From c1409e308f8e10f28ff4977309b2573a1a2d8763 Mon Sep 17 00:00:00 2001 From: Peter Krempa Date: Thu, 5 Mar 2020 17:59:04 +0100 Subject: [PATCH] qemuDomainValidateStorageSource: Validate new network storage parameters MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Ensure that the new fields are allowed only when -blockdev is used or when they are in the detected part of the backing chain where qemu will handle them internally. Signed-off-by: Peter Krempa Reviewed-by: Ján Tomko --- src/qemu/qemu_domain.c | 75 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 0343ff4b7e..c4270755be 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -6919,6 +6919,81 @@ qemuDomainValidateStorageSource(virStorageSourcePtr src, } } + if (src->sslverify != VIR_TRISTATE_BOOL_ABSENT) { + if (actualType != VIR_STORAGE_TYPE_NETWORK || + (src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTPS && + src->protocol != VIR_STORAGE_NET_PROTOCOL_FTPS)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("ssl verification is supported only with HTTPS/FTPS protocol")); + return -1; + } + + if (!src->detected && + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_BLOCKDEV)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("ssl verification setting is not supported by this QEMU binary")); + return -1; + } + } + + if (src->ncookies > 0) { + if (actualType != VIR_STORAGE_TYPE_NETWORK || + (src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTPS && + src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTP)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("http cookies are supported only with HTTP(S) protocol")); + return -1; + } + + if (!src->detected && + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_BLOCKDEV)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("http cookies are not supported by this QEMU binary")); + return -1; + } + + if (virStorageSourceNetCookiesValidate(src) < 0) + return -1; + } + + if (src->readahead > 0) { + if (actualType != VIR_STORAGE_TYPE_NETWORK || + (src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTPS && + src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTP && + src->protocol != VIR_STORAGE_NET_PROTOCOL_FTP && + src->protocol != VIR_STORAGE_NET_PROTOCOL_FTPS)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("readaehad is supported only with HTTP(S)/FTP(s) protocols")); + return -1; + } + + if (!src->detected && + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_BLOCKDEV)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("readahead setting is not supported with this QEMU binary")); + return -1; + } + } + + if (src->timeout > 0) { + if (actualType != VIR_STORAGE_TYPE_NETWORK || + (src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTPS && + src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTP && + src->protocol != VIR_STORAGE_NET_PROTOCOL_FTP && + src->protocol != VIR_STORAGE_NET_PROTOCOL_FTPS)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("timeout is supported only with HTTP(S)/FTP(s) protocols")); + return -1; + } + + if (!src->detected && + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_BLOCKDEV)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("timeout setting is not supported with this QEMU binary")); + return -1; + } + } + return 0; } -- 2.47.2