From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Daniel P. Berrangé" <berrange@redhat.com>,
"Fabiano Rosas" <farosas@suse.de>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Marc-André Lureau" <marcandre.lureau@redhat.com>,
devel@lists.libvirt.org, "Laurent Vivier" <lvivier@redhat.com>
Subject: [PULL 26/32] crypto: make TLS credentials structs private
Date: Mon, 3 Nov 2025 13:37:20 +0000 [thread overview]
Message-ID: <20251103133727.423041-27-berrange@redhat.com> (raw)
In-Reply-To: <20251103133727.423041-1-berrange@redhat.com>
Now that the TLS session code no longer needs to look at the TLS
credential structs, they can be made private.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
crypto/tlscredsanon.c | 5 ++++-
crypto/tlscredspriv.h | 15 ---------------
crypto/tlscredspsk.c | 5 +++++
crypto/tlscredsx509.c | 6 ++++++
4 files changed, 15 insertions(+), 16 deletions(-)
diff --git a/crypto/tlscredsanon.c b/crypto/tlscredsanon.c
index 0a728ccbf6..646574d6ae 100644
--- a/crypto/tlscredsanon.c
+++ b/crypto/tlscredsanon.c
@@ -27,11 +27,14 @@
#include "trace.h"
+struct QCryptoTLSCredsAnon {
+ QCryptoTLSCreds parent_obj;
+};
+
#ifdef CONFIG_GNUTLS
#include <gnutls/gnutls.h>
-
static int
qcrypto_tls_creds_anon_load(QCryptoTLSCredsAnon *creds,
Error **errp)
diff --git a/crypto/tlscredspriv.h b/crypto/tlscredspriv.h
index 4e6dffa22f..69dac02437 100644
--- a/crypto/tlscredspriv.h
+++ b/crypto/tlscredspriv.h
@@ -37,21 +37,6 @@ struct QCryptoTLSCreds {
QCryptoTLSCredsBox *box;
};
-struct QCryptoTLSCredsAnon {
- QCryptoTLSCreds parent_obj;
-};
-
-struct QCryptoTLSCredsPSK {
- QCryptoTLSCreds parent_obj;
- char *username;
-};
-
-struct QCryptoTLSCredsX509 {
- QCryptoTLSCreds parent_obj;
- bool sanityCheck;
- char *passwordid;
-};
-
#ifdef CONFIG_GNUTLS
int qcrypto_tls_creds_get_path(QCryptoTLSCreds *creds,
diff --git a/crypto/tlscredspsk.c b/crypto/tlscredspsk.c
index 5568f1ad0c..8879c84ea7 100644
--- a/crypto/tlscredspsk.c
+++ b/crypto/tlscredspsk.c
@@ -27,6 +27,11 @@
#include "trace.h"
+struct QCryptoTLSCredsPSK {
+ QCryptoTLSCreds parent_obj;
+ char *username;
+};
+
#ifdef CONFIG_GNUTLS
#include <gnutls/gnutls.h>
diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c
index 388ddb7f0e..397ff4caa9 100644
--- a/crypto/tlscredsx509.c
+++ b/crypto/tlscredsx509.c
@@ -28,6 +28,12 @@
#include "trace.h"
+struct QCryptoTLSCredsX509 {
+ QCryptoTLSCreds parent_obj;
+ bool sanityCheck;
+ char *passwordid;
+};
+
#ifdef CONFIG_GNUTLS
#include <gnutls/gnutls.h>
--
2.51.1
next prev parent reply other threads:[~2025-11-03 13:46 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-03 13:36 [PULL 00/32] Next pr patches Daniel P. Berrangé
2025-11-03 13:36 ` [PULL 01/32] Implement -run-with exit-with-parent=on Daniel P. Berrangé
2025-11-03 13:36 ` [PULL 02/32] tests/qtest: Use exit-with-parent=on in qtest invocations Daniel P. Berrangé
2025-11-03 13:36 ` [PULL 03/32] crypto/hash: Have hashing functions take void * buffer argument Daniel P. Berrangé
2025-11-03 13:36 ` [PULL 04/32] io/channel: Have read/write " Daniel P. Berrangé
2025-11-03 13:36 ` [PULL 05/32] io: add a "blocking" field to QIOChannelSocket Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 06/32] io: flush zerocopy socket error queue on sendmsg failure due to ENOBUF Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 07/32] crypto: bump min gnutls to 3.7.5 Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 08/32] crypto: unconditionally enable gnutls XTS support Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 09/32] crypto: bump min libgcrypt to 1.9.4 Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 10/32] crypto: bump min nettle to 3.7.3 Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 11/32] crypto: drop in-tree XTS cipher mode impl Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 12/32] crypto: remove redundant parameter checking CA certs Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 13/32] crypto: add missing free of certs array Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 14/32] crypto: replace stat() with access() for credential checks Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 15/32] crypto: remove redundant access() checks before loading certs Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 16/32] crypto: move check for TLS creds 'dir' property Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 17/32] crypto: use g_autofree when loading x509 credentials Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 18/32] crypto: remove needless indirection via parent_obj field Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 19/32] crypto: move release of DH parameters into TLS creds parent Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 20/32] crypto: shorten the endpoint == server check in TLS creds Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 21/32] crypto: remove duplication loading x509 CA cert Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 22/32] crypto: reduce duplication in handling TLS priority strings Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 23/32] crypto: introduce method for reloading TLS creds Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 24/32] crypto: introduce a wrapper around gnutls credentials Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 25/32] crypto: fix lifecycle handling of gnutls credentials objects Daniel P. Berrangé
2025-11-03 13:37 ` Daniel P. Berrangé [this message]
2025-11-03 13:37 ` [PULL 27/32] crypto: deprecate use of external dh-params.pem file Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 28/32] crypto: avoid loading the CA certs twice Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 29/32] crypto: avoid loading the identity " Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 30/32] crypto: expand logic to cope with multiple certificate identities Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 31/32] crypto: support upto 5 parallel " Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 32/32] docs: creation of x509 certs compliant with post-quantum crypto Daniel P. Berrangé
2025-11-04 15:19 ` [PULL 00/32] Next pr patches Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251103133727.423041-27-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=devel@lists.libvirt.org \
--cc=farosas@suse.de \
--cc=lvivier@redhat.com \
--cc=marcandre.lureau@redhat.com \
--cc=pbonzini@redhat.com \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).