[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v5 16/16] nbd: enable use of TLS with nbd-server
|
From: |
Eric Blake |
|
Subject: |
Re: [Qemu-devel] [PATCH v5 16/16] nbd: enable use of TLS with nbd-server-start command |
|
Date: |
Thu, 4 Feb 2016 09:25:10 -0700 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.0 |
On 02/04/2016 06:50 AM, Daniel P. Berrange wrote:
> This modifies the nbd-server-start QMP command so that it
> is possible to request use of TLS. This is done by adding
> a new optional parameter "tls-creds" which provides the ID
> of a previously created QCryptoTLSCreds object instance.
>
> TLS is only supported when using an IPv4/IPv6 socket listener.
>
> Signed-off-by: Daniel P. Berrange <address@hidden>
> ---
> +static QCryptoTLSCreds *nbd_get_tls_creds(const char *id, Error **errp)
> +{
> + Object *obj;
> + QCryptoTLSCreds *creds;
> +
> + obj = object_resolve_path_component(
> + object_get_objects_root(), id);
> + if (!obj) {
> + error_setg(errp, "No TLS credentials with id '%s'",
> + id);
> + return NULL;
> + }
> + creds = (QCryptoTLSCreds *)
> + object_dynamic_cast(obj, TYPE_QCRYPTO_TLS_CREDS);
Do we really need the C cast alongside an object_dynamic_cast()?
> +++ b/qapi/block.json
> @@ -146,13 +146,15 @@
> # QEMU instance could refer to them as "nbd:HOST:PORT:exportname=NAME".
> #
> # @addr: Address on which to listen.
> +# @tls-creds: (optional) ID of the TLS credentials object. Since 2.6
Worth a comment that it only works with IPv4/6?
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
- [Qemu-devel] [PATCH v5 08/16] nbd: make server compliant with fixed newstyle spec, (continued)
- [Qemu-devel] [PATCH v5 08/16] nbd: make server compliant with fixed newstyle spec, Daniel P. Berrange, 2016/02/04
- [Qemu-devel] [PATCH v5 11/16] nbd: always query export list in fixed new style protocol, Daniel P. Berrange, 2016/02/04
- [Qemu-devel] [PATCH v5 12/16] nbd: use "" as a default export name if none provided, Daniel P. Berrange, 2016/02/04
- [Qemu-devel] [PATCH v5 09/16] nbd: make client request fixed new style if advertized, Daniel P. Berrange, 2016/02/04
- [Qemu-devel] [PATCH v5 06/16] nbd: convert to using I/O channels for actual socket I/O, Daniel P. Berrange, 2016/02/04
- [Qemu-devel] [PATCH v5 13/16] nbd: implement TLS support in the protocol negotiation, Daniel P. Berrange, 2016/02/04
- [Qemu-devel] [PATCH v5 10/16] nbd: allow setting of an export name for qemu-nbd server, Daniel P. Berrange, 2016/02/04
- [Qemu-devel] [PATCH v5 14/16] nbd: enable use of TLS with NBD block driver, Daniel P. Berrange, 2016/02/04
- [Qemu-devel] [PATCH v5 15/16] nbd: enable use of TLS with qemu-nbd server, Daniel P. Berrange, 2016/02/04
- [Qemu-devel] [PATCH v5 16/16] nbd: enable use of TLS with nbd-server-start command, Daniel P. Berrange, 2016/02/04
- Re: [Qemu-devel] [PATCH v5 16/16] nbd: enable use of TLS with nbd-server-start command,
Eric Blake <=