[libvirt] [PULL 06/12] vnc: remove support for deprecated tls, x509, x509verify options
From: Daniel P. Berrangé
The 'tls-creds' option accepts the name of a TLS credentials
object. This replaced the usage of 'tls', 'x509' and 'x509verify'
options in 2.5.0. These deprecated options were grandfathered in
when the deprecation policy was introduded in 2.10.0, so can now
finally be removed.
Signed-off-by: Daniel P. Berrangé
Message-id: 20180725092751.21767-3-berra...@redhat.com
Signed-off-by: Gerd Hoffmann
---
ui/vnc.c | 91
qemu-deprecated.texi | 20
qemu-options.hx | 43 -
3 files changed, 154 deletions(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index 359693238b..fd929b0957 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -3345,10 +3345,6 @@ static QemuOptsList qemu_vnc_opts = {
.name = "tls-creds",
.type = QEMU_OPT_STRING,
},{
-/* Deprecated in favour of tls-creds */
-.name = "x509",
-.type = QEMU_OPT_STRING,
-},{
.name = "share",
.type = QEMU_OPT_STRING,
},{
@@ -3385,14 +3381,6 @@ static QemuOptsList qemu_vnc_opts = {
.name = "sasl",
.type = QEMU_OPT_BOOL,
},{
-/* Deprecated in favour of tls-creds */
-.name = "tls",
-.type = QEMU_OPT_BOOL,
-},{
-/* Deprecated in favour of tls-creds */
-.name = "x509verify",
-.type = QEMU_OPT_STRING,
-},{
.name = "acl",
.type = QEMU_OPT_BOOL,
},{
@@ -3519,51 +3507,6 @@ vnc_display_setup_auth(int *auth,
}
-/*
- * Handle back compat with old CLI syntax by creating some
- * suitable QCryptoTLSCreds objects
- */
-static QCryptoTLSCreds *
-vnc_display_create_creds(bool x509,
- bool x509verify,
- const char *dir,
- const char *id,
- Error **errp)
-{
-gchar *credsid = g_strdup_printf("tlsvnc%s", id);
-Object *parent = object_get_objects_root();
-Object *creds;
-Error *err = NULL;
-
-if (x509) {
-creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_X509,
- parent,
- credsid,
- ,
- "endpoint", "server",
- "dir", dir,
- "verify-peer", x509verify ? "yes" : "no",
- NULL);
-} else {
-creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_ANON,
- parent,
- credsid,
- ,
- "endpoint", "server",
- NULL);
-}
-
-g_free(credsid);
-
-if (err) {
-error_propagate(errp, err);
-return NULL;
-}
-
-return QCRYPTO_TLS_CREDS(creds);
-}
-
-
static int vnc_display_get_address(const char *addrstr,
bool websocket,
bool reverse,
@@ -3930,15 +3873,6 @@ void vnc_display_open(const char *id, Error **errp)
credid = qemu_opt_get(opts, "tls-creds");
if (credid) {
Object *creds;
-if (qemu_opt_get(opts, "tls") ||
-qemu_opt_get(opts, "x509") ||
-qemu_opt_get(opts, "x509verify")) {
-error_setg(errp,
- "'tls-creds' parameter is mutually exclusive with "
- "'tls', 'x509' and 'x509verify' parameters");
-goto fail;
-}
-
creds = object_resolve_path_component(
object_get_objects_root(), credid);
if (!creds) {
@@ -3961,31 +3895,6 @@ void vnc_display_open(const char *id, Error **errp)
"Expecting TLS credentials with a server endpoint");
goto fail;
}
-} else {
-const char *path;
-bool tls = false, x509 = false, x509verify = false;
-tls = qemu_opt_get_bool(opts, "tls", false);
-if (tls) {
-path = qemu_opt_get(opts, "x509");
-
-if (path) {
-x509 = true;
-} else {
-path = qemu_opt_get(opts, "x509verify");
-if (path) {
-x509 = true;
-x509verify = true;
-}
-}
-vd->tlscreds = vnc_display_create_creds(x509,
-x509verify,
-path,
-vd->id,
-errp);
-if (!vd->tlscreds) {
-goto fail;
-}
-}
}
acl = qemu_opt_get_bool(opts,
[libvirt] [PULL 06/12] vnc: remove support for deprecated tls, x509, x509verify options
From: Daniel P. Berrangé
The 'tls-creds' option accepts the name of a TLS credentials
object. This replaced the usage of 'tls', 'x509' and 'x509verify'
options in 2.5.0. These deprecated options were grandfathered in
when the deprecation policy was introduded in 2.10.0, so can now
finally be removed.
