From nobody Thu Apr 25 08:31:52 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1498746767318831.5873207182759; Thu, 29 Jun 2017 07:32:47 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4196212829B; Thu, 29 Jun 2017 14:32:43 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 106C15D6A6; Thu, 29 Jun 2017 14:32:43 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 8481D4A492; Thu, 29 Jun 2017 14:32:42 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v5TEWfQD010557 for ; Thu, 29 Jun 2017 10:32:41 -0400 Received: by smtp.corp.redhat.com (Postfix) id 38CC460F86; Thu, 29 Jun 2017 14:32:41 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-116-36.phx2.redhat.com [10.3.116.36]) by smtp.corp.redhat.com (Postfix) with ESMTP id EE572900AF for ; Thu, 29 Jun 2017 14:32:37 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 4196212829B Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=libvir-list-bounces@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 4196212829B From: John Ferlan To: libvir-list@redhat.com Date: Thu, 29 Jun 2017 10:32:35 -0400 Message-Id: <20170629143235.26216-1-jferlan@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2] qemu: Check for existence of provided *_tls_x509_cert_dir X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Thu, 29 Jun 2017 14:32:43 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" https://bugzilla.redhat.com/show_bug.cgi?id=3D1458630 Introduce virQEMUDriverConfigSetCertDir which will handle reading the qemu.conf config file specific setting for default, vnc, spice, chardev, and migrate. If a setting is provided, then validate the existence of the directory and overwrite the default set by virQEMUDriverConfigNew. Update the qemu.conf description for default to describe the consequences if the default directory path does not exist and as well as the descriptions for each of the *_tls_x509_cert_dir entries. Signed-off-by: John Ferlan --- v1: https://www.redhat.com/archives/libvir-list/2017-June/msg01278.html - Dropped the former 1/2 patch - Alter the logic of virQEMUDriverConfigSetCertDir to fail instead of VIR_INFO if an uncommented entry for one of the *_tls_x509_cert_dir has a path that does not exist. This will cause a libvirtd startup failure as opposed to the previous logic which would have failed only when a domain using TLS was started. - Alter the description for each of the values to more accurately describe what happens. src/qemu/qemu.conf | 29 ++++++++++++++++++++--------- src/qemu/qemu_conf.c | 38 +++++++++++++++++++++++++++++++++----- 2 files changed, 53 insertions(+), 14 deletions(-) diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf index e6c0832..b0ccffb 100644 --- a/src/qemu/qemu.conf +++ b/src/qemu/qemu.conf @@ -3,7 +3,7 @@ # defaults are used. =20 # Use of TLS requires that x509 certificates be issued. The default is -# to keep them in /etc/pki/qemu. This directory must contain +# to keep them in /etc/pki/qemu. This directory must exist and contain: # # ca-cert.pem - the CA master certificate # server-cert.pem - the server certificate signed with ca-cert.pem @@ -13,6 +13,12 @@ # # dh-params.pem - the DH params configuration file # +# If the directory does not exist or does not contain the necessary files, +# QEMU domains will fail to start if they are configured to use TLS. +# +# In order to overwrite the default path alter the following. If the provi= ded +# path does not exist, then startup will fail. +# #default_tls_x509_cert_dir =3D "/etc/pki/qemu" =20 =20 @@ -79,8 +85,9 @@ =20 # In order to override the default TLS certificate location for # vnc certificates, supply a valid path to the certificate directory. -# If the provided path does not exist then the default_tls_x509_cert_dir -# path will be used. +# If the default listed here does not exist, then the default /etc/pki/qemu +# is used. If uncommented and the provided path does not exist, then start= up +# will fail. # #vnc_tls_x509_cert_dir =3D "/etc/pki/libvirt-vnc" =20 @@ -164,8 +171,9 @@ =20 # In order to override the default TLS certificate location for # spice certificates, supply a valid path to the certificate directory. -# If the provided path does not exist then the