diff options
| -rw-r--r-- | crypto/block-luks.c | 16 | ||||
| -rw-r--r-- | scripts/qapi/schema.py | 1 | ||||
| -rw-r--r-- | tests/unit/test-crypto-block.c | 6 |
3 files changed, 8 insertions, 15 deletions
diff --git a/crypto/block-luks.c b/crypto/block-luks.c index df2b4105d6..ff9e3945d1 100644 --- a/crypto/block-luks.c +++ b/crypto/block-luks.c @@ -1597,13 +1597,13 @@ qcrypto_block_luks_amend_add_keyslot(QCryptoBlock *block, g_autofree char *new_password = NULL; g_autofree uint8_t *master_key = NULL; - char *secret = opts_luks->has_secret ? opts_luks->secret : luks->secret; + char *secret = opts_luks->secret ?: luks->secret; - if (!opts_luks->has_new_secret) { + if (!opts_luks->new_secret) { error_setg(errp, "'new-secret' is required to activate a keyslot"); return -1; } - if (opts_luks->has_old_secret) { + if (opts_luks->old_secret) { error_setg(errp, "'old-secret' must not be given when activating keyslots"); return -1; @@ -1677,7 +1677,7 @@ qcrypto_block_luks_amend_erase_keyslots(QCryptoBlock *block, g_autofree uint8_t *tmpkey = NULL; g_autofree char *old_password = NULL; - if (opts_luks->has_new_secret) { + if (opts_luks->new_secret) { error_setg(errp, "'new-secret' must not be given when erasing keyslots"); return -1; @@ -1687,14 +1687,14 @@ qcrypto_block_luks_amend_erase_keyslots(QCryptoBlock *block, "'iter-time' must not be given when erasing keyslots"); return -1; } - if (opts_luks->has_secret) { + if (opts_luks->secret) { error_setg(errp, "'secret' must not be given when erasing keyslots"); return -1; } /* Load the old password if given */ - if (opts_luks->has_old_secret) { + if (opts_luks->old_secret) { old_password = qcrypto_secret_lookup_as_utf8(opts_luks->old_secret, errp); if (!old_password) { @@ -1719,7 +1719,7 @@ qcrypto_block_luks_amend_erase_keyslots(QCryptoBlock *block, return -1; } - if (opts_luks->has_old_secret) { + if (opts_luks->old_secret) { int rv = qcrypto_block_luks_load_key(block, keyslot, old_password, @@ -1761,7 +1761,7 @@ qcrypto_block_luks_amend_erase_keyslots(QCryptoBlock *block, } /* Erase all keyslots that match the given old password */ - } else if (opts_luks->has_old_secret) { + } else if (opts_luks->old_secret) { unsigned long slots_to_erase_bitmap = 0; size_t i; diff --git a/scripts/qapi/schema.py b/scripts/qapi/schema.py index 707c671133..21d0b28790 100644 --- a/scripts/qapi/schema.py +++ b/scripts/qapi/schema.py @@ -759,7 +759,6 @@ class QAPISchemaObjectTypeMember(QAPISchemaMember): assert self.type # Temporary hack to support dropping the has_FOO in reviewable chunks opt_out = [ - 'qapi/crypto.json', 'qapi/dump.json', 'qapi/job.json', 'qapi/machine.json', diff --git a/tests/unit/test-crypto-block.c b/tests/unit/test-crypto-block.c index b629e240a9..347cd5f3d7 100644 --- a/tests/unit/test-crypto-block.c +++ b/tests/unit/test-crypto-block.c @@ -41,7 +41,6 @@ static QCryptoBlockCreateOptions qcow_create_opts = { .format = Q_CRYPTO_BLOCK_FORMAT_QCOW, .u.qcow = { - .has_key_secret = true, .key_secret = (char *)"sec0", }, }; @@ -49,7 +48,6 @@ static QCryptoBlockCreateOptions qcow_create_opts = { static QCryptoBlockOpenOptions qcow_open_opts = { .format = Q_CRYPTO_BLOCK_FORMAT_QCOW, .u.qcow = { - .has_key_secret = true, .key_secret = (char *)"sec0", }, }; @@ -59,7 +57,6 @@ static QCryptoBlockOpenOptions qcow_open_opts = { static QCryptoBlockOpenOptions luks_open_opts = { .format = Q_CRYPTO_BLOCK_FORMAT_LUKS, .u.luks = { - .has_key_secret = true, .key_secret = (char *)"sec0", }, }; @@ -69,7 +66,6 @@ static QCryptoBlockOpenOptions luks_open_opts = { static QCryptoBlockCreateOptions luks_create_opts_default = { .format = Q_CRYPTO_BLOCK_FORMAT_LUKS, .u.luks = { - .has_key_secret = true, .key_secret = (char *)"sec0", }, }; @@ -79,7 +75,6 @@ static QCryptoBlockCreateOptions luks_create_opts_default = { static QCryptoBlockCreateOptions luks_create_opts_aes256_cbc_plain64 = { .format = Q_CRYPTO_BLOCK_FORMAT_LUKS, .u.luks = { - .has_key_secret = true, .key_secret = (char *)"sec0", .has_cipher_alg = true, .cipher_alg = QCRYPTO_CIPHER_ALG_AES_256, @@ -94,7 +89,6 @@ static QCryptoBlockCreateOptions luks_create_opts_aes256_cbc_plain64 = { static QCryptoBlockCreateOptions luks_create_opts_aes256_cbc_essiv = { .format = Q_CRYPTO_BLOCK_FORMAT_LUKS, .u.luks = { - .has_key_secret = true, .key_secret = (char *)"sec0", .has_cipher_alg = true, .cipher_alg = QCRYPTO_CIPHER_ALG_AES_256, |