[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 04/18] migration: fix use of TLS PSK credentials with a UNIX socke
From: |
Dr. David Alan Gilbert (git) |
Subject: |
[PULL 04/18] migration: fix use of TLS PSK credentials with a UNIX socket |
Date: |
Thu, 21 Apr 2022 19:40:38 +0100 |
From: Daniel P. Berrangé <berrange@redhat.com>
The migration TLS code has a check mandating that a hostname be
available when starting a TLS session. This is expected when using
x509 credentials, but is bogus for PSK and anonymous credentials
as neither involve hostname validation.
The TLS crdentials object gained suitable error reporting in the
case of TLS with x509 credentials, so there is no longer any need
for the migration code to do its own (incorrect) validation.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20220310171821.3724080-7-berrange@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
---
migration/tls.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/migration/tls.c b/migration/tls.c
index ca1ea3bbdd..32c384a8b6 100644
--- a/migration/tls.c
+++ b/migration/tls.c
@@ -137,10 +137,6 @@ QIOChannelTLS *migration_tls_client_create(MigrationState
*s,
if (s->parameters.tls_hostname && *s->parameters.tls_hostname) {
hostname = s->parameters.tls_hostname;
}
- if (!hostname) {
- error_setg(errp, "No hostname available for TLS");
- return NULL;
- }
tioc = qio_channel_tls_new_client(
ioc, creds, hostname, errp);
--
2.35.1
- [PULL 11/18] migration: Drop multifd tls_hostname cache, (continued)
- [PULL 11/18] migration: Drop multifd tls_hostname cache, Dr. David Alan Gilbert (git), 2022/04/21
- [PULL 13/18] migration: Move migrate_allow_multifd and helpers into migration.c, Dr. David Alan Gilbert (git), 2022/04/21
- [PULL 16/18] migration: Allow migrate-recover to run multiple times, Dr. David Alan Gilbert (git), 2022/04/21
- [PULL 14/18] migration: Export ram_load_postcopy(), Dr. David Alan Gilbert (git), 2022/04/21
- [PULL 18/18] migration: Read state once, Dr. David Alan Gilbert (git), 2022/04/21
- [PULL 12/18] migration: Add pss.postcopy_requested status, Dr. David Alan Gilbert (git), 2022/04/21
- [PULL 15/18] migration: Move channel setup out of postcopy_try_recover(), Dr. David Alan Gilbert (git), 2022/04/21
- [PULL 17/18] migration: Fix operator type, Dr. David Alan Gilbert (git), 2022/04/21
- Re: [PULL 00/18] migration queue, Dr. David Alan Gilbert, 2022/04/21
- [PULL 00/18] migration queue, Dr. David Alan Gilbert (git), 2022/04/21
- [PULL 04/18] migration: fix use of TLS PSK credentials with a UNIX socket,
Dr. David Alan Gilbert (git) <=
- [PULL 05/18] tests: switch MigrateStart struct to be stack allocated, Dr. David Alan Gilbert (git), 2022/04/21
- [PULL 01/18] tests: improve error message when saving TLS PSK file fails, Dr. David Alan Gilbert (git), 2022/04/21
- [PULL 08/18] tests: switch migration FD passing test to use common precopy helper, Dr. David Alan Gilbert (git), 2022/04/21
- [PULL 02/18] tests: support QTEST_TRACE env variable, Dr. David Alan Gilbert (git), 2022/04/21
- [PULL 10/18] migration: Postpone releasing MigrationState.hostname, Dr. David Alan Gilbert (git), 2022/04/21
- [PULL 15/18] migration: Move channel setup out of postcopy_try_recover(), Dr. David Alan Gilbert (git), 2022/04/21
- [PULL 14/18] migration: Export ram_load_postcopy(), Dr. David Alan Gilbert (git), 2022/04/21
- [PULL 16/18] migration: Allow migrate-recover to run multiple times, Dr. David Alan Gilbert (git), 2022/04/21
- [PULL 09/18] tests: expand the migration precopy helper to support failures, Dr. David Alan Gilbert (git), 2022/04/21
- [PULL 07/18] tests: introduce ability to provide hooks for migration precopy test, Dr. David Alan Gilbert (git), 2022/04/21