qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 1/1] chardev: add support for authorization for


From: Eric Blake
Subject: Re: [Qemu-devel] [PATCH 1/1] chardev: add support for authorization for TLS clients
Date: Thu, 7 Mar 2019 13:00:05 -0600
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.5.1

On 3/7/19 12:51 PM, Marc-André Lureau wrote:
> Hi
> 

>> +++ b/qapi/char.json
>> @@ -248,6 +248,11 @@
>>  # @addr: socket address to listen on (server=true)
>>  #        or connect to (server=false)
>>  # @tls-creds: the ID of the TLS credentials object (since 2.6)
>> +# @tls-authz: the ID of the QAuthZ authorization object against which
>> +#             the client's x509 distinguished name will validated. This
> 
> will be? (not a native speaker, but sounds weird to me)

Yes, 'be' is missing.


>> @@ -2568,6 +2568,11 @@ and specifies the id of the TLS credentials to use 
>> for the handshake. The
>>  credentials must be previously created with the @option{-object tls-creds}
>>  argument.
>>
>> address@hidden provides the ID of the QAuthZ authorization object against
>> +which the client's x509 distinguished name will validated. This object is 
>> only
> 
> same
> 
>> +resolved at time of use, so can be deleted and recreated on the fly while 
>> the
>> +chardev server is active. If missing, it will default to denying access.
> 
> Why not have "(since 4.0)"  here?

We haven't been using it in .hx doc anywhere else (which in turn feeds
the man page and online documentation); only the QMP descriptions have
used the tag. Uniformly using it in the .hx file might make sense, but
as a much bigger cleanup task separate from this patch that just
preserves existing style.


-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3226
Virtualization:  qemu.org | libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]