[PATCH 07/18] migration: fix use of TLS PSK credentials with a UNIX sock

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 07/18] migration: fix use of TLS PSK credentials with a UNIX sock

From:	Daniel P . Berrangé
Subject:	[PATCH 07/18] migration: fix use of TLS PSK credentials with a UNIX socket
Date:	Wed, 2 Mar 2022 17:49:21 +0000

The migration TLS code has a check mandating that a hostname be
available when starting a TLS session. This is expected when using
x509 credentials, but is bogus for PSK and anonymous credentials
as neither involve hostname validation.

The TLS crdentials object gained suitable error reporting in the
case of TLS with x509 credentials, so there is no longer any need
for the migration code to do its own (incorrect) validation.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 migration/tls.c | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/migration/tls.c b/migration/tls.c
index ca1ea3bbdd..32c384a8b6 100644
--- a/migration/tls.c
+++ b/migration/tls.c
@@ -137,10 +137,6 @@ QIOChannelTLS *migration_tls_client_create(MigrationState 
*s,
     if (s->parameters.tls_hostname && *s->parameters.tls_hostname) {
         hostname = s->parameters.tls_hostname;
     }
-    if (!hostname) {
-        error_setg(errp, "No hostname available for TLS");
-        return NULL;
-    }
 
     tioc = qio_channel_tls_new_client(
         ioc, creds, hostname, errp);
-- 
2.34.1

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 00/18] tests: introduce testing coverage for TLS with migration, Daniel P . Berrangé, 2022/03/02
- [PATCH 01/18] tests: fix encoding of IP addresses in x509 certs, Daniel P . Berrangé, 2022/03/02
- [PATCH 02/18] tests: improve error message when saving TLS PSK file fails, Daniel P . Berrangé, 2022/03/02
  - Re: [PATCH 02/18] tests: improve error message when saving TLS PSK file fails, Peter Xu, 2022/03/07
- [PATCH 03/18] tests: support QTEST_TRACE env variable, Daniel P . Berrangé, 2022/03/02
  - Re: [PATCH 03/18] tests: support QTEST_TRACE env variable, Peter Xu, 2022/03/07
  - Re: [PATCH 03/18] tests: support QTEST_TRACE env variable, Thomas Huth, 2022/03/07
- [PATCH 05/18] tests: add more helper macros for creating TLS x509 certs, Daniel P . Berrangé, 2022/03/02
- [PATCH 06/18] crypto: mandate a hostname when checking x509 creds on a client, Daniel P . Berrangé, 2022/03/02
- [PATCH 07/18] migration: fix use of TLS PSK credentials with a UNIX socket, Daniel P . Berrangé <=
  - Re: [PATCH 07/18] migration: fix use of TLS PSK credentials with a UNIX socket, Peter Xu, 2022/03/07
    - Re: [PATCH 07/18] migration: fix use of TLS PSK credentials with a UNIX socket, Daniel P . Berrangé, 2022/03/07
- [PATCH 08/18] tests: merge code for UNIX and TCP migration pre-copy tests, Daniel P . Berrangé, 2022/03/02
  - Re: [PATCH 08/18] tests: merge code for UNIX and TCP migration pre-copy tests, Peter Xu, 2022/03/07
  - Re: [PATCH 08/18] tests: merge code for UNIX and TCP migration pre-copy tests, Thomas Huth, 2022/03/07
    - Re: [PATCH 08/18] tests: merge code for UNIX and TCP migration pre-copy tests, Daniel P . Berrangé, 2022/03/10
- [PATCH 09/18] tests: introduce ability to provide hooks for migration precopy test, Daniel P . Berrangé, 2022/03/02
  - Re: [PATCH 09/18] tests: introduce ability to provide hooks for migration precopy test, Peter Xu, 2022/03/07
- [PATCH 10/18] tests: switch migration FD passing test to use common precopy helper, Daniel P . Berrangé, 2022/03/02
  - Re: [PATCH 10/18] tests: switch migration FD passing test to use common precopy helper, Peter Xu, 2022/03/07

Prev by Date: [PATCH 06/18] crypto: mandate a hostname when checking x509 creds on a client
Next by Date: [PATCH 08/18] tests: merge code for UNIX and TCP migration pre-copy tests
Previous by thread: [PATCH 06/18] crypto: mandate a hostname when checking x509 creds on a client
Next by thread: Re: [PATCH 07/18] migration: fix use of TLS PSK credentials with a UNIX socket
Index(es):
- Date
- Thread