Re: [Qemu-devel] [PATCH FYI 12/46] io: add QIOChannelTLS class

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH FYI 12/46] io: add QIOChannelTLS class

From:	Daniel P. Berrange
Subject:	Re: [Qemu-devel] [PATCH FYI 12/46] io: add QIOChannelTLS class
Date:	Mon, 7 Sep 2015 16:41:16 +0100
User-agent:	Mutt/1.5.23 (2014-03-12)

On Mon, Sep 07, 2015 at 04:31:08PM +0100, Dr. David Alan Gilbert wrote:
> * Daniel P. Berrange (address@hidden) wrote:
> > Add a QIOChannel subclass that can run the TLS protocol over
> > the top of another QIOChannel instance. The object provides a
> > simplified API to perform the handshake when starting the TLS
> > session. The layering of TLS over the underlying channel does
> > not have to be setup immediately. It is possible to take an
> > existing QIOChannel that has done some handshake and then swap
> > in the QIOChannelTLS layer. This allows for use with protocols
> > which start TLS right away, and those which start plain text
> > and then negotiate TLS.
> > 
> > Signed-off-by: Daniel P. Berrange <address@hidden>
> 
> > ---
> > +#ifdef QIO_DEBUG
> > +#define DPRINTF(fmt, ...) do { fprintf(stderr, fmt, ## __VA_ARGS__); } 
> > while (0)
> > +#else
> > +#define DPRINTF(fmt, ...) do { } while (0)
> > +#endif
> 
> Can you use the trace_ stuff rather than dprintf's; I've been trying
> to remove them all from the migration code (and with trace configured in
> stderr mode it works pretty easily).

Yeah, that's a good idea.

> On a different question; if this TLS channel is backed by a socket, can I do
> a shutdown call that will bubble down to the socket?

The QIOChannel abstract base class did not define any shutdown method,
since that's not a generally applicable concept - essentially only the
sockets interface can do that. So I defined it as a method just on the
QIOChannelSocket class. Given this, the QIOChannelTLS class does not
know about the shutdown call.

This isn't a big deal though - the QIOChannelTLS struct exposes a
pointer to the underling QIOChannel transport, so code that needs
to do a shutdown, can get hold of the underlying channel and call
shutdown on that.

I forgot to do this properly when I integrated with the migration
QEMUFile interface, so I'll fix that up, so shutdown works correctly
with migration when TLS is enabled.

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH FYI 03/46] sockets: allow port to be NULL when listening on IP address, (continued)
- [Qemu-devel] [PATCH FYI 03/46] sockets: allow port to be NULL when listening on IP address, Daniel P. Berrange, 2015/09/03
- [Qemu-devel] [PATCH FYI 04/46] osdep: add qemu_fork() wrapper for safely handling signals, Daniel P. Berrange, 2015/09/03
- [Qemu-devel] [PATCH FYI 05/46] coroutine: move into libqemuutil.a library, Daniel P. Berrange, 2015/09/03
- [Qemu-devel] [PATCH FYI 06/46] io: add abstract QIOChannel classes, Daniel P. Berrange, 2015/09/03
- [Qemu-devel] [PATCH FYI 08/46] io: pull Buffer code out of VNC module, Daniel P. Berrange, 2015/09/03
- [Qemu-devel] [PATCH FYI 09/46] io: add QIOTask class for async operations, Daniel P. Berrange, 2015/09/03
- [Qemu-devel] [PATCH FYI 11/46] io: add QIOChannelFile class, Daniel P. Berrange, 2015/09/03
- [Qemu-devel] [PATCH FYI 10/46] io: add QIOChannelSocket class, Daniel P. Berrange, 2015/09/03
- [Qemu-devel] [PATCH FYI 12/46] io: add QIOChannelTLS class, Daniel P. Berrange, 2015/09/03
  - Re: [Qemu-devel] [PATCH FYI 12/46] io: add QIOChannelTLS class, Dr. David Alan Gilbert, 2015/09/07
    - Re: [Qemu-devel] [PATCH FYI 12/46] io: add QIOChannelTLS class, Daniel P. Berrange <=
    - Re: [Qemu-devel] [PATCH FYI 12/46] io: add QIOChannelTLS class, Dr. David Alan Gilbert, 2015/09/07
    - Re: [Qemu-devel] [PATCH FYI 12/46] io: add QIOChannelTLS class, Daniel P. Berrange, 2015/09/07
- [Qemu-devel] [PATCH FYI 15/46] ui: convert VNC startup code to use SocketAddress, Daniel P. Berrange, 2015/09/03
- [Qemu-devel] [PATCH FYI 14/46] io: add QIOChannelCommand class, Daniel P. Berrange, 2015/09/03
- [Qemu-devel] [PATCH FYI 13/46] io: add QIOChannelWebsock class, Daniel P. Berrange, 2015/09/03
  - Re: [Qemu-devel] [PATCH FYI 13/46] io: add QIOChannelWebsock class, Dr. David Alan Gilbert, 2015/09/07
    - Re: [Qemu-devel] [PATCH FYI 13/46] io: add QIOChannelWebsock class, Daniel P. Berrange, 2015/09/07
- [Qemu-devel] [PATCH FYI 17/46] ui: convert VNC server to use QIOChannelTLS, Daniel P. Berrange, 2015/09/03
- [Qemu-devel] [PATCH FYI 16/46] ui: convert VNC server to use QIOChannelSocket, Daniel P. Berrange, 2015/09/03
- [Qemu-devel] [PATCH FYI 19/46] char: remove fixed length filename allocation, Daniel P. Berrange, 2015/09/03

Prev by Date: Re: [Qemu-devel] [PATCH 0/3] hw/sd/pxa2xx_mmci: convert to sysbus and vmstate
Next by Date: Re: [Qemu-devel] [PATCH FYI 13/46] io: add QIOChannelWebsock class
Previous by thread: Re: [Qemu-devel] [PATCH FYI 12/46] io: add QIOChannelTLS class
Next by thread: Re: [Qemu-devel] [PATCH FYI 12/46] io: add QIOChannelTLS class
Index(es):
- Date
- Thread