qemu: migration: Don't pass around secAlias

The alias of the secret for decrypting the TLS passphrase is useless
besides for TLS setup. Stop passing it around.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>

diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 70616b568efe9fb38d66cc13f70327003ee6fce7..946427649443de47ed1fb22af2d872b2a34cc2b7 100644 (file)
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -2296,7 +2296,6 @@ qemuMigrationDstPrepareAny(virQEMUDriverPtr driver,
     bool relabel = false;
     int rv;
     char *tlsAlias = NULL;
-    char *secAlias = NULL;
 
     virNWFilterReadLockFilterUpdates();
 
@@ -2505,7 +2504,7 @@ qemuMigrationDstPrepareAny(virQEMUDriverPtr driver,
     if (flags & VIR_MIGRATE_TLS) {
         if (qemuMigrationParamsEnableTLS(driver, vm, true,
                                          QEMU_ASYNC_JOB_MIGRATION_IN,
-                                         &tlsAlias, &secAlias, NULL,
+                                         &tlsAlias, NULL,
                                          migParams) < 0)
             goto stopjob;
     } else {
@@ -2596,7 +2595,6 @@ qemuMigrationDstPrepareAny(virQEMUDriverPtr driver,
 
  cleanup:
     VIR_FREE(tlsAlias);
-    VIR_FREE(secAlias);
     qemuProcessIncomingDefFree(incoming);
     VIR_FREE(xmlout);
     VIR_FORCE_CLOSE(dataFD[0]);
@@ -3371,7 +3369,6 @@ qemuMigrationSrcRun(virQEMUDriverPtr driver,
     qemuDomainObjPrivatePtr priv = vm->privateData;
     qemuMigrationCookiePtr mig = NULL;
     char *tlsAlias = NULL;
-    char *secAlias = NULL;
     qemuMigrationIOThreadPtr iothread = NULL;
     int fd = -1;
     unsigned long migrate_speed = resource ? resource : priv->migMaxBandwidth;
@@ -3455,7 +3452,7 @@ qemuMigrationSrcRun(virQEMUDriverPtr driver,
 
         if (qemuMigrationParamsEnableTLS(driver, vm, false,
                                          QEMU_ASYNC_JOB_MIGRATION_OUT,
-                                         &tlsAlias, &secAlias, hostname,
+                                         &tlsAlias, hostname,
                                          migParams) < 0)
             goto error;
     } else {
@@ -3675,7 +3672,6 @@ qemuMigrationSrcRun(virQEMUDriverPtr driver,
 
  cleanup:
     VIR_FREE(tlsAlias);
-    VIR_FREE(secAlias);
     VIR_FORCE_CLOSE(fd);
     virDomainDefFree(persistDef);
     qemuMigrationCookieFree(mig);

diff --git a/src/qemu/qemu_migration_params.c b/src/qemu/qemu_migration_params.c
index 2083563d32a9fd2fa7a03a01166b89182059536e..c50498852c3a397b4de8487c4b1a3777a74f08cf 100644 (file)
--- a/src/qemu/qemu_migration_params.c
+++ b/src/qemu/qemu_migration_params.c
@@ -809,7 +809,6 @@ qemuMigrationParamsSetString(qemuMigrationParamsPtr migParams,
  * @tlsListen: server or client
  * @asyncJob: Migration job to join
  * @tlsAlias: alias to be generated for TLS object
- * @secAlias: alias to be generated for a secinfo object
  * @hostname: hostname of the migration destination
  * @migParams: migration parameters to set
  *
@@ -825,7 +824,6 @@ qemuMigrationParamsEnableTLS(virQEMUDriverPtr driver,
                              bool tlsListen,
                              int asyncJob,
                              char **tlsAlias,
-                             char **secAlias,
                              const char *hostname,
                              qemuMigrationParamsPtr migParams)
 {
@@ -833,6 +831,7 @@ qemuMigrationParamsEnableTLS(virQEMUDriverPtr driver,
     virJSONValuePtr tlsProps = NULL;
     virJSONValuePtr secProps = NULL;
     virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
+    const char *secAlias = NULL;
     int ret = -1;
 
     if (!cfg->migrateTLSx509certdir) {
@@ -849,26 +848,28 @@ qemuMigrationParamsEnableTLS(virQEMUDriverPtr driver,
     }
 
     /* If there's a secret, then grab/store it now using the connection */
-    if (cfg->migrateTLSx509secretUUID &&
-        !(priv->migSecinfo =
-          qemuDomainSecretInfoTLSNew(priv, QEMU_MIGRATION_TLS_ALIAS_BASE,
-                                     cfg->migrateTLSx509secretUUID)))
-        goto error;
+    if (cfg->migrateTLSx509secretUUID) {
+        if (!(priv->migSecinfo =
+              qemuDomainSecretInfoTLSNew(priv, QEMU_MIGRATION_TLS_ALIAS_BASE,
+                                         cfg->migrateTLSx509secretUUID)))
+            goto error;
+        secAlias = priv->migSecinfo->s.aes.alias;
+    }
 
     if (qemuDomainGetTLSObjects(priv->qemuCaps, priv->migSecinfo,
                                 cfg->migrateTLSx509certdir, tlsListen,
                                 cfg->migrateTLSx509verify,
                                 QEMU_MIGRATION_TLS_ALIAS_BASE,
-                                &tlsProps, tlsAlias, &secProps, secAlias) < 0)
+                                &tlsProps, tlsAlias, &secProps, NULL) < 0)
         goto error;
 
     /* Ensure the domain doesn't already have the TLS objects defined...
      * This should prevent any issues just in case some cleanup wasn't
      * properly completed (both src and dst use the same alias) or
      * some other error path between now and perform . */
-    qemuDomainDelTLSObjects(driver, vm, asyncJob, *secAlias, *tlsAlias);
+    qemuDomainDelTLSObjects(driver, vm, asyncJob, secAlias, *tlsAlias);
 
-    if (qemuDomainAddTLSObjects(driver, vm, asyncJob, *secAlias, &secProps,
+    if (qemuDomainAddTLSObjects(driver, vm, asyncJob, secAlias, &secProps,
                                 *tlsAlias, &tlsProps) < 0)
         goto error;
 

diff --git a/src/qemu/qemu_migration_params.h b/src/qemu/qemu_migration_params.h
index 9a865b19f359552e4032d31717d12c3dfb808e59..da4c734e3a3b39057d4b77dfaab8c136553bc014 100644 (file)
--- a/src/qemu/qemu_migration_params.h
+++ b/src/qemu/qemu_migration_params.h
@@ -98,7 +98,6 @@ qemuMigrationParamsEnableTLS(virQEMUDriverPtr driver,
                              bool tlsListen,
                              int asyncJob,
                              char **tlsAlias,
-                             char **secAlias,
                              const char *hostname,
                              qemuMigrationParamsPtr migParams);