diff options
author | Daniel P. Berrange <berrange@redhat.com> | 2016-02-10 18:41:13 +0000 |
---|---|---|
committer | Timothy Pearson <tpearson@raptorengineering.com> | 2019-11-29 19:45:29 -0600 |
commit | f5723e52572cfc467acc9160782ed4f643e1e496 (patch) | |
tree | 02d202a6be0927b47d9ca7e0878c7de1b9041d39 /hmp.c | |
parent | 5a0c0d845e78adb9d14644b5cd9380b48df29cce (diff) | |
download | hqemu-f5723e52572cfc467acc9160782ed4f643e1e496.zip hqemu-f5723e52572cfc467acc9160782ed4f643e1e496.tar.gz |
nbd: enable use of TLS with qemu-nbd server
This modifies the qemu-nbd program so that it is possible to
request the use of TLS with the server. It simply adds a new
command line option --tls-creds which is used to provide the
ID of a QCryptoTLSCreds object previously created via the
--object command line option.
For example
qemu-nbd --object tls-creds-x509,id=tls0,endpoint=server,\
dir=/home/berrange/security/qemutls \
--tls-creds tls0 \
--exportname default
TLS requires the new style NBD protocol, so if no export name
is set (via --export-name), then we use the default NBD protocol
export name ""
TLS is only supported when using an IPv4/IPv6 socket listener.
It is not possible to use with UNIX sockets, which includes
when connecting the NBD server to a host device.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1455129674-17255-16-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'hmp.c')
0 files changed, 0 insertions, 0 deletions