diff options
author | Daniel P. Berrange | 2015-03-13 18:39:26 +0100 |
---|---|---|
committer | Daniel P. Berrange | 2015-09-15 16:00:20 +0200 |
commit | e00adf6c3edf8dbbe7eb60c94e24fe2158e8342f (patch) | |
tree | bce3971fd6eb9fcdf5494a74c01a808b863c708b /trace-events | |
parent | crypto: introduce new base module for TLS credentials (diff) | |
download | qemu-e00adf6c3edf8dbbe7eb60c94e24fe2158e8342f.tar.gz qemu-e00adf6c3edf8dbbe7eb60c94e24fe2158e8342f.tar.xz qemu-e00adf6c3edf8dbbe7eb60c94e24fe2158e8342f.zip |
crypto: introduce new module for TLS anonymous credentials
Introduce a QCryptoTLSCredsAnon class which is used to
manage anonymous TLS credentials. Use of this class is
generally discouraged since it does not offer strong
security, but it is required for backwards compatibility
with the current VNC server implementation.
Simple example CLI configuration:
$QEMU -object tls-creds-anon,id=tls0,endpoint=server
Example using pre-created diffie-hellman parameters
$QEMU -object tls-creds-anon,id=tls0,endpoint=server,\
dir=/path/to/creds/dir
The 'id' value in the -object args will be used to associate the
credentials with the network services. For example, when the VNC
server is later converted it would use
$QEMU -object tls-creds-anon,id=tls0,.... \
-vnc 127.0.0.1:1,tls-creds=tls0
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Diffstat (limited to 'trace-events')
-rw-r--r-- | trace-events | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/trace-events b/trace-events index e8103d1374..459397b637 100644 --- a/trace-events +++ b/trace-events @@ -1670,3 +1670,6 @@ oss_invalid_available_size(int size, int bufsize) "Invalid available size, size= # crypto/tlscreds.c qcrypto_tls_creds_load_dh(void *creds, const char *filename) "TLS creds load DH creds=%p filename=%s" qcrypto_tls_creds_get_path(void *creds, const char *filename, const char *path) "TLS creds path creds=%p filename=%s path=%s" + +# crypto/tlscredsanon.c +qcrypto_tls_creds_anon_load(void *creds, const char *dir) "TLS creds anon load creds=%p dir=%s" |