vnc: support reload x509 certificates for vnc
This patch add vnc_display_reload_certs() to support update x509 certificates. Signed-off-by: Zihao Chang <changzihao1@huawei.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210316075845.1476-3-changzihao1@huawei.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This commit is contained in:
parent
a29acc9c31
commit
1f08e34151
|
@ -476,6 +476,7 @@ int vnc_display_password(const char *id, const char *password);
|
||||||
int vnc_display_pw_expire(const char *id, time_t expires);
|
int vnc_display_pw_expire(const char *id, time_t expires);
|
||||||
void vnc_parse(const char *str);
|
void vnc_parse(const char *str);
|
||||||
int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp);
|
int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp);
|
||||||
|
bool vnc_display_reload_certs(const char *id, Error **errp);
|
||||||
|
|
||||||
/* input.c */
|
/* input.c */
|
||||||
int index_from_key(const char *key, size_t key_length);
|
int index_from_key(const char *key, size_t key_length);
|
||||||
|
|
28
ui/vnc.c
28
ui/vnc.c
|
@ -585,6 +585,34 @@ VncInfo2List *qmp_query_vnc_servers(Error **errp)
|
||||||
return prev;
|
return prev;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool vnc_display_reload_certs(const char *id, Error **errp)
|
||||||
|
{
|
||||||
|
VncDisplay *vd = vnc_display_find(id);
|
||||||
|
QCryptoTLSCredsClass *creds = NULL;
|
||||||
|
|
||||||
|
if (!vd) {
|
||||||
|
error_setg(errp, "Can not find vnc display");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!vd->tlscreds) {
|
||||||
|
error_setg(errp, "vnc tls is not enable");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
creds = QCRYPTO_TLS_CREDS_GET_CLASS(OBJECT(vd->tlscreds));
|
||||||
|
if (creds->reload == NULL) {
|
||||||
|
error_setg(errp, "%s doesn't support to reload TLS credential",
|
||||||
|
object_get_typename(OBJECT(vd->tlscreds)));
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (!creds->reload(vd->tlscreds, errp)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
/* TODO
|
/* TODO
|
||||||
1) Get the queue working for IO.
|
1) Get the queue working for IO.
|
||||||
2) there is some weirdness when using the -S option (the screen is grey
|
2) there is some weirdness when using the -S option (the screen is grey
|
||||||
|
|
Loading…
Reference in New Issue