Re: [Qemu-devel] [PATCH v2 5/5] ui: convert VNC server to use QCryptoTLS

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v2 5/5] ui: convert VNC server to use QCryptoTLS

From:	Paolo Bonzini
Subject:	Re: [Qemu-devel] [PATCH v2 5/5] ui: convert VNC server to use QCryptoTLSSession
Date:	Tue, 11 Aug 2015 18:44:34 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.1.0


On 11/08/2015 16:26, Daniel P. Berrange wrote:
>   -object tls-creds,id=tls0,credtype=anon,endpoint=server \
>   -vnc hostname:0,tls-creds=tls0
> 
> Old syntax for x509 credentials, no client certs:
> 
>   -vnc hostname:0,tls,x509=/path/to/certs
> 
> New syntax:
> 
>   -object 
> tls-creds,id=tls0,credtype=x509,dir=/path/to/certs,endpoint=server,verify-peer=no
>  \
>   -vnc hostname:0,tls-creds=tls0
> 
> Old syntax for x509 credentials, requiring client certs:
> 
>   -vnc hostname:0,tls,x509verify=/path/to/certs

Would it be possible to change credtype=foo to subclasses of the
abstract tls-creds class?  That is

   -object tls-creds-anon,id=tls0,endpoint=server
   -object 
tls-creds-x509,id=tls0,dir=/path/to/certs,endpoint=server,verify-peer=yes|no

This would be more similar to how -object is usually used.  You
get to choose whether to keep the union or have separate structs
QCryptoTLSCredsX509 and QCryptoTLSCredsAnonymous.

Paolo

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH v2 0/5] Extract TLS handling code from VNC server, Daniel P. Berrange, 2015/08/11
- [Qemu-devel] [PATCH v2 4/5] ui: fix return type for VNC I/O functions to be ssize_t, Daniel P. Berrange, 2015/08/11
- [Qemu-devel] [PATCH v2 3/5] crypto: introduce new module for handling TLS sessions, Daniel P. Berrange, 2015/08/11
- [Qemu-devel] [PATCH v2 1/5] crypto: introduce new module for handling TLS credentials, Daniel P. Berrange, 2015/08/11
- [Qemu-devel] [PATCH v2 5/5] ui: convert VNC server to use QCryptoTLSSession, Daniel P. Berrange, 2015/08/11
  - Re: [Qemu-devel] [PATCH v2 5/5] ui: convert VNC server to use QCryptoTLSSession, Paolo Bonzini <=
    - Re: [Qemu-devel] [PATCH v2 5/5] ui: convert VNC server to use QCryptoTLSSession, Daniel P. Berrange, 2015/08/11
- [Qemu-devel] [PATCH v2 2/5] crypto: add sanity checking of TLS credentials, Daniel P. Berrange, 2015/08/11

Prev by Date: Re: [Qemu-devel] [RFC v4 1/9] exec.c: Add new exclusive bitmap to ram_list
Next by Date: [Qemu-devel] [PATCH] monitor: remove QAPI_EVENT_VSERPORT_CHANGE throttle
Previous by thread: [Qemu-devel] [PATCH v2 5/5] ui: convert VNC server to use QCryptoTLSSession
Next by thread: Re: [Qemu-devel] [PATCH v2 5/5] ui: convert VNC server to use QCryptoTLSSession
Index(es):
- Date
- Thread