@@ -1597,13 +1597,13 @@ qcrypto_block_luks_amend_add_keyslot(QCryptoBlock *block,
g_autofree char *new_password = NULL;
g_autofree uint8_t *master_key = NULL;
- char *secret = opts_luks->has_secret ? opts_luks->secret : luks->secret;
+ char *secret = opts_luks->secret ?: luks->secret;
- if (!opts_luks->has_new_secret) {
+ if (!opts_luks->new_secret) {
error_setg(errp, "'new-secret' is required to activate a keyslot");
return -1;
}
- if (opts_luks->has_old_secret) {
+ if (opts_luks->old_secret) {
error_setg(errp,
"'old-secret' must not be given when activating keyslots");
return -1;
@@ -1677,7 +1677,7 @@ qcrypto_block_luks_amend_erase_keyslots(QCryptoBlock *block,
g_autofree uint8_t *tmpkey = NULL;
g_autofree char *old_password = NULL;
- if (opts_luks->has_new_secret) {
+ if (opts_luks->new_secret) {
error_setg(errp,
"'new-secret' must not be given when erasing keyslots");
return -1;
@@ -1687,14 +1687,14 @@ qcrypto_block_luks_amend_erase_keyslots(QCryptoBlock *block,
"'iter-time' must not be given when erasing keyslots");
return -1;
}
- if (opts_luks->has_secret) {
+ if (opts_luks->secret) {
error_setg(errp,
"'secret' must not be given when erasing keyslots");
return -1;
}
/* Load the old password if given */
- if (opts_luks->has_old_secret) {
+ if (opts_luks->old_secret) {
old_password = qcrypto_secret_lookup_as_utf8(opts_luks->old_secret,
errp);
if (!old_password) {
@@ -1719,7 +1719,7 @@ qcrypto_block_luks_amend_erase_keyslots(QCryptoBlock *block,
return -1;
}
- if (opts_luks->has_old_secret) {
+ if (opts_luks->old_secret) {
int rv = qcrypto_block_luks_load_key(block,
keyslot,
old_password,
@@ -1761,7 +1761,7 @@ qcrypto_block_luks_amend_erase_keyslots(QCryptoBlock *block,
}
/* Erase all keyslots that match the given old password */
- } else if (opts_luks->has_old_secret) {
+ } else if (opts_luks->old_secret) {
unsigned long slots_to_erase_bitmap = 0;
size_t i;
@@ -41,7 +41,6 @@
static QCryptoBlockCreateOptions qcow_create_opts = {
.format = Q_CRYPTO_BLOCK_FORMAT_QCOW,
.u.qcow = {
- .has_key_secret = true,
.key_secret = (char *)"sec0",
},
};
@@ -49,7 +48,6 @@ static QCryptoBlockCreateOptions qcow_create_opts = {
static QCryptoBlockOpenOptions qcow_open_opts = {
.format = Q_CRYPTO_BLOCK_FORMAT_QCOW,
.u.qcow = {
- .has_key_secret = true,
.key_secret = (char *)"sec0",
},
};
@@ -59,7 +57,6 @@ static QCryptoBlockOpenOptions qcow_open_opts = {
static QCryptoBlockOpenOptions luks_open_opts = {
.format = Q_CRYPTO_BLOCK_FORMAT_LUKS,
.u.luks = {
- .has_key_secret = true,
.key_secret = (char *)"sec0",
},
};
@@ -69,7 +66,6 @@ static QCryptoBlockOpenOptions luks_open_opts = {
static QCryptoBlockCreateOptions luks_create_opts_default = {
.format = Q_CRYPTO_BLOCK_FORMAT_LUKS,
.u.luks = {
- .has_key_secret = true,
.key_secret = (char *)"sec0",
},
};
@@ -79,7 +75,6 @@ static QCryptoBlockCreateOptions luks_create_opts_default = {
static QCryptoBlockCreateOptions luks_create_opts_aes256_cbc_plain64 = {
.format = Q_CRYPTO_BLOCK_FORMAT_LUKS,
.u.luks = {
- .has_key_secret = true,
.key_secret = (char *)"sec0",
.has_cipher_alg = true,
.cipher_alg = QCRYPTO_CIPHER_ALG_AES_256,
@@ -94,7 +89,6 @@ static QCryptoBlockCreateOptions luks_create_opts_aes256_cbc_plain64 = {
static QCryptoBlockCreateOptions luks_create_opts_aes256_cbc_essiv = {
.format = Q_CRYPTO_BLOCK_FORMAT_LUKS,
.u.luks = {
- .has_key_secret = true,
.key_secret = (char *)"sec0",
.has_cipher_alg = true,
.cipher_alg = QCRYPTO_CIPHER_ALG_AES_256,
@@ -759,7 +759,6 @@ def need_has(self):
assert self.type
# Temporary hack to support dropping the has_FOO in reviewable chunks
opt_out = [
- 'qapi/crypto.json',
'qapi/dump.json',
'qapi/job.json',
'qapi/machine.json',