[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 07/18] migration: fix use of TLS PSK credentials with a UNIX sock
From: |
Daniel P . Berrangé |
Subject: |
[PATCH 07/18] migration: fix use of TLS PSK credentials with a UNIX socket |
Date: |
Wed, 2 Mar 2022 17:49:21 +0000 |
The migration TLS code has a check mandating that a hostname be
available when starting a TLS session. This is expected when using
x509 credentials, but is bogus for PSK and anonymous credentials
as neither involve hostname validation.
The TLS crdentials object gained suitable error reporting in the
case of TLS with x509 credentials, so there is no longer any need
for the migration code to do its own (incorrect) validation.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
migration/tls.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/migration/tls.c b/migration/tls.c
index ca1ea3bbdd..32c384a8b6 100644
--- a/migration/tls.c
+++ b/migration/tls.c
@@ -137,10 +137,6 @@ QIOChannelTLS *migration_tls_client_create(MigrationState
*s,
if (s->parameters.tls_hostname && *s->parameters.tls_hostname) {
hostname = s->parameters.tls_hostname;
}
- if (!hostname) {
- error_setg(errp, "No hostname available for TLS");
- return NULL;
- }
tioc = qio_channel_tls_new_client(
ioc, creds, hostname, errp);
--
2.34.1
- [PATCH 00/18] tests: introduce testing coverage for TLS with migration, Daniel P . Berrangé, 2022/03/02
- [PATCH 01/18] tests: fix encoding of IP addresses in x509 certs, Daniel P . Berrangé, 2022/03/02
- [PATCH 02/18] tests: improve error message when saving TLS PSK file fails, Daniel P . Berrangé, 2022/03/02
- [PATCH 03/18] tests: support QTEST_TRACE env variable, Daniel P . Berrangé, 2022/03/02
- [PATCH 05/18] tests: add more helper macros for creating TLS x509 certs, Daniel P . Berrangé, 2022/03/02
- [PATCH 06/18] crypto: mandate a hostname when checking x509 creds on a client, Daniel P . Berrangé, 2022/03/02
- [PATCH 07/18] migration: fix use of TLS PSK credentials with a UNIX socket,
Daniel P . Berrangé <=
- [PATCH 08/18] tests: merge code for UNIX and TCP migration pre-copy tests, Daniel P . Berrangé, 2022/03/02
- [PATCH 09/18] tests: introduce ability to provide hooks for migration precopy test, Daniel P . Berrangé, 2022/03/02
- [PATCH 10/18] tests: switch migration FD passing test to use common precopy helper, Daniel P . Berrangé, 2022/03/02