1. Patchew
  2. QEMU
  3. [PATCH v6 0/7] crypto: Make QCryptoTLSCreds* structures private
  4. View patch

[PATCH v6 3/7] qemu-nbd: Use qcrypto_tls_creds_check_endpoint()

Philippe Mathieu-Daudé posted 7 patches 4 years, 7 months ago
[PATCH v6 3/7] qemu-nbd: Use qcrypto_tls_creds_check_endpoint()
Posted by Philippe Mathieu-Daudé 4 years, 7 months ago 
Avoid accessing QCryptoTLSCreds internals by using
the qcrypto_tls_creds_check_endpoint() helper.

Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
---
 qemu-nbd.c | 19 +++++++------------
 1 file changed, 7 insertions(+), 12 deletions(-)

diff --git a/qemu-nbd.c b/qemu-nbd.c
index 93ef4e288fd..26ffbf15af0 100644
--- a/qemu-nbd.c
+++ b/qemu-nbd.c
@@ -43,6 +43,7 @@
 #include "io/channel-socket.h"
 #include "io/net-listener.h"
 #include "crypto/init.h"
+#include "crypto/tlscreds.h"
 #include "trace/control.h"
 #include "qemu-version.h"
 
@@ -422,18 +423,12 @@ static QCryptoTLSCreds *nbd_get_tls_creds(const char *id, bool list,
         return NULL;
     }
 
-    if (list) {
-        if (creds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT) {
-            error_setg(errp,
-                       "Expecting TLS credentials with a client endpoint");
-            return NULL;
-        }
-    } else {
-        if (creds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
-            error_setg(errp,
-                       "Expecting TLS credentials with a server endpoint");
-            return NULL;
-        }
+    if (!qcrypto_tls_creds_check_endpoint(creds,
+                                          list
+                                          ? QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT
+                                          : QCRYPTO_TLS_CREDS_ENDPOINT_SERVER,
+                                          errp)) {
+        return NULL;
     }
     object_ref(obj);
     return creds;
-- 
2.31.1
Re: [PATCH v6 3/7] qemu-nbd: Use qcrypto_tls_creds_check_endpoint()
Posted by Eric Blake 4 years, 7 months ago 
On Mon, Jun 28, 2021 at 06:09:10PM +0200, Philippe Mathieu-Daudé wrote:
> Avoid accessing QCryptoTLSCreds internals by using
> the qcrypto_tls_creds_check_endpoint() helper.
> 
> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
> ---
>  qemu-nbd.c | 19 +++++++------------
>  1 file changed, 7 insertions(+), 12 deletions(-)

Reviewed-by: Eric Blake <eblake@redhat.com>

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org
Re: [PATCH v6 3/7] qemu-nbd: Use qcrypto_tls_creds_check_endpoint()
Posted by Akihiko Odaki 4 years, 7 months ago 
Tested-by: Akihiko Odaki <akihiko.odaki@gmail.com>

2021年6月29日(火) 1:09 Philippe Mathieu-Daudé <philmd@redhat.com>:
>
> Avoid accessing QCryptoTLSCreds internals by using
> the qcrypto_tls_creds_check_endpoint() helper.
>
> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
> ---
>  qemu-nbd.c | 19 +++++++------------
>  1 file changed, 7 insertions(+), 12 deletions(-)
>
> diff --git a/qemu-nbd.c b/qemu-nbd.c
> index 93ef4e288fd..26ffbf15af0 100644
> --- a/qemu-nbd.c
> +++ b/qemu-nbd.c
> @@ -43,6 +43,7 @@
>  #include "io/channel-socket.h"
>  #include "io/net-listener.h"
>  #include "crypto/init.h"
> +#include "crypto/tlscreds.h"
>  #include "trace/control.h"
>  #include "qemu-version.h"
>
> @@ -422,18 +423,12 @@ static QCryptoTLSCreds *nbd_get_tls_creds(const char *id, bool list,
>          return NULL;
>      }
>
> -    if (list) {
> -        if (creds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT) {
> -            error_setg(errp,
> -                       "Expecting TLS credentials with a client endpoint");
> -            return NULL;
> -        }
> -    } else {
> -        if (creds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
> -            error_setg(errp,
> -                       "Expecting TLS credentials with a server endpoint");
> -            return NULL;
> -        }
> +    if (!qcrypto_tls_creds_check_endpoint(creds,
> +                                          list
> +                                          ? QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT
> +                                          : QCRYPTO_TLS_CREDS_ENDPOINT_SERVER,
> +                                          errp)) {
> +        return NULL;
>      }
>      object_ref(obj);
>      return creds;
> --
> 2.31.1
>
Re: [PATCH v6 3/7] qemu-nbd: Use qcrypto_tls_creds_check_endpoint()
Posted by Philippe Mathieu-Daudé 4 years, 7 months ago 
On 6/29/21 4:52 AM, Akihiko Odaki wrote:
> Tested-by: Akihiko Odaki <akihiko.odaki@gmail.com>

Thanks! Does this apply to this single patch or the
whole series (since this patch depends on patch #1)?

> 2021年6月29日(火) 1:09 Philippe Mathieu-Daudé <philmd@redhat.com>:
>>
>> Avoid accessing QCryptoTLSCreds internals by using
>> the qcrypto_tls_creds_check_endpoint() helper.
>>
>> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
>> ---
>>  qemu-nbd.c | 19 +++++++------------
>>  1 file changed, 7 insertions(+), 12 deletions(-)
Re: [PATCH v6 3/7] qemu-nbd: Use qcrypto_tls_creds_check_endpoint()
Posted by Akihiko Odaki 4 years, 7 months ago 
I tested only with qemu-nbd. Other files were compiled successfully
but I have not tested them.

On Tue, Jun 29, 2021 at 4:01 PM Philippe Mathieu-Daudé
<philmd@redhat.com> wrote:
>
> On 6/29/21 4:52 AM, Akihiko Odaki wrote:
> > Tested-by: Akihiko Odaki <akihiko.odaki@gmail.com>
>
> Thanks! Does this apply to this single patch or the
> whole series (since this patch depends on patch #1)?
>
> > 2021年6月29日(火) 1:09 Philippe Mathieu-Daudé <philmd@redhat.com>:
> >>
> >> Avoid accessing QCryptoTLSCreds internals by using
> >> the qcrypto_tls_creds_check_endpoint() helper.
> >>
> >> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
> >> ---
> >>  qemu-nbd.c | 19 +++++++------------
> >>  1 file changed, 7 insertions(+), 12 deletions(-)
>

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.