[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 0/9] encryption code changes
From: |
Daniel P. Berrange |
Subject: |
Re: [Qemu-devel] [PATCH 0/9] encryption code changes |
Date: |
Sat, 7 Feb 2009 11:00:03 +0000 |
User-agent: |
Mutt/1.4.1i |
On Fri, Feb 06, 2009 at 07:08:51PM -0200, Eduardo Habkost wrote:
> Hi,
>
> This patch series for qemu contain multiple changes on the way encryption
> and authentication code is handled.
>
> The first patch is a behaviour change to avoid silent security holes on
> the VNC server caused by user configuration errors.
>
> Patches 2 and 3 are bugfixes to some of the multiple problems
> I had with monitor_readline(), when testing the qcow encryption
> support. monitor_readline() is still not completely functional, but
> at least it allows the qcow password to be read when an qcow encrypted
> image is specified on the command-line, now.
>
> The remaining patches may be more controversial. The first half makes the
> use of aes.c and d3des.c optional at compile time. The rest remove aes.c
> and d3des.c from the source tree and replace them with calls to libgcrypt.
FYI, for those who don't realize, libgcrypt is the crypto library used
by GNUTLS. QEMU already uses GNUTLS for its VNC server, if --with-vnc-tls
flag is given to configure. IMHO, using libgcrypt for all crypto is
a good idea, although it would become a compulsory dependancy instead of
an optional one.
Regards,
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
- [Qemu-devel] [PATCH 4/9] qcow: define QCOW_CRYPT_MAX, (continued)
- [Qemu-devel] [PATCH 4/9] qcow: define QCOW_CRYPT_MAX, Eduardo Habkost, 2009/02/06
- [Qemu-devel] [PATCH 3/9] monitor_readline: poll pending bottom halves before readline_start(), Eduardo Habkost, 2009/02/06
- [Qemu-devel] [PATCH 5/9] qcow: make encryption support optional, Eduardo Habkost, 2009/02/06
- [Qemu-devel] [PATCH 1/9] vnc: abort on unknown options, Eduardo Habkost, 2009/02/06
- [Qemu-devel] [PATCH 8/9] qcow: use libgcrypt AES implementation, Eduardo Habkost, 2009/02/06
- [Qemu-devel] [PATCH 9/9] vnc: use libgcrypt for DES-challenge authentication, Eduardo Habkost, 2009/02/06
- [Qemu-devel] Re: [PATCH 0/9] encryption code changes, Jan Kiszka, 2009/02/06
- Re: [Qemu-devel] [PATCH 0/9] encryption code changes, Anthony Liguori, 2009/02/06
- Re: [Qemu-devel] [PATCH 0/9] encryption code changes,
Daniel P. Berrange <=
- Re: [Qemu-devel] [PATCH 0/9] encryption code changes, Anthony Liguori, 2009/02/14