From nobody Wed May 14 06:50:36 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1527684197180724.9513022145932; Wed, 30 May 2018 05:43:17 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx12.intmail.prod.int.phx2.redhat.com [10.5.11.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C741730DED75; Wed, 30 May 2018 12:43:15 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 6C75E9BA3D; Wed, 30 May 2018 12:43:15 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0994A41F54; Wed, 30 May 2018 12:43:15 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4UCg5E3027650 for ; Wed, 30 May 2018 08:42:05 -0400 Received: by smtp.corp.redhat.com (Postfix) id BE74F217B40A; Wed, 30 May 2018 12:42:05 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id 633BF217B409 for ; Wed, 30 May 2018 12:42:05 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Wed, 30 May 2018 14:41:25 +0200 Message-Id: <45a3d48abafb64c37f69dabced28a157059cc6fc.1527683836.git.pkrempa@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 29/38] qemu: command: Don't generate alias for TLS private key password secret X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.27 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Wed, 30 May 2018 12:43:16 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" qemuBuildTLSx509CommandLine has no business guessing which alias should be used. The alias needs to be passed in. Note that there's a lingering bad design of this, since the secret object alias is based on the device name and not on the fact that the secret is used for decrypting of the TLS private key. If we ever add authentication for chardevs this will bite us. Thankfully disk code does not support encrypted private keys for TLS so it can be happily refactored there. Signed-off-by: Peter Krempa Reviewed-by: J=EF=BF=BDn Tomko --- src/qemu/qemu_command.c | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 9ec1d30c80..c63963adfa 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -723,7 +723,8 @@ qemuBuildTLSx509BackendProps(const char *tlspath, * @tlspath: path to the TLS credentials * @listen: boolen listen for client or server setting * @verifypeer: boolean to enable peer verification (form of authorization) - * @addpasswordid: boolean to handle adding passwordid to object + * @certEncSecretAlias: alias of a 'secret' object for decrypting TLS priv= ate key + * (optional) * @inalias: Alias for the parent to generate object alias * @qemuCaps: capabilities * @@ -736,7 +737,7 @@ qemuBuildTLSx509CommandLine(virCommandPtr cmd, const char *tlspath, bool isListen, bool verifypeer, - bool addpasswordid, + const char *certEncSecretAlias, const char *inalias, virQEMUCapsPtr qemuCaps) { @@ -744,13 +745,9 @@ qemuBuildTLSx509CommandLine(virCommandPtr cmd, char *objalias =3D NULL; virJSONValuePtr props =3D NULL; char *tmp =3D NULL; - char *secalias =3D NULL; - if (addpasswordid && - !(secalias =3D qemuDomainGetSecretAESAlias(inalias, false))) - return -1; - - if (qemuBuildTLSx509BackendProps(tlspath, isListen, verifypeer, secali= as, + if (qemuBuildTLSx509BackendProps(tlspath, isListen, verifypeer, + certEncSecretAlias, qemuCaps, &props) < 0) goto cleanup; @@ -769,7 +766,6 @@ qemuBuildTLSx509CommandLine(virCommandPtr cmd, virJSONValueFree(props); VIR_FREE(objalias); VIR_FREE(tmp); - VIR_FREE(secalias); return ret; } @@ -793,7 +789,7 @@ qemuBuildDiskSrcTLSx509CommandLine(virCommandPtr cmd, src->haveTLS =3D=3D VIR_TRISTATE_BOOL_YES) { return qemuBuildTLSx509CommandLine(cmd, src->tlsCertdir, false, src->tlsVerify, - false, srcalias, qemuCaps); + NULL, srcalias, qemuCaps); } return 0; @@ -4986,20 +4982,24 @@ qemuBuildChrChardevStr(virLogManagerPtr logManager, qemuDomainChrSourcePrivatePtr chrSourcePriv =3D QEMU_DOMAIN_CHR_SOURCE_PRIVATE(dev); char *objalias =3D NULL; + const char *tlsCertEncSecAlias =3D NULL; /* Add the secret object first if necessary. The * secinfo is added only to a TCP serial device during * qemuDomainSecretChardevPrepare. Subsequently called * functions can just check the config fields */ - if (chrSourcePriv && chrSourcePriv->secinfo && - qemuBuildObjectSecretCommandLine(cmd, - chrSourcePriv->secinfo) <= 0) - goto cleanup; + if (chrSourcePriv && chrSourcePriv->secinfo) { + if (qemuBuildObjectSecretCommandLine(cmd, + chrSourcePriv->secinf= o) < 0) + goto cleanup; + + tlsCertEncSecAlias =3D chrSourcePriv->secinfo->s.aes.alias; + } if (qemuBuildTLSx509CommandLine(cmd, cfg->chardevTLSx509certdi= r, dev->data.tcp.listen, cfg->chardevTLSx509verify, - !!cfg->chardevTLSx509secretUUI= D, + tlsCertEncSecAlias, charAlias, qemuCaps) < 0) goto cleanup; --=20 2.16.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list