From ec86faa934cb31d97f738134547137f16d17c0d0 Mon Sep 17 00:00:00 2001 From: Daniel P. Berrangé Date: Wed, 25 Jul 2018 10:27:51 +0100 Subject: vnc: remove support for deprecated tls, x509, x509verify options The 'tls-creds' option accepts the name of a TLS credentials object. This replaced the usage of 'tls', 'x509' and 'x509verify' options in 2.5.0. These deprecated options were grandfathered in when the deprecation policy was introduded in 2.10.0, so can now finally be removed. Signed-off-by: Daniel P. Berrangé Message-id: 20180725092751.21767-3-berrange@redhat.com Signed-off-by: Gerd Hoffmann --- ui/vnc.c | 91 ---------------------------------------------------------------- 1 file changed, 91 deletions(-) (limited to 'ui') diff --git a/ui/vnc.c b/ui/vnc.c index 359693238b..fd929b0957 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -3344,10 +3344,6 @@ static QemuOptsList qemu_vnc_opts = { },{ .name = "tls-creds", .type = QEMU_OPT_STRING, - },{ - /* Deprecated in favour of tls-creds */ - .name = "x509", - .type = QEMU_OPT_STRING, },{ .name = "share", .type = QEMU_OPT_STRING, @@ -3384,14 +3380,6 @@ static QemuOptsList qemu_vnc_opts = { },{ .name = "sasl", .type = QEMU_OPT_BOOL, - },{ - /* Deprecated in favour of tls-creds */ - .name = "tls", - .type = QEMU_OPT_BOOL, - },{ - /* Deprecated in favour of tls-creds */ - .name = "x509verify", - .type = QEMU_OPT_STRING, },{ .name = "acl", .type = QEMU_OPT_BOOL, @@ -3519,51 +3507,6 @@ vnc_display_setup_auth(int *auth, } -/* - * Handle back compat with old CLI syntax by creating some - * suitable QCryptoTLSCreds objects - */ -static QCryptoTLSCreds * -vnc_display_create_creds(bool x509, - bool x509verify, - const char *dir, - const char *id, - Error **errp) -{ - gchar *credsid = g_strdup_printf("tlsvnc%s", id); - Object *parent = object_get_objects_root(); - Object *creds; - Error *err = NULL; - - if (x509) { - creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_X509, - parent, - credsid, - &err, - "endpoint", "server", - "dir", dir, - "verify-peer", x509verify ? "yes" : "no", - NULL); - } else { - creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_ANON, - parent, - credsid, - &err, - "endpoint", "server", - NULL); - } - - g_free(credsid); - - if (err) { - error_propagate(errp, err); - return NULL; - } - - return QCRYPTO_TLS_CREDS(creds); -} - - static int vnc_display_get_address(const char *addrstr, bool websocket, bool reverse, @@ -3930,15 +3873,6 @@ void vnc_display_open(const char *id, Error **errp) credid = qemu_opt_get(opts, "tls-creds"); if (credid) { Object *creds; - if (qemu_opt_get(opts, "tls") || - qemu_opt_get(opts, "x509") || - qemu_opt_get(opts, "x509verify")) { - error_setg(errp, - "'tls-creds' parameter is mutually exclusive with " - "'tls', 'x509' and 'x509verify' parameters"); - goto fail; - } - creds = object_resolve_path_component( object_get_objects_root(), credid); if (!creds) { @@ -3961,31 +3895,6 @@ void vnc_display_open(const char *id, Error **errp) "Expecting TLS credentials with a server endpoint"); goto fail; } - } else { - const char *path; - bool tls = false, x509 = false, x509verify = false; - tls = qemu_opt_get_bool(opts, "tls", false); - if (tls) { - path = qemu_opt_get(opts, "x509"); - - if (path) { - x509 = true; - } else { - path = qemu_opt_get(opts, "x509verify"); - if (path) { - x509 = true; - x509verify = true; - } - } - vd->tlscreds = vnc_display_create_creds(x509, - x509verify, - path, - vd->id, - errp); - if (!vd->tlscreds) { - goto fail; - } - } } acl = qemu_opt_get_bool(opts, "acl", false); -- cgit v1.2.3-55-g7522