[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] qemu-nbd: Permit TLS with Unix sockets
From: |
Richard W.M. Jones |
Subject: |
Re: [Qemu-devel] [PATCH] qemu-nbd: Permit TLS with Unix sockets |
Date: |
Wed, 26 Jun 2019 09:52:11 +0100 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
On Tue, Jun 25, 2019 at 09:49:42PM -0500, Eric Blake wrote:
> Although you generally won't use encryption with a Unix socket (after
> all, everything is local, so why waste the CPU power), there are
> situations in testsuites where Unix sockets are much nicer than TCP
> sockets. Since nbdkit allows encryption over both types of sockets,
> it makes sense for qemu-nbd to do likewise.
Also it's somewhat useful if using a separate tunnel process (openssh
for one can do this now).
> Signed-off-by: Eric Blake <address@hidden>
> ---
> qemu-nbd.c | 4 ----
> 1 file changed, 4 deletions(-)
>
> diff --git a/qemu-nbd.c b/qemu-nbd.c
> index a8cb39e51043..ddfb6815fb69 100644
> --- a/qemu-nbd.c
> +++ b/qemu-nbd.c
> @@ -931,10 +931,6 @@ int main(int argc, char **argv)
> }
>
> if (tlscredsid) {
> - if (sockpath) {
> - error_report("TLS is only supported with IPv4/IPv6");
> - exit(EXIT_FAILURE);
> - }
> if (device) {
> error_report("TLS is not supported with a host device");
> exit(EXIT_FAILURE);
> --
> 2.20.1
The patch looks very simple, just removing an unnecessary restriction,
so:
Acked-by: Richard W.M. Jones <address@hidden>
If we could have the same change on the qemu client side that would
be great because we could use it here:
https://github.com/libguestfs/nbdkit/blob/e0d324683c86455a2fe62e97d57f1313cad9c9f3/tests/functions.sh.in#L133
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
libguestfs lets you edit virtual machines. Supports shell scripting,
bindings from many languages. http://libguestfs.org