qemu-nbd: Use qcrypto_tls_creds_check_endpoint()

Avoid accessing QCryptoTLSCreds internals by using
the qcrypto_tls_creds_check_endpoint() helper.

Tested-by: Akihiko Odaki <akihiko.odaki@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Philippe Mathieu-Daudé 2021-06-28 18:09:10 +02:00 committed by Daniel P. Berrangé
parent 7b3b616838
commit 0279cd9535

View File

@ -43,6 +43,7 @@
#include "io/channel-socket.h"
#include "io/net-listener.h"
#include "crypto/init.h"
#include "crypto/tlscreds.h"
#include "trace/control.h"
#include "qemu-version.h"
@ -422,19 +423,13 @@ static QCryptoTLSCreds *nbd_get_tls_creds(const char *id, bool list,
return NULL;
}
if (list) {
if (creds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT) {
error_setg(errp,
"Expecting TLS credentials with a client endpoint");
if (!qcrypto_tls_creds_check_endpoint(creds,
list
? QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT
: QCRYPTO_TLS_CREDS_ENDPOINT_SERVER,
errp)) {
return NULL;
}
} else {
if (creds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
error_setg(errp,
"Expecting TLS credentials with a server endpoint");
return NULL;
}
}
object_ref(obj);
return creds;
}