motorhead/qemu
1
0
Fork 0
mirror of https://github.com/Motorhead1991/qemu.git synced 2025-09-08 16:07:39 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

io: tls: Add qio_channel_tls_bye

Browse source 
Add a task dispatcher for gnutls_bye similar to the
qio_channel_tls_handshake_task(). The gnutls_bye() call might be
interrupted and so it needs to be rescheduled.

The migration code will make use of this to help the migration
destination identify a premature EOF. Once the session termination is
in place, any EOF that happens before the source issued gnutls_bye()
will be considered an error.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Acked-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Fabiano Rosas <farosas@suse.de>
This commit is contained in:
Fabiano Rosas 2025-02-05 13:15:00 -03:00
parent ab1cb3683b
commit 30ee88622e
3 changed files with 101 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

12
include/io/channel-tls.h
View file

@ -49,8 +49,20 @@ struct QIOChannelTLS {
QCryptoTLSSession *session; QCryptoTLSSession *session;
QIOChannelShutdown shutdown; QIOChannelShutdown shutdown;
guint hs_ioc_tag; guint hs_ioc_tag;
guint bye_ioc_tag;
}; };
/**
* qio_channel_tls_bye:
* @ioc: the TLS channel object
* @errp: pointer to a NULL-initialized error object
*
* Perform the TLS session termination. This method will return
* immediately and the termination will continue in the background,
* provided the main loop is running.
*/
void qio_channel_tls_bye(QIOChannelTLS *ioc, Error **errp);
/** /**
* qio_channel_tls_new_server: * qio_channel_tls_new_server:
* @master: the underlying channel object * @master: the underlying channel object

84
io/channel-tls.c
View file

@ -247,6 +247,85 @@ void qio_channel_tls_handshake(QIOChannelTLS *ioc,
qio_channel_tls_handshake_task(ioc, task, context); qio_channel_tls_handshake_task(ioc, task, context);
} }
static gboolean qio_channel_tls_bye_io(QIOChannel *ioc, GIOCondition condition,
gpointer user_data);
static void qio_channel_tls_bye_task(QIOChannelTLS *ioc, QIOTask *task,
GMainContext *context)
{
GIOCondition condition;
QIOChannelTLSData *data;
int status;
Error *err = NULL;
status = qcrypto_tls_session_bye(ioc->session, &err);
if (status < 0) {
trace_qio_channel_tls_bye_fail(ioc);
qio_task_set_error(task, err);
qio_task_complete(task);
return;
}
if (status == QCRYPTO_TLS_BYE_COMPLETE) {
qio_task_complete(task);
return;
}
data = g_new0(typeof(*data), 1);
data->task = task;
data->context = context;
if (context) {
g_main_context_ref(context);
}
if (status == QCRYPTO_TLS_BYE_SENDING) {
condition = G_IO_OUT;
} else {
condition = G_IO_IN;
}
trace_qio_channel_tls_bye_pending(ioc, status);
ioc->bye_ioc_tag = qio_channel_add_watch_full(ioc->master, condition,
qio_channel_tls_bye_io,
data, NULL, context);
}
static gboolean qio_channel_tls_bye_io(QIOChannel *ioc, GIOCondition condition,
gpointer user_data)
{
QIOChannelTLSData *data = user_data;
QIOTask *task = data->task;
GMainContext *context = data->context;
QIOChannelTLS *tioc = QIO_CHANNEL_TLS(qio_task_get_source(task));
tioc->bye_ioc_tag = 0;
g_free(data);
qio_channel_tls_bye_task(tioc, task, context);
if (context) {
g_main_context_unref(context);
}
return FALSE;
}
static void propagate_error(QIOTask *task, gpointer opaque)
{
qio_task_propagate_error(task, opaque);
}
void qio_channel_tls_bye(QIOChannelTLS *ioc, Error **errp)
{
QIOTask *task;
task = qio_task_new(OBJECT(ioc), propagate_error, errp, NULL);
trace_qio_channel_tls_bye_start(ioc);
qio_channel_tls_bye_task(ioc, task, NULL);
}
static void qio_channel_tls_init(Object *obj G_GNUC_UNUSED) static void qio_channel_tls_init(Object *obj G_GNUC_UNUSED)
{ {
@ -379,6 +458,11 @@ static int qio_channel_tls_close(QIOChannel *ioc,
g_clear_handle_id(&tioc->hs_ioc_tag, g_source_remove); g_clear_handle_id(&tioc->hs_ioc_tag, g_source_remove);
} }
if (tioc->bye_ioc_tag) {
trace_qio_channel_tls_bye_cancel(ioc);
g_clear_handle_id(&tioc->bye_ioc_tag, g_source_remove);
}
return qio_channel_close(tioc->master, errp); return qio_channel_close(tioc->master, errp);
} }

5
io/trace-events
View file

@ -44,6 +44,11 @@ qio_channel_tls_handshake_pending(void *ioc, int status) "TLS handshake pending
qio_channel_tls_handshake_fail(void *ioc) "TLS handshake fail ioc=%p" qio_channel_tls_handshake_fail(void *ioc) "TLS handshake fail ioc=%p"
qio_channel_tls_handshake_complete(void *ioc) "TLS handshake complete ioc=%p" qio_channel_tls_handshake_complete(void *ioc) "TLS handshake complete ioc=%p"
qio_channel_tls_handshake_cancel(void *ioc) "TLS handshake cancel ioc=%p" qio_channel_tls_handshake_cancel(void *ioc) "TLS handshake cancel ioc=%p"
qio_channel_tls_bye_start(void *ioc) "TLS termination start ioc=%p"
qio_channel_tls_bye_pending(void *ioc, int status) "TLS termination pending ioc=%p status=%d"
qio_channel_tls_bye_fail(void *ioc) "TLS termination fail ioc=%p"
qio_channel_tls_bye_complete(void *ioc) "TLS termination complete ioc=%p"
qio_channel_tls_bye_cancel(void *ioc) "TLS termination cancel ioc=%p"
qio_channel_tls_credentials_allow(void *ioc) "TLS credentials allow ioc=%p" qio_channel_tls_credentials_allow(void *ioc) "TLS credentials allow ioc=%p"
qio_channel_tls_credentials_deny(void *ioc) "TLS credentials deny ioc=%p" qio_channel_tls_credentials_deny(void *ioc) "TLS credentials deny ioc=%p"