85 lines
3.3 KiB
Diff
85 lines
3.3 KiB
Diff
From 5df4d5dc38491553e3d1e454f1cd233bda0b990a Mon Sep 17 00:00:00 2001
|
|
Message-ID: <5df4d5dc38491553e3d1e454f1cd233bda0b990a.1755522824.git.jdenemar@redhat.com>
|
|
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
|
|
Date: Wed, 16 Jul 2025 16:32:05 +0100
|
|
Subject: [PATCH] qemu: fix order of VNC TLS config entries
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
For TLS config parameters, the 'verify' option always comes before the
|
|
'secret_uuid' option, except in the VNC case which has them reversed.
|
|
|
|
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
|
|
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
(cherry picked from commit 845e1b5138f37dbf91e5b08b7d54d963a6ec0452)
|
|
|
|
Resolves: https://issues.redhat.com/browse/RHEL-106276
|
|
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
---
|
|
src/qemu/libvirtd_qemu.aug | 2 +-
|
|
src/qemu/qemu.conf.in | 12 ++++++------
|
|
src/qemu/test_libvirtd_qemu.aug.in | 2 +-
|
|
3 files changed, 8 insertions(+), 8 deletions(-)
|
|
|
|
diff --git a/src/qemu/libvirtd_qemu.aug b/src/qemu/libvirtd_qemu.aug
|
|
index 1377fd89cc..3f018f39a0 100644
|
|
--- a/src/qemu/libvirtd_qemu.aug
|
|
+++ b/src/qemu/libvirtd_qemu.aug
|
|
@@ -35,8 +35,8 @@ module Libvirtd_qemu =
|
|
| bool_entry "vnc_auto_unix_socket"
|
|
| bool_entry "vnc_tls"
|
|
| str_entry "vnc_tls_x509_cert_dir"
|
|
- | str_entry "vnc_tls_x509_secret_uuid"
|
|
| bool_entry "vnc_tls_x509_verify"
|
|
+ | str_entry "vnc_tls_x509_secret_uuid"
|
|
| str_entry "vnc_password"
|
|
| bool_entry "vnc_sasl"
|
|
| str_entry "vnc_sasl_dir"
|
|
diff --git a/src/qemu/qemu.conf.in b/src/qemu/qemu.conf.in
|
|
index 89c9b6b913..3365834200 100644
|
|
--- a/src/qemu/qemu.conf.in
|
|
+++ b/src/qemu/qemu.conf.in
|
|
@@ -101,12 +101,6 @@
|
|
#vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc"
|
|
|
|
|
|
-# Uncomment and use the following option to override the default secret
|
|
-# UUID provided in the default_tls_x509_secret_uuid parameter.
|
|
-#
|
|
-#vnc_tls_x509_secret_uuid = "00000000-0000-0000-0000-000000000000"
|
|
-
|
|
-
|
|
# The default TLS configuration only uses certificates for the server
|
|
# allowing the client to verify the server's identity and establish
|
|
# an encrypted channel.
|
|
@@ -125,6 +119,12 @@
|
|
#vnc_tls_x509_verify = 1
|
|
|
|
|
|
+# Uncomment and use the following option to override the default secret
|
|
+# UUID provided in the default_tls_x509_secret_uuid parameter.
|
|
+#
|
|
+#vnc_tls_x509_secret_uuid = "00000000-0000-0000-0000-000000000000"
|
|
+
|
|
+
|
|
# The default VNC password. Only 8 bytes are significant for
|
|
# VNC passwords. This parameter is only used if the per-domain
|
|
# XML config does not already provide a password. To allow
|
|
diff --git a/src/qemu/test_libvirtd_qemu.aug.in b/src/qemu/test_libvirtd_qemu.aug.in
|
|
index 69fdae215a..86b3844d2c 100644
|
|
--- a/src/qemu/test_libvirtd_qemu.aug.in
|
|
+++ b/src/qemu/test_libvirtd_qemu.aug.in
|
|
@@ -9,8 +9,8 @@ module Test_libvirtd_qemu =
|
|
{ "vnc_auto_unix_socket" = "1" }
|
|
{ "vnc_tls" = "1" }
|
|
{ "vnc_tls_x509_cert_dir" = "/etc/pki/libvirt-vnc" }
|
|
-{ "vnc_tls_x509_secret_uuid" = "00000000-0000-0000-0000-000000000000" }
|
|
{ "vnc_tls_x509_verify" = "1" }
|
|
+{ "vnc_tls_x509_secret_uuid" = "00000000-0000-0000-0000-000000000000" }
|
|
{ "vnc_password" = "XYZ12345" }
|
|
{ "vnc_sasl" = "1" }
|
|
{ "vnc_sasl_dir" = "/some/directory/sasl2" }
|
|
--
|
|
2.50.1
|