From nobody Tue Feb 10 06:27:44 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 158125732231581.88445627254384; Sun, 9 Feb 2020 06:08:42 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-344-oW1nFUU7PUyIqifsprKTLw-1; Sun, 09 Feb 2020 09:06:13 -0500 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 5F8AF107ACC9; Sun, 9 Feb 2020 14:06:08 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3A7DD5C21B; Sun, 9 Feb 2020 14:06:08 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id E912318089C8; Sun, 9 Feb 2020 14:06:07 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 019E45sf018743 for ; Sun, 9 Feb 2020 09:04:05 -0500 Received: by smtp.corp.redhat.com (Postfix) id 4813583B61; Sun, 9 Feb 2020 14:04:05 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 436FD7D569 for ; Sun, 9 Feb 2020 14:04:04 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 3D4D985A33F for ; Sun, 9 Feb 2020 14:04:04 +0000 (UTC) Received: from huawei.com (szxga07-in.huawei.com [45.249.212.35]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-252-emfHLQG7PHyXEQKNAK1FYw-1; Sun, 09 Feb 2020 09:04:00 -0500 Received: from DGGEMS412-HUB.china.huawei.com (unknown [172.30.72.58]) by Forcepoint Email with ESMTP id 7FBD3B3D84028D534A84 for ; Sun, 9 Feb 2020 22:03:56 +0800 (CST) Received: from huawei.com (10.133.210.227) by DGGEMS412-HUB.china.huawei.com (10.3.19.212) with Microsoft SMTP Server id 14.3.439.0; Sun, 9 Feb 2020 22:03:49 +0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1581257175; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=GhEHF9tWSw6hU/eAGy9K+R8F1W8ssFsQtKOiKtKjVVY=; b=L4kTnnPpE5x3nU8t8auiCSMUYcjslCprphTzLm9jirgezU49SwJQXmqfsUbV55Eh1iLHh0 SP3D2LDmmCn8FUlmMyOPRsxzPzSupZDbU4EuxiRD0rtJlv5xuMel0n7asgJSV1XCdz8Zxf xm9ujf3OvNDPbeCcAKL8c6qCItBABAU= From: Zhang Bo To: Subject: [PATCH 5/6] virt-admin: Introduce command srv-update-tls Date: Sun, 9 Feb 2020 22:03:15 +0800 Message-ID: <20200209140316.3107-6-oscar.zhangbo@huawei.com> In-Reply-To: <20200209140316.3107-1-oscar.zhangbo@huawei.com> References: <20200209140316.3107-1-oscar.zhangbo@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.133.210.227] X-CFilter-Loop: Reflected X-MC-Unique: emfHLQG7PHyXEQKNAK1FYw-1 X-MC-Unique: oW1nFUU7PUyIqifsprKTLw-1 X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-MIME-Autoconverted: from quoted-printable to 8bit by lists01.pubmisc.prod.ext.phx2.redhat.com id 019E45sf018743 X-loop: libvir-list@redhat.com Cc: Zhang Bo , dengkai1@huawei.com, wuqingliang4@huawei.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" wire-up virAdmServerUpdateTlsFiles API into virt-admin client. --- tools/virt-admin.c | 88 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) diff --git a/tools/virt-admin.c b/tools/virt-admin.c index 32edfe5757..85235ae03d 100644 --- a/tools/virt-admin.c +++ b/tools/virt-admin.c @@ -957,6 +957,84 @@ cmdSrvClientsSet(vshControl *ctl, const vshCmd *cmd) goto cleanup; } =20 +/* ------------------------ + * Command srv-update-tls + * ------------------------ + */ +static const vshCmdInfo info_srv_update_tls_file[] =3D { + {.name =3D "help", + .data =3D N_("notify server to update TLS related files online.") + }, + {.name =3D "desc", + .data =3D N_("notify server to update the CA cert, " + "CA CRL, server cert / key without restarts. " + "See OPTIONS for currently supported attributes.") + }, + {.name =3D NULL} +}; + +static const vshCmdOptDef opts_srv_update_tls_file[] =3D { + {.name =3D "server", + .type =3D VSH_OT_DATA, + .flags =3D VSH_OFLAG_REQ, + .help =3D N_("Available servers on a daemon. " + "Currently only supports 'libvirtd'.") + }, + {.name =3D "filetypes", + .type =3D VSH_OT_INT, + .flags =3D VSH_OFLAG_REQ, + .help =3D N_("filetypes that need to be updated. " + "bitwise-OR of tls filetypes flags.\n" + " parameter Description:\n" + " --filetypes 1 =3D=3D=3D> cacert\n" + " --filetypes 2 =3D=3D=3D> cacrl\n" + " --filetypes 4 =3D=3D=3D> server-cert\n" + " --filetypes 8 =3D=3D=3D> server-key\n" + " or a combination of several values. eg:\n" + " --filetypes 3 =3D=3D=3D> cacert | cacrl\n" + " notice:\n" + " server cert and key must be updated together.\n") + }, + {.name =3D NULL} +}; + +static bool +cmdSrvUpdateTlsFiles(vshControl *ctl, const vshCmd *cmd) +{ + bool ret =3D false; + const char *srvname =3D NULL; + unsigned int filetypes; + + virAdmServerPtr srv =3D NULL; + vshAdmControlPtr priv =3D ctl->privData; + + if (vshCommandOptStringReq(ctl, cmd, "server", &srvname) < 0) + return false; + + if (vshCommandOptUInt(ctl, cmd, "filetypes", &filetypes) < 0) + return false; + + if (filetypes =3D=3D 0) { + vshError(ctl, "%s", _("filetypes can not be 0.")); + goto cleanup; + } + + if (!(srv =3D virAdmConnectLookupServer(priv->conn, srvname, 0))) + goto cleanup; + + if (virAdmServerUpdateTlsFiles(srv, filetypes, VIR_TLS_UPDATE_CLEAR) <= 0) { + vshError(ctl, "%s", _("Unable to update server's tls related files= .")); + goto cleanup; + } + + ret =3D true; + vshPrint(ctl, "update tls related files succeed\n"); + + cleanup: + virAdmServerFree(srv); + return ret; +} + /* -------------------------- * Command daemon-log-filters * -------------------------- @@ -1436,6 +1514,16 @@ static const vshCmdDef managementCmds[] =3D { .info =3D info_srv_clients_set, .flags =3D 0 }, + {.name =3D "srv-update-tls", + .flags =3D VSH_CMD_FLAG_ALIAS, + .alias =3D "server-update-tls" + }, + {.name =3D "server-update-tls", + .handler =3D cmdSrvUpdateTlsFiles, + .opts =3D opts_srv_update_tls_file, + .info =3D info_srv_update_tls_file, + .flags =3D 0 + }, {.name =3D "daemon-log-filters", .handler =3D cmdDaemonLogFilters, .opts =3D opts_daemon_log_filters, --=20 2.23.0.windows.1