Re: [Qemu-devel] [PATCH 0/9] encryption code changes

[Daniel P. Berrange]

On Fri, Feb 06, 2009 at 05:43:13PM -0600, Anthony Liguori wrote:
> Eduardo Habkost wrote:
> >Hi,
> >
> >This patch series for qemu contain multiple changes on the way encryption
> >and authentication code is handled.
> >
> >The first patch is a behaviour change to avoid silent security holes on
> >the VNC server caused by user configuration errors.
> >
> >Patches 2 and 3 are bugfixes to some of the multiple problems
> >I had with monitor_readline(), when testing the qcow encryption
> >support. monitor_readline() is still not completely functional, but
> >at least it allows the qcow password to be read when an qcow encrypted
> >image is specified on the command-line, now.
> >
> >The remaining patches may be more controversial. The first half makes the
> >use of aes.c and d3des.c optional at compile time. The rest remove aes.c
> >and d3des.c from the source tree and replace them with calls to libgcrypt.
> >  
> 
> What's the availability of libgcrypt?  Are there Windows versions 
> readily available?  That would be my biggest concern here.

It is available for Windows - we build it in the Fedora MinGW project as
it is a pre-requisite for GNUTLS and thus libvirt on Windows. It is also
used by (and comes from the) GnuPG project

   http://www.gnupg.org/documentation/manuals/gcrypt/

Regards,
Daniel
-- 
|: Red Hat, Engineering, London   -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|