aboutsummaryrefslogtreecommitdiff
path: root/crypto/secret_common.c
diff options
context:
space:
mode:
authorPaolo Bonzini <pbonzini@redhat.com>2022-05-09 11:42:23 +0200
committerPaolo Bonzini <pbonzini@redhat.com>2022-05-14 12:33:44 +0200
commit0310641c06dd5f7ea031b2b6170cb2edc63e4cea (patch)
treec3eb75d01a2e96b3bacec202be35a3b1cc882bbb /crypto/secret_common.c
parentc3c67679f65903b7d1fe25da8fc4e163878ab2b9 (diff)
downloadqemu-0310641c06dd5f7ea031b2b6170cb2edc63e4cea.zip
qemu-0310641c06dd5f7ea031b2b6170cb2edc63e4cea.tar.gz
qemu-0310641c06dd5f7ea031b2b6170cb2edc63e4cea.tar.bz2
crypto: make loaded property read-only
The ``loaded=on`` option in the command line or QMP ``object-add`` either had no effect (if ``loaded`` was the last option) or caused options to be effectively ignored as if they were not given. The property is therefore useless and was deprecated in 6.0; make it read-only now. The patch is best reviewed with "-b". Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'crypto/secret_common.c')
-rw-r--r--crypto/secret_common.c88
1 files changed, 37 insertions, 51 deletions
diff --git a/crypto/secret_common.c b/crypto/secret_common.c
index 714a15d..3441c44 100644
--- a/crypto/secret_common.c
+++ b/crypto/secret_common.c
@@ -138,36 +138,44 @@ static void qcrypto_secret_decode(const uint8_t *input,
static void
-qcrypto_secret_prop_set_loaded(Object *obj,
- bool value,
- Error **errp)
+qcrypto_secret_complete(UserCreatable *uc, Error **errp)
{
- QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
+ QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(uc);
QCryptoSecretCommonClass *sec_class
- = QCRYPTO_SECRET_COMMON_GET_CLASS(obj);
-
- if (value) {
- Error *local_err = NULL;
- uint8_t *input = NULL;
- size_t inputlen = 0;
- uint8_t *output = NULL;
- size_t outputlen = 0;
-
- if (sec_class->load_data) {
- sec_class->load_data(secret, &input, &inputlen, &local_err);
- if (local_err) {
- error_propagate(errp, local_err);
- return;
- }
- } else {
- error_setg(errp, "%s provides no 'load_data' method'",
- object_get_typename(obj));
+ = QCRYPTO_SECRET_COMMON_GET_CLASS(uc);
+
+ Error *local_err = NULL;
+ uint8_t *input = NULL;
+ size_t inputlen = 0;
+ uint8_t *output = NULL;
+ size_t outputlen = 0;
+
+ if (sec_class->load_data) {
+ sec_class->load_data(secret, &input, &inputlen, &local_err);
+ if (local_err) {
+ error_propagate(errp, local_err);
return;
}
+ } else {
+ error_setg(errp, "%s provides no 'load_data' method'",
+ object_get_typename(OBJECT(uc)));
+ return;
+ }
- if (secret->keyid) {
- qcrypto_secret_decrypt(secret, input, inputlen,
- &output, &outputlen, &local_err);
+ if (secret->keyid) {
+ qcrypto_secret_decrypt(secret, input, inputlen,
+ &output, &outputlen, &local_err);
+ g_free(input);
+ if (local_err) {
+ error_propagate(errp, local_err);
+ return;
+ }
+ input = output;
+ inputlen = outputlen;
+ } else {
+ if (secret->format == QCRYPTO_SECRET_FORMAT_BASE64) {
+ qcrypto_secret_decode(input, inputlen,
+ &output, &outputlen, &local_err);
g_free(input);
if (local_err) {
error_propagate(errp, local_err);
@@ -175,26 +183,11 @@ qcrypto_secret_prop_set_loaded(Object *obj,
}
input = output;
inputlen = outputlen;
- } else {
- if (secret->format == QCRYPTO_SECRET_FORMAT_BASE64) {
- qcrypto_secret_decode(input, inputlen,
- &output, &outputlen, &local_err);
- g_free(input);
- if (local_err) {
- error_propagate(errp, local_err);
- return;
- }
- input = output;
- inputlen = outputlen;
- }
}
-
- secret->rawdata = input;
- secret->rawlen = inputlen;
- } else if (secret->rawdata) {
- error_setg(errp, "Cannot unload secret");
- return;
}
+
+ secret->rawdata = input;
+ secret->rawlen = inputlen;
}
@@ -269,13 +262,6 @@ qcrypto_secret_prop_get_keyid(Object *obj,
static void
-qcrypto_secret_complete(UserCreatable *uc, Error **errp)
-{
- object_property_set_bool(OBJECT(uc), "loaded", true, errp);
-}
-
-
-static void
qcrypto_secret_finalize(Object *obj)
{
QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
@@ -294,7 +280,7 @@ qcrypto_secret_class_init(ObjectClass *oc, void *data)
object_class_property_add_bool(oc, "loaded",
qcrypto_secret_prop_get_loaded,
- qcrypto_secret_prop_set_loaded);
+ NULL);
object_class_property_add_enum(oc, "format",
"QCryptoSecretFormat",
&QCryptoSecretFormat_lookup,