From: Peter Krempa <pkrempa@redhat.com>
Date: Thu, 23 Sep 2021 08:09:20 +0000 (+0200)
Subject: qemu: command: Simplify 'vnc' commandline generator
X-Git-Tag: v7.8.0-rc1~36
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=01c65d761cb4f643c070ee439a8d3260702dea72;p=thirdparty%2Flibvirt.git

qemu: command: Simplify 'vnc' commandline generator

'qemuDomainSecretGraphicsPrepare' always populates 'gfxPriv->tlsAlias'
when 'cfg->vncTLS' is enabled.

This means we can remove the fallback code setting up TLS for vnc via
the 'x509=' parameter.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
---

diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index a8d2b1ce74..08c88b12f4 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -7963,40 +7963,26 @@ qemuBuildGraphicsVNCCommandLine(virQEMUDriverConfig *cfg,
 
     if (cfg->vncTLS) {
         qemuDomainGraphicsPrivate *gfxPriv = QEMU_DOMAIN_GRAPHICS_PRIVATE(graphics);
-        if (gfxPriv->tlsAlias) {
-            const char *secretAlias = NULL;
+        const char *secretAlias = NULL;
 
-            if (gfxPriv->secinfo) {
-                if (qemuBuildObjectSecretCommandLine(cmd,
-                                                     gfxPriv->secinfo,
-                                                     qemuCaps) < 0)
-                    return -1;
-                secretAlias = gfxPriv->secinfo->alias;
-            }
-
-            if (qemuBuildTLSx509CommandLine(cmd,
-                                            cfg->vncTLSx509certdir,
-                                            true,
-                                            cfg->vncTLSx509verify,
-                                            secretAlias,
-                                            gfxPriv->tlsAlias,
-                                            qemuCaps) < 0)
+        if (gfxPriv->secinfo) {
+            if (qemuBuildObjectSecretCommandLine(cmd,
+                                                 gfxPriv->secinfo,
+                                                 qemuCaps) < 0)
                 return -1;
-
-            virBufferAsprintf(&opt, ",tls-creds=%s", gfxPriv->tlsAlias);
-        } else {
-            if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_VNC_OPTS))
-                virBufferAddLit(&opt, ",tls=on");
-            else
-                virBufferAddLit(&opt, ",tls");
-            if (cfg->vncTLSx509verify) {
-                virBufferAddLit(&opt, ",x509verify=");
-                virQEMUBuildBufferEscapeComma(&opt, cfg->vncTLSx509certdir);
-            } else {
-                virBufferAddLit(&opt, ",x509=");
-                virQEMUBuildBufferEscapeComma(&opt, cfg->vncTLSx509certdir);
-            }
+            secretAlias = gfxPriv->secinfo->alias;
         }
+
+        if (qemuBuildTLSx509CommandLine(cmd,
+                                        cfg->vncTLSx509certdir,
+                                        true,
+                                        cfg->vncTLSx509verify,
+                                        secretAlias,
+                                        gfxPriv->tlsAlias,
+                                        qemuCaps) < 0)
+            return -1;
+
+        virBufferAsprintf(&opt, ",tls-creds=%s", gfxPriv->tlsAlias);
     }
 
     if (cfg->vncSASL) {