diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 6e814b358ca9ee31b5809d470353db843e04d453..f556e4ca263157b88b9f9c499922df951d6ef1a0 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -1999,6 +1999,7 @@ virDomainChrSourceDefCopy(virDomainChrSourceDefPtr dest, return -1; dest->data.tcp.haveTLS = src->data.tcp.haveTLS; + dest->data.tcp.tlsFromConfig = src->data.tcp.tlsFromConfig; break; case VIR_DOMAIN_CHR_TYPE_UNIX: @@ -10042,6 +10043,7 @@ virDomainChrSourceDefParseXML(virDomainChrSourceDefPtr def, char *slave = NULL; char *append = NULL; char *haveTLS = NULL; + char *tlsFromConfig = NULL; int remaining = 0; while (cur != NULL) { @@ -10051,6 +10053,8 @@ virDomainChrSourceDefParseXML(virDomainChrSourceDefPtr def, mode = virXMLPropString(cur, "mode"); if (!haveTLS) haveTLS = virXMLPropString(cur, "tls"); + if (!tlsFromConfig) + tlsFromConfig = virXMLPropString(cur, "tlsFromConfig"); switch ((virDomainChrType) def->type) { case VIR_DOMAIN_CHR_TYPE_FILE: @@ -10236,6 +10240,18 @@ virDomainChrSourceDefParseXML(virDomainChrSourceDefPtr def, goto error; } + if (tlsFromConfig && + flags & VIR_DOMAIN_DEF_PARSE_STATUS) { + int tmp; + if (virStrToLong_i(tlsFromConfig, NULL, 10, &tmp) < 0) { + virReportError(VIR_ERR_XML_ERROR, + _("Invalid tlsFromConfig value: %s"), + tlsFromConfig); + goto error; + } + def->data.tcp.tlsFromConfig = !!tmp; + } + if (!protocol) def->data.tcp.protocol = VIR_DOMAIN_CHR_TCP_PROTOCOL_RAW; else if ((def->data.tcp.protocol = @@ -10321,6 +10337,7 @@ virDomainChrSourceDefParseXML(virDomainChrSourceDefPtr def, VIR_FREE(logappend); VIR_FREE(logfile); VIR_FREE(haveTLS); + VIR_FREE(tlsFromConfig); return remaining; @@ -21508,9 +21525,14 @@ virDomainChrSourceDefFormat(virBufferPtr buf, def->data.tcp.listen ? "bind" : "connect"); virBufferEscapeString(buf, "host='%s' ", def->data.tcp.host); virBufferEscapeString(buf, "service='%s'", def->data.tcp.service); - if (def->data.tcp.haveTLS != VIR_TRISTATE_BOOL_ABSENT) + if (def->data.tcp.haveTLS != VIR_TRISTATE_BOOL_ABSENT && + !(flags & VIR_DOMAIN_DEF_FORMAT_MIGRATABLE && + def->data.tcp.tlsFromConfig)) virBufferAsprintf(buf, " tls='%s'", virTristateBoolTypeToString(def->data.tcp.haveTLS)); + if (flags & VIR_DOMAIN_DEF_FORMAT_STATUS) + virBufferAsprintf(buf, " tlsFromConfig='%d'", + def->data.tcp.tlsFromConfig); virBufferAddLit(buf, "/>\n"); virBufferAsprintf(buf, "\n", diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index f1da9c3e777aef0f2643e6f387d35b0ef4a31f92..dff28c08b39cbae5aa794274c9e313d3f2cb6727 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -1096,6 +1096,7 @@ struct _virDomainChrSourceDef { int protocol; bool tlscreds; int haveTLS; /* enum virTristateBool */ + bool tlsFromConfig; } tcp; struct { char *bindHost; diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 6cffff0c0f67e74d8bd1cc7186a6ca7e7ab4902f..41ac52d6e8cc4f410ed7e272cb0af2922b8e323c 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -6204,6 +6204,7 @@ qemuDomainPrepareChardevSourceTLS(virDomainChrSourceDefPtr source, source->data.tcp.haveTLS = VIR_TRISTATE_BOOL_YES; else source->data.tcp.haveTLS = VIR_TRISTATE_BOOL_NO; + source->data.tcp.tlsFromConfig = true; } } }