1. Patchew
  2. QEMU
  3. [PATCH 00/21] crypto: support multiple parallel certificate identities
  4. View patch

[PATCH 15/21] crypto: make TLS credentials structs private

Daniel P. Berrangé posted 21 patches 2 weeks, 1 day ago
Maintainers: "Daniel P. Berrangé" <berrange@redhat.com>, "Marc-André Lureau" <marcandre.lureau@redhat.com>
[PATCH 15/21] crypto: make TLS credentials structs private
Posted by Daniel P. Berrangé 2 weeks, 1 day ago 
Now that the TLS session code no longer needs to look at the TLS
credential structs, they can be made private.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 crypto/tlscredsanon.c |  3 +++
 crypto/tlscredspriv.h | 15 ---------------
 crypto/tlscredspsk.c  |  5 +++++
 crypto/tlscredsx509.c |  6 ++++++
 4 files changed, 14 insertions(+), 15 deletions(-)

diff --git a/crypto/tlscredsanon.c b/crypto/tlscredsanon.c
index 0a728ccbf6..69ed1d792a 100644
--- a/crypto/tlscredsanon.c
+++ b/crypto/tlscredsanon.c
@@ -31,6 +31,9 @@
 
 #include <gnutls/gnutls.h>
 
+struct QCryptoTLSCredsAnon {
+    QCryptoTLSCreds parent_obj;
+};
 
 static int
 qcrypto_tls_creds_anon_load(QCryptoTLSCredsAnon *creds,
diff --git a/crypto/tlscredspriv.h b/crypto/tlscredspriv.h
index 4e6dffa22f..69dac02437 100644
--- a/crypto/tlscredspriv.h
+++ b/crypto/tlscredspriv.h
@@ -37,21 +37,6 @@ struct QCryptoTLSCreds {
     QCryptoTLSCredsBox *box;
 };
 
-struct QCryptoTLSCredsAnon {
-    QCryptoTLSCreds parent_obj;
-};
-
-struct QCryptoTLSCredsPSK {
-    QCryptoTLSCreds parent_obj;
-    char *username;
-};
-
-struct QCryptoTLSCredsX509 {
-    QCryptoTLSCreds parent_obj;
-    bool sanityCheck;
-    char *passwordid;
-};
-
 #ifdef CONFIG_GNUTLS
 
 int qcrypto_tls_creds_get_path(QCryptoTLSCreds *creds,
diff --git a/crypto/tlscredspsk.c b/crypto/tlscredspsk.c
index 5568f1ad0c..e437985260 100644
--- a/crypto/tlscredspsk.c
+++ b/crypto/tlscredspsk.c
@@ -31,6 +31,11 @@
 
 #include <gnutls/gnutls.h>
 
+struct QCryptoTLSCredsPSK {
+    QCryptoTLSCreds parent_obj;
+    char *username;
+};
+
 static int
 lookup_key(const char *pskfile, const char *username, gnutls_datum_t *key,
            Error **errp)
diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c
index ef31ea664c..2fc0872627 100644
--- a/crypto/tlscredsx509.c
+++ b/crypto/tlscredsx509.c
@@ -33,6 +33,12 @@
 #include <gnutls/gnutls.h>
 #include <gnutls/x509.h>
 
+struct QCryptoTLSCredsX509 {
+    QCryptoTLSCreds parent_obj;
+    bool sanityCheck;
+    char *passwordid;
+};
+
 
 static int
 qcrypto_tls_creds_check_cert_times(gnutls_x509_crt_t cert,
-- 
2.51.1
Re: [PATCH 15/21] crypto: make TLS credentials structs private
Posted by Marc-André Lureau 2 weeks ago 
On Thu, Oct 30, 2025 at 6:50 PM Daniel P. Berrangé <berrange@redhat.com>
wrote:

> Now that the TLS session code no longer needs to look at the TLS
> credential structs, they can be made private.
>
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
>

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>


> ---
>  crypto/tlscredsanon.c |  3 +++
>  crypto/tlscredspriv.h | 15 ---------------
>  crypto/tlscredspsk.c  |  5 +++++
>  crypto/tlscredsx509.c |  6 ++++++
>  4 files changed, 14 insertions(+), 15 deletions(-)
>
> diff --git a/crypto/tlscredsanon.c b/crypto/tlscredsanon.c
> index 0a728ccbf6..69ed1d792a 100644
> --- a/crypto/tlscredsanon.c
> +++ b/crypto/tlscredsanon.c
> @@ -31,6 +31,9 @@
>
>  #include <gnutls/gnutls.h>
>
> +struct QCryptoTLSCredsAnon {
> +    QCryptoTLSCreds parent_obj;
> +};
>
>  static int
>  qcrypto_tls_creds_anon_load(QCryptoTLSCredsAnon *creds,
> diff --git a/crypto/tlscredspriv.h b/crypto/tlscredspriv.h
> index 4e6dffa22f..69dac02437 100644
> --- a/crypto/tlscredspriv.h
> +++ b/crypto/tlscredspriv.h
> @@ -37,21 +37,6 @@ struct QCryptoTLSCreds {
>      QCryptoTLSCredsBox *box;
>  };
>
> -struct QCryptoTLSCredsAnon {
> -    QCryptoTLSCreds parent_obj;
> -};
> -
> -struct QCryptoTLSCredsPSK {
> -    QCryptoTLSCreds parent_obj;
> -    char *username;
> -};
> -
> -struct QCryptoTLSCredsX509 {
> -    QCryptoTLSCreds parent_obj;
> -    bool sanityCheck;
> -    char *passwordid;
> -};
> -
>  #ifdef CONFIG_GNUTLS
>
>  int qcrypto_tls_creds_get_path(QCryptoTLSCreds *creds,
> diff --git a/crypto/tlscredspsk.c b/crypto/tlscredspsk.c
> index 5568f1ad0c..e437985260 100644
> --- a/crypto/tlscredspsk.c
> +++ b/crypto/tlscredspsk.c
> @@ -31,6 +31,11 @@
>
>  #include <gnutls/gnutls.h>
>
> +struct QCryptoTLSCredsPSK {
> +    QCryptoTLSCreds parent_obj;
> +    char *username;
> +};
> +
>  static int
>  lookup_key(const char *pskfile, const char *username, gnutls_datum_t *key,
>             Error **errp)
> diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c
> index ef31ea664c..2fc0872627 100644
> --- a/crypto/tlscredsx509.c
> +++ b/crypto/tlscredsx509.c
> @@ -33,6 +33,12 @@
>  #include <gnutls/gnutls.h>
>  #include <gnutls/x509.h>
>
> +struct QCryptoTLSCredsX509 {
> +    QCryptoTLSCreds parent_obj;
> +    bool sanityCheck;
> +    char *passwordid;
> +};
> +
>
>  static int
>  qcrypto_tls_creds_check_cert_times(gnutls_x509_crt_t cert,
> --
> 2.51.1
>
>

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.