default_tls_x509_cert_dir -# path will be used. +# If the default listed here does not exist, then the default /etc/pki/qemu +# is used. If uncommented and the provided path does not exist, then start= up +# will fail. # #spice_tls_x509_cert_dir =3D "/etc/pki/libvirt-spice" =20 @@ -216,8 +224,9 @@ =20 # In order to override the default TLS certificate location for character # device TCP certificates, supply a valid path to the certificate director= y. -# If the provided path does not exist then the default_tls_x509_cert_dir -# path will be used. +# If the default listed here does not exist, then the default /etc/pki/qemu +# is used. If uncommented and the provided path does not exist, then start= up +# will fail. # #chardev_tls_x509_cert_dir =3D "/etc/pki/libvirt-chardev" =20 @@ -252,8 +261,10 @@ =20 # In order to override the default TLS certificate location for migration # certificates, supply a valid path to the certificate directory. If the -# provided path does not exist then the default_tls_x509_cert_dir path -# will be used. Once/if a default certificate is enabled/defined, migration +# default listed here does not exist, then the default /etc/pki/qemu is us= ed. +# If uncommented and the provided path does not exist, then startup will f= ail. +# +# Once/if a default certificate is enabled/defined, migration # will then be able to use the certificate via migration API flags. # #migrate_tls_x509_cert_dir =3D "/etc/pki/libvirt-migrate" diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index 73c33d6..4eb6f0c 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -440,6 +440,34 @@ virQEMUDriverConfigHugeTLBFSInit(virHugeTLBFSPtr huget= lbfs, } =20 =20 +static int +virQEMUDriverConfigSetCertDir(virConfPtr conf, + const char *setting, + char **value) +{ + char *tlsCertDir =3D NULL; + + if (virConfGetValueString(conf, setting, &tlsCertDir) < 0) + return -1; + + if (!tlsCertDir) + return 0; + + if (!virFileExists(tlsCertDir)) { + virReportError(VIR_ERR_CONF_SYNTAX, + _("directory '%s' does not exist for setting '%s'"), + tlsCertDir, setting); + VIR_FREE(tlsCertDir); + return -1; + } else { + VIR_FREE(*value); + VIR_STEAL_PTR(*value, tlsCertDir); + } + + return 0; +} + + int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr cfg, const char *filename, bool privileged) @@ -467,7 +495,7 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr = cfg, if (!(conf =3D virConfReadFile(filename, 0))) goto cleanup; =20 - if (virConfGetValueString(conf, "default_tls_x509_cert_dir", &cfg->def= aultTLSx509certdir) < 0) + if (virQEMUDriverConfigSetCertDir(conf, "default_tls_x509_cert_dir", &= cfg->defaultTLSx509certdir) < 0) goto cleanup; if (virConfGetValueBool(conf, "default_tls_x509_verify", &cfg->default= TLSx509verify) < 0) goto cleanup; @@ -483,7 +511,7 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr = cfg, goto cleanup; if (rv =3D=3D 0) cfg->vncTLSx509verify =3D cfg->defaultTLSx509verify; - if (virConfGetValueString(conf, "vnc_tls_x509_cert_dir", &cfg->vncTLSx= 509certdir) < 0) + if (virQEMUDriverConfigSetCertDir(conf, "vnc_tls_x509_cert_dir", &cfg-= >vncTLSx509certdir) < 0) goto cleanup; if (virConfGetValueString(conf, "vnc_listen", &cfg->vncListen) < 0) goto cleanup; @@ -521,7 +549,7 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr = cfg, =20 if (virConfGetValueBool(conf, "spice_tls", &cfg->spiceTLS) < 0) goto cleanup; - if (virConfGetValueString(conf, "spice_tls_x509_cert_dir", &cfg->spice= TLSx509certdir) < 0) + if (virQEMUDriverConfigSetCertDir(conf, "spice_tls_x509_cert_dir", &cf= g->spiceTLSx509certdir) < 0) goto cleanup; if (virConfGetValueBool(conf, "spice_sasl", &cfg->spiceSASL) < 0) goto cleanup; @@ -541,8 +569,8 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr = cfg, goto cleanup; = \ if (rv =3D=3D 0) = \ cfg->val## TLSx509verify =3D cfg->defaultTLSx509verify; = \ - if (virConfGetValueString(conf, #val "_tls_x509_cert_dir", = \ - &cfg->val## TLSx509certdir) < 0) = \ + if (virQEMUDriverConfigSetCertDir(conf, #val "_tls_x509_cert_dir",= \ + &cfg->val## TLSx509certdir) < 0)= \ goto cleanup; = \ if (virConfGetValueString(conf, = \ #val "_tls_x509_secret_uuid", = \ --=20 2.9.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list