *qemuCaps = parseOpaque;
     size_t i;
@@ -1218,18 +1217,6 @@ qemuValidateDomainDef(const virDomainDef *def,
     if (qemuValidateDomainDefConsole(def, qemuCaps) < 0)
         return -1;
 
-    if (cfg->vncTLS && cfg->vncTLSx509secretUUID &&
-        !virQEMUCapsGet(qemuCaps, QEMU_CAPS_OBJECT_TLS_CREDS_X509)) {
-        for (i = 0; i < def->ngraphics; i++) {
-            if (def->graphics[i]->type == VIR_DOMAIN_GRAPHICS_TYPE_VNC) {
-                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                               _("encrypted VNC TLS keys are not supported with "
-                                 "this QEMU binary"));
-                return -1;
-            }
-        }
-    }
-
     for (i = 0; i < def->nsysinfo; i++) {
         if (qemuValidateDomainDefSysinfo(def->sysinfo[i]) < 0)
             return -1;

diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index c3ba9df9af5cda188760ef73aaa56935b6b80e03..d6aeccba3f17d25f0ba5e5448bbe51a013959b6d 100644 (file)
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -1660,22 +1660,18 @@ mymain(void)
             QEMU_CAPS_DEVICE_ISA_SERIAL);
     driver.config->chardevTLS = 1;
     DO_TEST("serial-tcp-tlsx509-chardev",
-            QEMU_CAPS_DEVICE_ISA_SERIAL,
-            QEMU_CAPS_OBJECT_TLS_CREDS_X509);
+            QEMU_CAPS_DEVICE_ISA_SERIAL);
     driver.config->chardevTLSx509verify = 1;
     DO_TEST("serial-tcp-tlsx509-chardev-verify",
-            QEMU_CAPS_DEVICE_ISA_SERIAL,
-            QEMU_CAPS_OBJECT_TLS_CREDS_X509);
+            QEMU_CAPS_DEVICE_ISA_SERIAL);
     driver.config->chardevTLSx509verify = 0;
     DO_TEST("serial-tcp-tlsx509-chardev-notls",
-            QEMU_CAPS_DEVICE_ISA_SERIAL,
-            QEMU_CAPS_OBJECT_TLS_CREDS_X509);
+            QEMU_CAPS_DEVICE_ISA_SERIAL);
     VIR_FREE(driver.config->chardevTLSx509certdir);
     driver.config->chardevTLSx509certdir = g_strdup("/etc/pki/libvirt-chardev");
     driver.config->chardevTLSx509secretUUID = g_strdup("6fd3f62d-9fe7-4a4e-a869-7acd6376d8ea");
     DO_TEST("serial-tcp-tlsx509-secret-chardev",
-            QEMU_CAPS_DEVICE_ISA_SERIAL,
-            QEMU_CAPS_OBJECT_TLS_CREDS_X509);
+            QEMU_CAPS_DEVICE_ISA_SERIAL);
     driver.config->chardevTLS = 0;
     VIR_FREE(driver.config->chardevTLSx509certdir);
     DO_TEST("serial-many-chardev",