From 5e76dbcf3922074cbf708c3ffe8adc6e108bac76 Mon Sep 17 00:00:00 2001 Message-Id: <5e76dbcf3922074cbf708c3ffe8adc6e108bac76@dist-git> From: Peter Krempa Date: Mon, 16 Mar 2020 22:11:59 +0100 Subject: [PATCH] qemuDomainValidateStorageSource: Validate new network storage parameters MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Ensure that the new fields are allowed only when -blockdev is used or when they are in the detected part of the backing chain where qemu will handle them internally. Signed-off-by: Peter Krempa Reviewed-by: Ján Tomko (cherry picked from commit c1409e308f8e10f28ff4977309b2573a1a2d8763) https://bugzilla.redhat.com/show_bug.cgi?id=1804750 Message-Id: <3b47d0ff8f492506588d6ddeda49d2e4e43cc5aa.1584391727.git.pkrempa@redhat.com> Reviewed-by: Ján Tomko --- src/qemu/qemu_domain.c | 75 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 65df463acc..2920e699f6 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -6953,6 +6953,81 @@ qemuDomainValidateStorageSource(virStorageSourcePtr src, } } + if (src->sslverify != VIR_TRISTATE_BOOL_ABSENT) { + if (actualType != VIR_STORAGE_TYPE_NETWORK || + (src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTPS && + src->protocol != VIR_STORAGE_NET_PROTOCOL_FTPS)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("ssl verification is supported only with HTTPS/FTPS protocol")); + return -1; + } + + if (!src->detected && + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_BLOCKDEV)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("ssl verification setting is not supported by this QEMU binary")); + return -1; + } + } + + if (src->ncookies > 0) { + if (actualType != VIR_STORAGE_TYPE_NETWORK || + (src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTPS && + src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTP)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("http cookies are supported only with HTTP(S) protocol")); + return -1; + } + + if (!src->detected && + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_BLOCKDEV)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("http cookies are not supported by this QEMU binary")); + return -1; + } + + if (virStorageSourceNetCookiesValidate(src) < 0) + return -1; + } + + if (src->readahead > 0) { + if (actualType != VIR_STORAGE_TYPE_NETWORK || + (src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTPS && + src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTP && + src->protocol != VIR_STORAGE_NET_PROTOCOL_FTP && + src->protocol != VIR_STORAGE_NET_PROTOCOL_FTPS)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("readaehad is supported only with HTTP(S)/FTP(s) protocols")); + return -1; + } + + if (!src->detected && + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_BLOCKDEV)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("readahead setting is not supported with this QEMU binary")); + return -1; + } + } + + if (src->timeout > 0) { + if (actualType != VIR_STORAGE_TYPE_NETWORK || + (src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTPS && + src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTP && + src->protocol != VIR_STORAGE_NET_PROTOCOL_FTP && + src->protocol != VIR_STORAGE_NET_PROTOCOL_FTPS)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("timeout is supported only with HTTP(S)/FTP(s) protocols")); + return -1; + } + + if (!src->detected && + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_BLOCKDEV)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("timeout setting is not supported with this QEMU binary")); + return -1; + } + } + return 0; } -- 2.25.1