Blob Blame History Raw
From 49623c945c93b878d13c0539eddf2d625f5aeb3c Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Wed, 15 Jan 2020 11:12:17 +0000
Subject: [PATCH] v2v: -o rhv-upload: Make -oo rhv-cafile optional in all cases
 (RHBZ#1791240).

This is actually not required, because ovirtsdk4 will use the system's
global trust store if necessary.  Therefore we can make it optional in
all cases.

(cherry picked from commit 65ee9387d4be0e3c5cd214b967fef7a1a8841233
in virt-v2v)
---
 v2v/output_rhv_upload.ml    | 2 --
 v2v/virt-v2v-output-rhv.pod | 5 ++++-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/v2v/output_rhv_upload.ml b/v2v/output_rhv_upload.ml
index 2c8c18732..e1d06867b 100644
--- a/v2v/output_rhv_upload.ml
+++ b/v2v/output_rhv_upload.ml
@@ -81,8 +81,6 @@ let parse_output_options options =
   let rhv_direct = !rhv_direct in
   let rhv_verifypeer = !rhv_verifypeer in
   let rhv_disk_uuids = Option.map List.rev !rhv_disk_uuids in
-  if rhv_verifypeer && rhv_cafile = None then
-     error (f_"-o rhv-upload: must use ‘-oo rhv-cafile’ to supply the path to the oVirt or RHV user’s ‘ca.pem’ file");
 
   { rhv_cafile; rhv_cluster; rhv_direct; rhv_verifypeer; rhv_disk_uuids }
 
diff --git a/v2v/virt-v2v-output-rhv.pod b/v2v/virt-v2v-output-rhv.pod
index 04a894268..4520c9184 100644
--- a/v2v/virt-v2v-output-rhv.pod
+++ b/v2v/virt-v2v-output-rhv.pod
@@ -101,7 +101,10 @@ The storage domain.
 The F<ca.pem> file (Certificate Authority), copied from
 F</etc/pki/ovirt-engine/ca.pem> on the oVirt engine.
 
-This option must be specified if I<-oo rhv-verifypeer> is enabled.
+If I<-oo rhv-verifypeer> is enabled then this option can
+be used to control which CA is used to verify the client’s
+identity.  If this option is not used then the system’s
+global trust store is used.
 
 =item I<-oo rhv-cluster=>C<CLUSTERNAME>
 
-- 
2.26.2