[libvirt] [PATCH 05/38] qemu: domain: Add new function to set up encrypted secrets only
Ján Tomko
jtomko at redhat.com
Wed May 30 16:03:26 UTC 2018
On Wed, May 30, 2018 at 05:25:27PM +0200, Ján Tomko wrote:
>On Wed, May 30, 2018 at 02:41:01PM +0200, Peter Krempa wrote:
>>Some code paths can't use the unencrypted secret. Add a helper which
>>checks and sets up an encrypted secret only and reuse it when setting up
>>the secret to decrypt the TLS private key in qemuDomainSecretInfoTLSNew.
>>
>>Signed-off-by: Peter Krempa <pkrempa at redhat.com>
>>---
>> src/qemu/qemu_domain.c | 49 ++++++++++++++++++++++++++++++++++++++++++++++---
>> 1 file changed, 46 insertions(+), 3 deletions(-)
>>
>>diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
>>index cda3d00f75..67bf2f6718 100644
>>--- a/src/qemu/qemu_domain.c
>>+++ b/src/qemu/qemu_domain.c
>>@@ -1399,6 +1399,49 @@ qemuDomainSecretInfoNewPlain(qemuDomainObjPrivatePtr priv,
>> }
>>
>>
>>+/* qemuDomainSecretInfoNew:
>>+ * @priv: pointer to domain private object
>>+ * @srcAlias: Alias base to use for TLS object
>>+ * @usageType: Secret usage type
>>+ * @username: username for plain secrets (only)
>
>AFAIK we have been using username with AES secrets since:
>commit a1344f70a128921e7fe7213da7c1afbc962fba9c
> qemu: Utilize qemu secret objects for RBD auth/secret
>
>Just drop the plain secret reference and resort to tautological documentation.
>
>>+ * @looupdef: lookup def describing secret
Also, the parameter is named lookupDef
Jano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20180530/b137db8d/attachment-0001.sig>
More information about the libvir-list
mailing list