qemu: Set tlsHostname inside qemuMigrationParamsEnableTLS

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>

diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 9a9a881f9b122ea1d821daff9ee704fa165a0780..c2cd9377436c8d3b1403769e3e25e3d456499443 100644 (file)
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -2454,13 +2454,9 @@ qemuMigrationDstPrepareAny(virQEMUDriverPtr driver,
         cfg = virQEMUDriverGetConfig(driver);
         if (qemuMigrationParamsEnableTLS(driver, vm, cfg, true,
                                          QEMU_ASYNC_JOB_MIGRATION_IN,
-                                         &tlsAlias, &secAlias, migParams) < 0)
+                                         &tlsAlias, &secAlias, NULL,
+                                         migParams) < 0)
             goto stopjob;
-
-        /* Force reset of 'tls-hostname', it's a source only parameter */
-        if (VIR_STRDUP(migParams->params.tlsHostname, "") < 0)
-            goto stopjob;
-
     } else {
         if (qemuMigrationParamsDisableTLS(vm, migParams) < 0)
             goto stopjob;
@@ -3406,23 +3402,20 @@ qemuMigrationSrcRun(virQEMUDriverPtr driver,
         VIR_WARN("unable to provide data for graphics client relocation");
 
     if (flags & VIR_MIGRATE_TLS) {
-        cfg = virQEMUDriverGetConfig(driver);
-        if (qemuMigrationParamsEnableTLS(driver, vm, cfg, false,
-                                         QEMU_ASYNC_JOB_MIGRATION_OUT,
-                                         &tlsAlias, &secAlias, migParams) < 0)
-            goto error;
+        const char *hostname = NULL;
 
         /* We need to add tls-hostname whenever QEMU itself does not
          * connect directly to the destination. */
         if (spec->destType == MIGRATION_DEST_CONNECT_HOST ||
-            spec->destType == MIGRATION_DEST_FD) {
-            if (VIR_STRDUP(migParams->params.tlsHostname, spec->dest.host.name) < 0)
-                goto error;
-        } else {
-            /* Be sure there's nothing from a previous migration */
-            if (VIR_STRDUP(migParams->params.tlsHostname, "") < 0)
-                goto error;
-        }
+            spec->destType == MIGRATION_DEST_FD)
+            hostname = spec->dest.host.name;
+
+        cfg = virQEMUDriverGetConfig(driver);
+        if (qemuMigrationParamsEnableTLS(driver, vm, cfg, false,
+                                         QEMU_ASYNC_JOB_MIGRATION_OUT,
+                                         &tlsAlias, &secAlias, hostname,
+                                         migParams) < 0)
+            goto error;
     } else {
         if (qemuMigrationParamsDisableTLS(vm, migParams) < 0)
             goto error;

diff --git a/src/qemu/qemu_migration_params.c b/src/qemu/qemu_migration_params.c
index bb3bbc30f39f6a48b411c304f396dea4fc9da6a1..476687aae2fc888c5b00d19291b9921e8253b8b2 100644 (file)
--- a/src/qemu/qemu_migration_params.c
+++ b/src/qemu/qemu_migration_params.c
@@ -141,9 +141,12 @@ qemuMigrationParamsSet(virQEMUDriverPtr driver,
  * @asyncJob: Migration job to join
  * @tlsAlias: alias to be generated for TLS object
  * @secAlias: alias to be generated for a secinfo object
+ * @hostname: hostname of the migration destination
  * @migParams: migration parameters to set
  *
- * Create the TLS objects for the migration and set the migParams value
+ * Create the TLS objects for the migration and set the migParams value.
+ * If QEMU itself does not connect to the destination @hostname must be
+ * provided for certificate verification.
  *
  * Returns 0 on success, -1 on failure
  */
@@ -155,6 +158,7 @@ qemuMigrationParamsEnableTLS(virQEMUDriverPtr driver,
                              int asyncJob,
                              char **tlsAlias,
                              char **secAlias,
+                             const char *hostname,
                              qemuMigrationParamsPtr migParams)
 {
     qemuDomainObjPrivatePtr priv = vm->privateData;
@@ -198,7 +202,8 @@ qemuMigrationParamsEnableTLS(virQEMUDriverPtr driver,
                                 *tlsAlias, &tlsProps) < 0)
         goto error;
 
-    if (VIR_STRDUP(migParams->params.tlsCreds, *tlsAlias) < 0)
+    if (VIR_STRDUP(migParams->params.tlsCreds, *tlsAlias) < 0 ||
+        VIR_STRDUP(migParams->params.tlsHostname, hostname ? hostname : "") < 0)
         goto error;
 
     return 0;

diff --git a/src/qemu/qemu_migration_params.h b/src/qemu/qemu_migration_params.h
index 6f3fb67949f24d4c40932ba4d77745dc8d98630b..6535c3af4746aeea5484cdeaeb50a04340ae4d5a 100644 (file)
--- a/src/qemu/qemu_migration_params.h
+++ b/src/qemu/qemu_migration_params.h
@@ -79,6 +79,7 @@ qemuMigrationParamsEnableTLS(virQEMUDriverPtr driver,
                              int asyncJob,
                              char **tlsAlias,
                              char **secAlias,
+                             const char *hostname,
                              qemuMigrationParamsPtr migParams);
 
 int