From: Philippe Mathieu-Daudé <phi...@redhat.com>
Avoid accessing QCryptoTLSCreds internals by using
the qcrypto_tls_creds_check_endpoint() helper.
Tested-by: Akihiko Odaki <akihiko.od...@gmail.com>
Reviewed-by: Eric Blake <ebl...@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <phi...@redhat.com>
Signed-off-by: Daniel P. Berrangé <berra...@redhat.com>
(cherry picked from commit 0279cd9535283cf5711768ab6401b204e5697a81)
Signed-off-by: Michael Roth <michael.r...@amd.com>
---
qemu-nbd.c | 19 +++++++------------
1 file changed, 7 insertions(+), 12 deletions(-)
diff --git a/qemu-nbd.c b/qemu-nbd.c
index 93ef4e288f..26ffbf15af 100644
--- a/qemu-nbd.c
+++ b/qemu-nbd.c
@@ -43,6 +43,7 @@
#include "io/channel-socket.h"
#include "io/net-listener.h"
#include "crypto/init.h"
+#include "crypto/tlscreds.h"
#include "trace/control.h"
#include "qemu-version.h"
@@ -422,18 +423,12 @@ static QCryptoTLSCreds *nbd_get_tls_creds(const char *id,
bool list,
return NULL;
}
- if (list) {
- if (creds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT) {
- error_setg(errp,
- "Expecting TLS credentials with a client endpoint");
- return NULL;
- }
- } else {
- if (creds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
- error_setg(errp,
- "Expecting TLS credentials with a server endpoint");
- return NULL;
- }
+ if (!qcrypto_tls_creds_check_endpoint(creds,
+ list
+ ? QCRYPTO_TLS_CREDS_ENDPOINT_CLIENT
+ : QCRYPTO_TLS_CREDS_ENDPOINT_SERVER,
+ errp)) {
+ return NULL;
}
object_ref(obj);
return creds;
--
2.25.1
