motorhead/qemu
1
0
Fork 0
mirror of https://github.com/Motorhead1991/qemu.git synced 2025-08-05 00:33:55 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

vnc: remove support for deprecated tls, x509, x509verify options

Browse source 
The 'tls-creds' option accepts the name of a TLS credentials
object. This replaced the usage of 'tls', 'x509' and 'x509verify'
options in 2.5.0. These deprecated options were grandfathered in
when the deprecation policy was introduded in 2.10.0, so can now
finally be removed.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 20180725092751.21767-3-berrange@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This commit is contained in:
Daniel P. Berrangé 2018-07-25 10:27:51 +01:00 committed by Gerd Hoffmann
parent 756b9da719
commit ec86faa934
3 changed files with 0 additions and 154 deletions
Download patch file Download diff file Expand all files Collapse all files

91
ui/vnc.c
View file

@ -3344,10 +3344,6 @@ static QemuOptsList qemu_vnc_opts = {
},{
.name = "tls-creds",
.type = QEMU_OPT_STRING,
},{
/* Deprecated in favour of tls-creds */
.name = "x509",
.type = QEMU_OPT_STRING,
},{
.name = "share",
.type = QEMU_OPT_STRING,
@ -3384,14 +3380,6 @@ static QemuOptsList qemu_vnc_opts = {
},{
.name = "sasl",
.type = QEMU_OPT_BOOL,
},{
/* Deprecated in favour of tls-creds */
.name = "tls",
.type = QEMU_OPT_BOOL,
},{
/* Deprecated in favour of tls-creds */
.name = "x509verify",
.type = QEMU_OPT_STRING,
},{
.name = "acl",
.type = QEMU_OPT_BOOL,
@ -3519,51 +3507,6 @@ vnc_display_setup_auth(int *auth,
}
/*
* Handle back compat with old CLI syntax by creating some
* suitable QCryptoTLSCreds objects
*/
static QCryptoTLSCreds *
vnc_display_create_creds(bool x509,
bool x509verify,
const char *dir,
const char *id,
Error **errp)
{
gchar *credsid = g_strdup_printf("tlsvnc%s", id);
Object *parent = object_get_objects_root();
Object *creds;
Error *err = NULL;
if (x509) {
creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_X509,
parent,
credsid,
&err,
"endpoint", "server",
"dir", dir,
"verify-peer", x509verify ? "yes" : "no",
NULL);
} else {
creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_ANON,
parent,
credsid,
&err,
"endpoint", "server",
NULL);
}
g_free(credsid);
if (err) {
error_propagate(errp, err);
return NULL;
}
return QCRYPTO_TLS_CREDS(creds);
}
static int vnc_display_get_address(const char *addrstr,
bool websocket,
bool reverse,
@ -3930,15 +3873,6 @@ void vnc_display_open(const char *id, Error **errp)
credid = qemu_opt_get(opts, "tls-creds");
if (credid) {
Object *creds;
if (qemu_opt_get(opts, "tls") ||
qemu_opt_get(opts, "x509") ||
qemu_opt_get(opts, "x509verify")) {
error_setg(errp,
"'tls-creds' parameter is mutually exclusive with "
"'tls', 'x509' and 'x509verify' parameters");
goto fail;
}
creds = object_resolve_path_component(
object_get_objects_root(), credid);
if (!creds) {
@ -3961,31 +3895,6 @@ void vnc_display_open(const char *id, Error **errp)
"Expecting TLS credentials with a server endpoint");
goto fail;
}
} else {
const char *path;
bool tls = false, x509 = false, x509verify = false;
tls = qemu_opt_get_bool(opts, "tls", false);
if (tls) {
path = qemu_opt_get(opts, "x509");
if (path) {
x509 = true;
} else {
path = qemu_opt_get(opts, "x509verify");
if (path) {
x509 = true;
x509verify = true;
}
}
vd->tlscreds = vnc_display_create_creds(x509,
x509verify,
path,
vd->id,
errp);
if (!vd->tlscreds) {
goto fail;
}
}
}
acl = qemu_opt_get_bool(opts, "acl", false);