From: Peter Krempa Date: Thu, 5 Mar 2020 16:59:04 +0000 (+0100) Subject: qemuDomainValidateStorageSource: Validate new network storage parameters X-Git-Tag: v6.2.0-rc1~190 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c1409e308f8e10f28ff4977309b2573a1a2d8763;p=thirdparty%2Flibvirt.git qemuDomainValidateStorageSource: Validate new network storage parameters Ensure that the new fields are allowed only when -blockdev is used or when they are in the detected part of the backing chain where qemu will handle them internally. Signed-off-by: Peter Krempa Reviewed-by: Ján Tomko --- diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 0343ff4b7e..c4270755be 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -6919,6 +6919,81 @@ qemuDomainValidateStorageSource(virStorageSourcePtr src, } } + if (src->sslverify != VIR_TRISTATE_BOOL_ABSENT) { + if (actualType != VIR_STORAGE_TYPE_NETWORK || + (src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTPS && + src->protocol != VIR_STORAGE_NET_PROTOCOL_FTPS)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("ssl verification is supported only with HTTPS/FTPS protocol")); + return -1; + } + + if (!src->detected && + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_BLOCKDEV)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("ssl verification setting is not supported by this QEMU binary")); + return -1; + } + } + + if (src->ncookies > 0) { + if (actualType != VIR_STORAGE_TYPE_NETWORK || + (src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTPS && + src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTP)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("http cookies are supported only with HTTP(S) protocol")); + return -1; + } + + if (!src->detected && + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_BLOCKDEV)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("http cookies are not supported by this QEMU binary")); + return -1; + } + + if (virStorageSourceNetCookiesValidate(src) < 0) + return -1; + } + + if (src->readahead > 0) { + if (actualType != VIR_STORAGE_TYPE_NETWORK || + (src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTPS && + src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTP && + src->protocol != VIR_STORAGE_NET_PROTOCOL_FTP && + src->protocol != VIR_STORAGE_NET_PROTOCOL_FTPS)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("readaehad is supported only with HTTP(S)/FTP(s) protocols")); + return -1; + } + + if (!src->detected && + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_BLOCKDEV)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("readahead setting is not supported with this QEMU binary")); + return -1; + } + } + + if (src->timeout > 0) { + if (actualType != VIR_STORAGE_TYPE_NETWORK || + (src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTPS && + src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTP && + src->protocol != VIR_STORAGE_NET_PROTOCOL_FTP && + src->protocol != VIR_STORAGE_NET_PROTOCOL_FTPS)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("timeout is supported only with HTTP(S)/FTP(s) protocols")); + return -1; + } + + if (!src->detected && + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_BLOCKDEV)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("timeout setting is not supported with this QEMU binary")); + return -1; + } + } + return 0; }