Commit Graph

18 Commits

Author SHA1 Message Date
Daniel P. Berrange
d321e1e526 crypto: introduce new module for handling TLS sessions
Introduce a QCryptoTLSSession object that will encapsulate
all the code for setting up and using a client/sever TLS
session. This isolates the code which depends on the gnutls
library, avoiding #ifdefs in the rest of the codebase, as
well as facilitating any possible future port to other TLS
libraries, if desired. It makes use of the previously
defined QCryptoTLSCreds object to access credentials to
use with the session. It also includes further unit tests
to validate the correctness of the TLS session handshake
and certificate validation. This is functionally equivalent
to the current TLS session handling code embedded in the
VNC server, and will obsolete it.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-09-15 15:07:43 +01:00
Daniel P. Berrange
9a2fd4347c crypto: add sanity checking of TLS x509 credentials
If the administrator incorrectly sets up their x509 certificates,
the errors seen at runtime during connection attempts are very
obscure and difficult to diagnose. This has been a particular
problem for people using openssl to generate their certificates
instead of the gnutls certtool, because the openssl tools don't
turn on the various x509 extensions that gnutls expects to be
present by default.

This change thus adds support in the TLS credentials object to
sanity check the certificates when QEMU first loads them. This
gives the administrator immediate feedback for the majority of
common configuration mistakes, reducing the pain involved in
setting up TLS. The code is derived from equivalent code that
has been part of libvirt's TLS support and has been seen to be
valuable in assisting admins.

It is possible to disable the sanity checking, however, via
the new 'sanity-check' property on the tls-creds object type,
with a value of 'no'.

Unit tests are included in this change to verify the correctness
of the sanity checking code in all the key scenarios it is
intended to cope with. As part of the test suite, the pkix_asn1_tab.c
from gnutls is imported. This file is intentionally copied from the
(long since obsolete) gnutls 1.6.3 source tree, since that version
was still under GPLv2+, rather than the GPLv3+ of gnutls >= 2.0.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-09-15 15:05:09 +01:00
Daniel P. Berrange
ca38a4cc9e crypto: introduce generic cipher API & built-in implementation
Introduce a generic cipher API and an implementation of it that
supports only the built-in AES and DES-RFB algorithms.

The test suite checks the supported algorithms + modes to
validate that every backend implementation is actually correctly
complying with the specs.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1435770638-25715-5-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-07-08 13:11:01 +02:00
Daniel P. Berrange
ddbb0d0966 crypto: introduce new module for computing hash digests
Introduce a new crypto/ directory that will (eventually) contain
all the cryptographic related code. This initially defines a
wrapper for initializing gnutls and for computing hashes with
gnutls. The former ensures that gnutls is guaranteed to be
initialized exactly once in QEMU regardless of CLI args. The
block quorum code currently fails to initialize gnutls so it
only works by luck, if VNC server TLS is not requested. The
hash APIs avoids the need to litter the rest of the code with
preprocessor checks and simplifies callers by allocating the
correct amount of memory for the requested hash.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1435770638-25715-2-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-07-07 12:04:07 +02:00
Daniel P. Berrange
a31bdae5a7 qom: Add object_new_with_props() / object_new_withpropv() helpers
It is reasonably common to want to create an object, set a
number of properties, register it in the hierarchy and then
mark it as complete (if a user creatable type). This requires
quite a lot of error prone, verbose, boilerplate code to achieve.

First a pair of functions object_set_props() / object_set_propv()
are added which allow for a list of objects to be set in
one single API call.

Then object_new_with_props() / object_new_with_propv() constructors
are added which simplify the sequence of calls to create an
object, populate properties, register in the object composition
tree and mark the object complete, into a single method call.

Usage would be:

   Error *err = NULL;
   Object *obj;
   obj = object_new_with_propv(TYPE_MEMORY_BACKEND_FILE,
                               object_get_objects_root(),
                               "hostmem0",
                               &err,
                               "share", "yes",
                               "mem-path", "/dev/shm/somefile",
                               "prealloc", "yes",
                               "size", "1048576",
                               NULL);

Note all property values are passed in string form and will
be parsed into their required data types, using normal QOM
semantics for parsing from string format.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-06-19 18:42:18 +02:00
Cole Robinson
acff77b1ea gitignore: Ignore new tests
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-10 08:15:34 +03:00
Eric Blake
597db727cc qapi: Ignore files created during make check
After an in-tree build and run of 'make check-{qapi-schema,unit}',
I noticed some leftover files.

Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Wenchao Xia <wenchaoqemu@gmail.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-09-26 21:18:15 +04:00
Cole Robinson
a27b04577e tests/.gitignore: Ignore test-rfifolock
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-04-27 13:04:18 +04:00
Laszlo Ersek
296b14491a move test-* from .gitignore to tests/.gitignore
Also sort the test-* entries in the latter.

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-04-27 13:04:18 +04:00
Fam Zheng
b76afd1072 tests/.gitignore: Ignore tests/check-qom-interface
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-02-01 13:56:31 +04:00
Eduardo Habkost
2668b4bff4 tests: Some unit tests for vmstate.c
* Basic load/save tests
 * Tests for loading older versions
 * Tests for .field_exists() handling

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2014-01-13 14:04:53 +01:00
Markus Armbruster
d8039e58b1 tests: Fix schema parser test for in-tree build
Commit 4f193e3 added the test, but screwed up in-tree builds
(SRCDIR=.): the tests's output overwrites the expected output, and is
thus compared to itself.

Cc: qemu-stable@nongnu.org
Reported-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-02 22:55:27 +04:00
Markus Armbruster
9dbb52e862 tests: Update .gitignore for test-int128 and test-bitops
Forgotten in commit 6046c62 and 3464700.

Cc: qemu-stable@nongnu.org
Reviewed-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-10-01 16:06:07 +04:00
Fam Zheng
7a1c0d200f tests/.gitignore: ignore test-throttle
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-09-20 20:15:33 +04:00
Eduardo Habkost
747b0cb4b5 tests: Unit tests for qdev global properties handling
This tests the qdev global-properties handling code.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-08-16 18:44:33 +02:00
David Gibson
499a6165be Add some missing qtest binaries to .gitignore
These binaries are generated during make check on at least some
configurations, so att them to .gitignore.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-02-21 10:33:54 +01:00
Eduardo Habkost
247c9de13f target-i386: Topology & APIC ID utility functions
This introduces utility functions for the APIC ID calculation, based on:
  Intel® 64 Architecture Processor Topology Enumeration
  http://software.intel.com/en-us/articles/intel-64-architecture-processor-topology-enumeration/

The code should be compatible with AMD's "Extended Method" described at:
  AMD CPUID Specification (Publication #25481)
  Section 3: Multiple Core Calcuation
as long as:
 - nr_threads is set to 1;
 - OFFSET_IDX is assumed to be 0;
 - CPUID Fn8000_0008_ECX[ApicIdCoreIdSize[3:0]] is set to
   apicid_core_width().

Unit tests included.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-01-27 14:34:27 +01:00
David Gibson
fecccc4477 Add .gitignore for tests/
The new autotests in tests/ generate a number of files, both
executable and source, which are not caught by the existing .gitignore
files.  This patch adds a new .gitignore in tests/ which covers these.

[Changed 'rtc-test' to '*-test' so future tests do not need to be added
to .gitignore on a case-by-case basis.  Stefan]

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-04-20 13:23:27 +01:00