* @tlspath: path to the TLS credentials
* @listen: boolen listen for client or server setting
* @verifypeer: boolean to enable peer verification (form of authorization)
+ * @alias: alias for the TLS credentials object
* @secalias: if one exists, the alias of the security object for passwordid
* @qemuCaps: capabilities
* @propsret: json properties to return
qemuBuildTLSx509BackendProps(const char *tlspath,
bool isListen,
bool verifypeer,
+ const char *alias,
const char *secalias,
virQEMUCapsPtr qemuCaps,
virJSONValuePtr *propsret)
return -1;
}
- if (virJSONValueObjectCreate(propsret,
- "s:dir", tlspath,
- "s:endpoint", (isListen ? "server": "client"),
- "b:verify-peer", (isListen ? verifypeer : true),
- "S:passwordid", secalias,
- NULL) < 0)
+ if (qemuMonitorCreateObjectProps(propsret, "tls-creds-x509", alias,
+ "s:dir", tlspath,
+ "s:endpoint", (isListen ? "server": "client"),
+ "b:verify-peer", (isListen ? verifypeer : true),
+ "S:passwordid", secalias,
+ NULL) < 0)
return -1;
return 0;
const char *alias,
virQEMUCapsPtr qemuCaps)
{
+ virBuffer buf = VIR_BUFFER_INITIALIZER;
int ret = -1;
virJSONValuePtr props = NULL;
- char *tmp = NULL;
- if (qemuBuildTLSx509BackendProps(tlspath, isListen, verifypeer,
- certEncSecretAlias,
- qemuCaps, &props) < 0)
+ if (qemuBuildTLSx509BackendProps(tlspath, isListen, verifypeer, alias,
+ certEncSecretAlias, qemuCaps, &props) < 0)
goto cleanup;
- if (!(tmp = virQEMUBuildObjectCommandlineFromJSONType("tls-creds-x509",
- alias, props)))
+ if (virQEMUBuildObjectCommandlineFromJSON(&buf, props) < 0)
goto cleanup;
- virCommandAddArgList(cmd, "-object", tmp, NULL);
+ virCommandAddArg(cmd, "-object");
+ virCommandAddArgBuffer(cmd, &buf);
ret = 0;
cleanup:
+ virBufferFreeAndReset(&buf);
virJSONValueFree(props);
- VIR_FREE(tmp);
return ret;
}
int qemuBuildTLSx509BackendProps(const char *tlspath,
bool isListen,
bool verifypeer,
+ const char *alias,
const char *secalias,
virQEMUCapsPtr qemuCaps,
virJSONValuePtr *propsret);
src->tlsCertdir,
false,
src->tlsVerify,
+ src->tlsAlias,
&tlsProps, NULL) < 0)
goto cleanup;
if (qemuDomainAddTLSObjects(driver, vm, QEMU_ASYNC_JOB_NONE,
- NULL, NULL, src->tlsAlias, &tlsProps) < 0)
+ NULL, NULL, &tlsProps) < 0)
goto cleanup;
ret = 0;
qemuDomainAsyncJob asyncJob,
const char *secAlias,
virJSONValuePtr *secProps,
- const char *tlsAlias,
virJSONValuePtr *tlsProps)
{
qemuDomainObjPrivatePtr priv = vm->privateData;
int rc;
virErrorPtr orig_err;
- if (!tlsAlias && !secAlias)
+ if (!tlsProps && !secAlias)
return 0;
if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0)
goto error;
}
- if (tlsAlias) {
- rc = qemuMonitorAddObjectType(priv->mon, "tls-creds-x509",
- tlsAlias, *tlsProps);
- *tlsProps = NULL; /* qemuMonitorAddObjectType consumes */
- if (rc < 0)
- goto error;
- }
+ if (tlsProps &&
+ qemuMonitorAddObject(priv->mon, tlsProps, NULL) < 0)
+ goto error;
return qemuDomainObjExitMonitor(driver, vm);
virErrorPreserveLast(&orig_err);
ignore_value(qemuDomainObjExitMonitor(driver, vm));
virErrorRestore(&orig_err);
- qemuDomainDelTLSObjects(driver, vm, asyncJob, secAlias, tlsAlias);
+ qemuDomainDelTLSObjects(driver, vm, asyncJob, secAlias, NULL);
return -1;
}
const char *tlsCertdir,
bool tlsListen,
bool tlsVerify,
+ const char *alias,
virJSONValuePtr *tlsProps,
virJSONValuePtr *secProps)
{
}
if (qemuBuildTLSx509BackendProps(tlsCertdir, tlsListen, tlsVerify,
- secAlias, qemuCaps, tlsProps) < 0)
+ alias, secAlias, qemuCaps, tlsProps) < 0)
return -1;
return 0;
cfg->chardevTLSx509certdir,
dev->data.tcp.listen,
cfg->chardevTLSx509verify,
- &tlsProps, &secProps) < 0)
+ *tlsAlias, &tlsProps, &secProps) < 0)
goto cleanup;
dev->data.tcp.tlscreds = true;
if (qemuDomainAddTLSObjects(driver, vm, QEMU_ASYNC_JOB_NONE,
- *secAlias, &secProps, *tlsAlias, &tlsProps) < 0)
+ *secAlias, &secProps, &tlsProps) < 0)
goto cleanup;
ret = 0;
qemuDomainAsyncJob asyncJob,
const char *secAlias,
virJSONValuePtr *secProps,
- const char *tlsAlias,
virJSONValuePtr *tlsProps);
int qemuDomainGetTLSObjects(virQEMUCapsPtr qemuCaps,
const char *tlsCertdir,
bool tlsListen,
bool tlsVerify,
+ const char *alias,
virJSONValuePtr *tlsProps,
virJSONValuePtr *secProps);
if (qemuDomainGetTLSObjects(priv->qemuCaps, priv->migSecinfo,
cfg->migrateTLSx509certdir, tlsListen,
cfg->migrateTLSx509verify,
- &tlsProps, &secProps) < 0)
+ *tlsAlias, &tlsProps, &secProps) < 0)
goto error;
/* Ensure the domain doesn't already have the TLS objects defined...
qemuDomainDelTLSObjects(driver, vm, asyncJob, secAlias, *tlsAlias);
if (qemuDomainAddTLSObjects(driver, vm, asyncJob, secAlias, &secProps,
- *tlsAlias, &tlsProps) < 0)
+ &tlsProps) < 0)
goto error;
if (qemuMigrationParamsSetString(migParams,
projects / thirdparty / libvirt.git / commitdiff