Signed-off-by: Daniel P. Berrangé
Message-id: 20180725092751.21767-3-berra...@redhat.com
Signed-off-by: Gerd Hoffmann
---
ui/vnc.c | 91
qemu-deprecated.texi | 20
qemu-options.hx | 43 -
3 files changed, 154 deletions(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index 359693238b..fd929b0957 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -3345,10 +3345,6 @@ static QemuOptsList qemu_vnc_opts = {
.name = "tls-creds",
.type = QEMU_OPT_STRING,
},{
-/* Deprecated in favour of tls-creds */
-.name = "x509",
-.type = QEMU_OPT_STRING,
-},{
.name = "share",
.type = QEMU_OPT_STRING,
},{
@@ -3385,14 +3381,6 @@ static QemuOptsList qemu_vnc_opts = {
.name = "sasl",
.type = QEMU_OPT_BOOL,
},{
-/* Deprecated in favour of tls-creds */
-.name = "tls",
-.type = QEMU_OPT_BOOL,
-},{
-/* Deprecated in favour of tls-creds */
-.name = "x509verify",
-.type = QEMU_OPT_STRING,
-},{
.name = "acl",
.type = QEMU_OPT_BOOL,
},{
@@ -3519,51 +3507,6 @@ vnc_display_setup_auth(int *auth,
}
-/*
- * Handle back compat with old CLI syntax by creating some
- * suitable QCryptoTLSCreds objects
- */
-static QCryptoTLSCreds *
-vnc_display_create_creds(bool x509,
- bool x509verify,
- const char *dir,
- const char *id,
- Error **errp)
-{
-gchar *credsid = g_strdup_printf("tlsvnc%s", id);
-Object *parent = object_get_objects_root();
-Object *creds;
-Error *err = NULL;
-
-if (x509) {
-creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_X509,
- parent,
- credsid,
- ,
- "endpoint", "server",
- "dir", dir,
- "verify-peer", x509verify ? "yes" : "no",
- NULL);
-} else {
-creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_ANON,
- parent,
- credsid,
- ,
- "endpoint", "server",
- NULL);
-}
-
-g_free(credsid);
-
-if (err) {
-error_propagate(errp, err);
-return NULL;
-}
-
-return QCRYPTO_TLS_CREDS(creds);
-}
-
-
static int vnc_display_get_address(const char *addrstr,
bool websocket,
bool reverse,
@@ -3930,15 +3873,6 @@ void vnc_display_open(const char *id, Error **errp)
credid = qemu_opt_get(opts, "tls-creds");
if (credid) {
Object *creds;
-if (qemu_opt_get(opts, "tls") ||
-qemu_opt_get(opts, "x509") ||
-qemu_opt_get(opts, "x509verify")) {
-error_setg(errp,
- "'tls-creds' parameter is mutually exclusive with "
- "'tls', 'x509' and 'x509verify' parameters");
-goto fail;
-}
-
creds = object_resolve_path_component(
object_get_objects_root(), credid);
if (!creds) {
@@ -3961,31 +3895,6 @@ void vnc_display_open(const char *id, Error **errp)
"Expecting TLS credentials with a server endpoint");
goto fail;
}
-} else {
-const char *path;
-bool tls = false, x509 = false, x509verify = false;
-tls = qemu_opt_get_bool(opts, "tls", false);
-if (tls) {
-path = qemu_opt_get(opts, "x509");
-
-if (path) {
-x509 = true;
-} else {
-path = qemu_opt_get(opts, "x509verify");
-if (path) {
-x509 = true;
-x509verify = true;
-}
-}
-vd->tlscreds = vnc_display_create_creds(x509,
-x509verify,
-path,
-vd->id,
-errp);
-if (!vd->tlscreds) {
-goto fail;
-}
-}
}
acl = qemu_opt_get_bool(opts,
[libvirt] [PULL 06/12] vnc: remove support for deprecated tls, x509, x509verify options
From: Daniel P. Berrangé
The 'tls-creds' option accepts the name of a TLS credentials
object. This replaced the usage of 'tls', 'x509' and 'x509verify'
options in 2.5.0. These deprecated options were grandfathered in
when the deprecation policy was introduded in 2.10.0, so can now
finally be removed.
