Re: [PATCH v2 2/7] block/nbd: Use qcrypto_tls_creds_check

qemu-block

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 2/7] block/nbd: Use qcrypto_tls_creds_check_endpoint()

From:	Daniel P . Berrangé
Subject:	Re: [PATCH v2 2/7] block/nbd: Use qcrypto_tls_creds_check_endpoint()
Date:	Tue, 15 Jun 2021 17:51:11 +0100
User-agent:	Mutt/2.0.7 (2021-05-04)

On Tue, Jun 15, 2021 at 06:47:46PM +0200, Philippe Mathieu-Daudé wrote:
> Avoid accessing QCryptoTLSCreds internals by using
> the qcrypto_tls_creds_check_endpoint() helper.
> 
> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
> ---
>  block/nbd.c    | 3 ++-
>  blockdev-nbd.c | 3 ++-
>  2 files changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/block/nbd.c b/block/nbd.c
> index 616f9ae6c4d..c3523ebf785 100644
> --- a/block/nbd.c
> +++ b/block/nbd.c
> @@ -2159,7 +2159,8 @@ static QCryptoTLSCreds *nbd_get_tls_creds(const char 
> *id, Error **errp)
>          return NULL;
>      }
>  
> -    if (creds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT) {
> +    if (!qcrypto_tls_creds_check_endpoint(creds,
> +                                          
> QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT)) {
>          error_setg(errp,
>                     "Expecting TLS credentials with a client endpoint");

I'd suggest we pass 'errp' into the qcrypto_tls_creds_check_endpoint
method, so we don't duplicate the error message in all callers.

>          return NULL;
> diff --git a/blockdev-nbd.c b/blockdev-nbd.c
> index b264620b98d..b6023052ac7 100644
> --- a/blockdev-nbd.c
> +++ b/blockdev-nbd.c
> @@ -108,7 +108,8 @@ static QCryptoTLSCreds *nbd_get_tls_creds(const char *id, 
> Error **errp)
>          return NULL;
>      }
>  
> -    if (creds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
> +    if (!qcrypto_tls_creds_check_endpoint(creds,
> +                                          
> QCRYPTO_TLS_CREDS_ENDPOINT_SERVER)) {
>          error_setg(errp,
>                     "Expecting TLS credentials with a server endpoint");
>          return NULL;
> -- 
> 2.31.1
> 

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH v2 0/7] crypto: Make QCryptoTLSCreds* structures private, Philippe Mathieu-Daudé, 2021/06/15
- [PATCH v2 1/7] crypto/tlscreds: Introduce qcrypto_tls_creds_check_endpoint() helper, Philippe Mathieu-Daudé, 2021/06/15
- [PATCH v2 2/7] block/nbd: Use qcrypto_tls_creds_check_endpoint(), Philippe Mathieu-Daudé, 2021/06/15
  - Re: [PATCH v2 2/7] block/nbd: Use qcrypto_tls_creds_check_endpoint(), Daniel P . Berrangé <=
- [PATCH v2 3/7] chardev/socket: Use qcrypto_tls_creds_check_endpoint(), Philippe Mathieu-Daudé, 2021/06/15
- [PATCH v2 4/7] migration/tls: Use qcrypto_tls_creds_check_endpoint(), Philippe Mathieu-Daudé, 2021/06/15
- [PATCH v2 5/7] crypto/tlssession: Introduce qcrypto_tls_creds_check_endpoint() helper, Philippe Mathieu-Daudé, 2021/06/15
- [PATCH v2 6/7] ui/vnc: Use qcrypto_tls_session_check_role(), Philippe Mathieu-Daudé, 2021/06/15
- [PATCH v2 7/7] crypto: Make QCryptoTLSCreds* structures private, Philippe Mathieu-Daudé, 2021/06/15
  - Re: [PATCH v2 7/7] crypto: Make QCryptoTLSCreds* structures private, Daniel P . Berrangé, 2021/06/15
    - Re: [PATCH v2 7/7] crypto: Make QCryptoTLSCreds* structures private, Philippe Mathieu-Daudé, 2021/06/15
    - Re: [PATCH v2 7/7] crypto: Make QCryptoTLSCreds* structures private, Daniel P . Berrangé, 2021/06/15

Prev by Date: Re: [PATCH v3 7/7] block: detect DKIOCGETBLOCKCOUNT/SIZE before use
Next by Date: Re: [PATCH v2 7/7] crypto: Make QCryptoTLSCreds* structures private
Previous by thread: [PATCH v2 2/7] block/nbd: Use qcrypto_tls_creds_check_endpoint()
Next by thread: [PATCH v2 3/7] chardev/socket: Use qcrypto_tls_creds_check_endpoint()
Index(es):
- Date
- Thread