[libvirt] [PATCH] qemu: fix failure to start with spice graphics and no tls

Tue Apr 30 18:13:08 UTC 2013

Commit eca3fdf inadvertantly caused a failure to start for any domain
with the following in its config:

    <graphics type='spice' autoport='yes'/>

The problem is that when tlsPort == 0 and defaultMode == "any" (which
is the default for defaultMode), this would be flagged in the code as
"needTLSPort", and if there was then no spice tls config, the new
error+fail would happen.

This patch checks for the case of defaultMode == "any", and in that
case simply doesn't allocate a TLS port (since that's probably not
what the user wanted, and it would have failed later anyway.). It does
leave the error in place for cases when the user specifically asked to
use tls in one way or another, though.
---
 src/qemu/qemu_process.c | 41 ++++++++++++++++++++++++++---------------
 1 file changed, 26 insertions(+), 15 deletions(-)

diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index e75c8c9..58f64b7 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -3294,23 +3294,34 @@ qemuProcessSPICEAllocatePorts(virQEMUDriverPtr driver,
 
     if (needTLSPort || graphics->data.spice.tlsPort == -1) {
         if (!cfg->spiceTLS) {
-            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                           _("Auto allocation of spice TLS port requested "
-                             "but spice TLS is disabled in qemu.conf"));
-            goto error;
-        }
-
-        if (virPortAllocatorAcquire(driver->remotePorts, &tlsPort) < 0)
-            goto error;
+            /* log an error and fail if tls was specifically
+             * requested, or simply ignore (don't allocate a port)
+             * if we're here due to "defaultMode='any'"
+             * (aka unspecified).
+             */
+            if ((graphics->data.spice.tlsPort == -1) ||
+                (graphics->data.spice.defaultMode
+                 == VIR_DOMAIN_GRAPHICS_SPICE_CHANNEL_MODE_SECURE)) {
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                               _("Auto allocation of spice TLS port requested "
+                                 "but spice TLS is disabled in qemu.conf"));
+                goto error;
+            }
+        } else {
+            /* cfg->spiceTLS *is* in place, so it makes sense to
+             * allocate a port.
+             */
+            if (virPortAllocatorAcquire(driver->remotePorts, &tlsPort) < 0)
+                goto error;
 
-        if (tlsPort == 0) {
-            virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
-                           _("Unable to find an unused port for SPICE TLS"));
-            virPortAllocatorRelease(driver->remotePorts, port);
-            goto error;
+            if (tlsPort == 0) {
+                virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+                               _("Unable to find an unused port for SPICE TLS"));
+                virPortAllocatorRelease(driver->remotePorts, port);
+                goto error;
+            }
+            graphics->data.spice.tlsPort = tlsPort;
         }
-
-        graphics->data.spice.tlsPort = tlsPort;
     }
 
     return 0;
-- 
1.7.11.7