Signed-off-by: Daniel P. Berrangé
Message-id: 20180725092751.21767-3-berra...@redhat.com
Signed-off-by: Gerd Hoffmann
---
ui/vnc.c | 91
qemu-deprecated.texi | 20
qemu-options.hx | 43 -
3 files changed, 154 deletions(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index 359693238b..fd929b0957 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -3345,10 +3345,6 @@ static QemuOptsList qemu_vnc_opts = {
.name = "tls-creds",
.type = QEMU_OPT_STRING,
},{
-/* Deprecated in favour of tls-creds */
-.name = "x509",
-.type = QEMU_OPT_STRING,
-},{
.name = "share",
.type = QEMU_OPT_STRING,
},{
@@ -3385,14 +3381,6 @@ static QemuOptsList qemu_vnc_opts = {
.name = "sasl",
.type = QEMU_OPT_BOOL,
},{
-/* Deprecated in favour of tls-creds */
-.name = "tls",
-.type = QEMU_OPT_BOOL,
-},{
-/* Deprecated in favour of tls-creds */
-.name = "x509verify",
-.type = QEMU_OPT_STRING,
-},{
.name = "acl",
.type = QEMU_OPT_BOOL,
},{
@@ -3519,51 +3507,6 @@ vnc_display_setup_auth(int *auth,
}
-/*
- * Handle back compat with old CLI syntax by creating some
- * suitable QCryptoTLSCreds objects
- */
-static QCryptoTLSCreds *
-vnc_display_create_creds(bool x509,
- bool x509verify,
- const char *dir,
- const char *id,
- Error **errp)
-{
-gchar *credsid = g_strdup_printf("tlsvnc%s", id);
-Object *parent = object_get_objects_root();
-Object *creds;
-Error *err = NULL;
-
-if (x509) {
-creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_X509,
- parent,
- credsid,
- ,
- "endpoint", "server",
- "dir", dir,
- "verify-peer", x509verify ? "yes" : "no",
- NULL);
-} else {
-creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_ANON,
- parent,
- credsid,
- ,
- "endpoint", "server",
- NULL);
-}
-
-g_free(credsid);
-
-if (err) {
-error_propagate(errp, err);
-return NULL;
-}
-
-return QCRYPTO_TLS_CREDS(creds);
-}
-
-
static int vnc_display_get_address(const char *addrstr,
bool websocket,
bool reverse,
@@ -3930,15 +3873,6 @@ void vnc_display_open(const char *id, Error **errp)
credid = qemu_opt_get(opts, "tls-creds");
if (credid) {
Object *creds;
-if (qemu_opt_get(opts, "tls") ||
-qemu_opt_get(opts, "x509") ||
-qemu_opt_get(opts, "x509verify")) {
-error_setg(errp,
- "'tls-creds' parameter is mutually exclusive with "
- "'tls', 'x509' and 'x509verify' parameters");
-goto fail;
-}
-
creds = object_resolve_path_component(
object_get_objects_root(), credid);
if (!creds) {
@@ -3961,31 +3895,6 @@ void vnc_display_open(const char *id, Error **errp)
"Expecting TLS credentials with a server endpoint");
goto fail;
}
-} else {
-const char *path;
-bool tls = false, x509 = false, x509verify = false;
-tls = qemu_opt_get_bool(opts, "tls", false);
-if (tls) {
-path = qemu_opt_get(opts, "x509");
-
-if (path) {
-x509 = true;
-} else {
-path = qemu_opt_get(opts, "x509verify");
-if (path) {
-x509 = true;
-x509verify = true;
-}
-}
-vd->tlscreds = vnc_display_create_creds(x509,
-x509verify,
-path,
-vd->id,
-errp);
-if (!vd->tlscreds) {
-goto fail;
-}
-}
}
acl = qemu_opt_get_bool(opts,
[libvirt] [PULL 06/12] vnc: remove support for deprecated tls, x509, x509verify options
From: Daniel P. Berrangé
The 'tls-creds' option accepts the name of a TLS credentials
object. This replaced the usage of 'tls', 'x509' and 'x509verify'
options in 2.5.0. These deprecated options were grandfathered in
when the deprecation policy was introduded in 2.10.0, so can now
finally be removed.
Signed-off-by: Daniel P. Berrangé
Message-id: 20180725092751.21767-3-berra...@redhat.com
Signed-off-by: Gerd Hoffmann
---
ui/vnc.c | 91
qemu-deprecated.texi | 20
qemu-options.hx | 43 -
3 files changed, 154 deletions(-)
diff --git a/ui/vnc.c b/ui/vnc.c
index 359693238b..fd929b0957 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -3345,10 +3345,6 @@ static QemuOptsList qemu_vnc_opts = {
.name = "tls-creds",
.type = QEMU_OPT_STRING,
},{
-/* Deprecated in favour of tls-creds */
-.name = "x509",
-.type = QEMU_OPT_STRING,
-},{
.name = "share",
.type = QEMU_OPT_STRING,
},{
@@ -3385,14 +3381,6 @@ static QemuOptsList qemu_vnc_opts = {
.name = "sasl",
.type = QEMU_OPT_BOOL,
},{
-/* Deprecated in favour of tls-creds */
-.name = "tls",
-.type = QEMU_OPT_BOOL,
-},{
-/* Deprecated in favour of tls-creds */
-.name = "x509verify",
-.type = QEMU_OPT_STRING,
-},{
.name = "acl",
.type = QEMU_OPT_BOOL,
},{
@@ -3519,51 +3507,6 @@ vnc_display_setup_auth(int *auth,
}
-/*
- * Handle back compat with old CLI syntax by creating some
- * suitable QCryptoTLSCreds objects
- */
-static QCryptoTLSCreds *
-vnc_display_create_creds(bool x509,
- bool x509verify,
- const char *dir,
- const char *id,
- Error **errp)
-{
-gchar *credsid = g_strdup_printf("tlsvnc%s", id);
-Object *parent = object_get_objects_root();
-Object *creds;
-Error *err = NULL;
-
-if (x509) {
-creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_X509,
- parent,
- credsid,
- ,
- "endpoint", "server",
- "dir", dir,
- "verify-peer", x509verify ? "yes" : "no",
- NULL);
-} else {
-creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_ANON,
- parent,
- credsid,
- ,
- "endpoint", "server",
- NULL);
-}
-
-g_free(credsid);
-
-if (err) {
-error_propagate(errp, err);
-return NULL;
-}
-
-return QCRYPTO_TLS_CREDS(creds);
-}
-
-
static int vnc_display_get_address(const char *addrstr,
bool websocket,
bool reverse,
@@ -3930,15 +3873,6 @@ void vnc_display_open(const char *id, Error **errp)
credid = qemu_opt_get(opts, "tls-creds");
if (credid) {
Object *creds;
-if (qemu_opt_get(opts, "tls") ||
-qemu_opt_get(opts, "x509") ||
-qemu_opt_get(opts, "x509verify")) {
-error_setg(errp,
- "'tls-creds' parameter is mutually exclusive with "
- "'tls', 'x509' and 'x509verify' parameters");
-goto fail;
-}
-
creds = object_resolve_path_component(
object_get_objects_root(), credid);
if (!creds) {
@@ -3961,31 +3895,6 @@ void vnc_display_open(const char *id, Error **errp)
"Expecting TLS credentials with a server endpoint");
goto fail;
}
-} else {
-const char *path;
-bool tls = false, x509 = false, x509verify = false;
-tls = qemu_opt_get_bool(opts, "tls", false);
-if (tls) {
-path = qemu_opt_get(opts, "x509");
-
-if (path) {
-x509 = true;
-} else {
-path = qemu_opt_get(opts, "x509verify");
-if (path) {
-x509 = true;
-x509verify = true;
-}
-}
-vd->tlscreds = vnc_display_create_creds(x509,
-x509verify,
-path,
-vd->id,
-errp);
-if (!vd->tlscreds) {
-goto fail;
-}
-}
}
acl = qemu_opt_get_bool(opts,
