[libvirt] [PATCH v6 0/5] Add native TLS encrypted chardev TCP support
John Ferlan
jferlan at redhat.com
Fri Sep 9 20:49:03 UTC 2016
v5:
http://www.redhat.com/archives/libvir-list/2016-August/msg00282.html
Patches 1-5 from that series already pushed
Patch 6 from that series is removed
Patch 7 is untouched and is patch 3 in this series
Patches 8-9 modified for new paradigm (patches 4-5 of this series)
Patch 1 [NEW] From patch 6 review comment - provide a way to allow
disabling the TLS for a specific guest and serial TCP chardev. A new
test was added which shows that the xml2argv output does not add the
TLS object within the same "frame" as the test that would add it.
Patch 2 [NEW] Rather than use a <secret> object for the serial TCP
chardev, create a qemu.conf option as a host wide setting. The patch
implements a 'chardev_tls_x509_secret_uuid' value which will be used
by patches 4-5 rather than the serial TCP specific setting.
Patch 3 is unchanged
Patches 4-5 were adjusted in order to use the chardevTCPtlsx509secretUUID
rather than the chardev TCP specific 'chardev->source.data.tcp.seclookupdef'
value sourced from a <secret>.
John Ferlan (5):
domain: Add optional 'disableTLS' attribute for TCP chardev
conf: Introduce {default|chardev}_tls_x509_secret_uuid
qemu: Introduce qemuDomainChardevPrivatePtr
qemu: Add a secret object to/for a chardev tcp with secret
qemu: Add the ability to hotplug a secret object for TCP chardev TLS
docs/formatdomain.html.in | 20 +++
docs/schemas/domaincommon.rng | 5 +
src/conf/domain_conf.c | 51 ++++++--
src/conf/domain_conf.h | 5 +-
src/libxl/libxl_domain.c | 2 +-
src/lxc/lxc_native.c | 2 +-
src/qemu/libvirtd_qemu.aug | 2 +
src/qemu/qemu.conf | 24 ++++
src/qemu/qemu_command.c | 34 ++++-
src/qemu/qemu_command.h | 1 +
src/qemu/qemu_conf.c | 22 ++++
src/qemu/qemu_conf.h | 3 +
src/qemu/qemu_domain.c | 143 ++++++++++++++++++++-
src/qemu/qemu_domain.h | 30 ++++-
src/qemu/qemu_driver.c | 2 +-
src/qemu/qemu_hotplug.c | 63 ++++++++-
src/qemu/qemu_hotplug.h | 3 +-
src/qemu/qemu_parse_command.c | 4 +-
src/qemu/qemu_process.c | 6 +-
src/qemu/test_libvirtd_qemu.aug.in | 2 +
src/vz/vz_sdk.c | 2 +-
src/xenconfig/xen_sxpr.c | 2 +-
tests/qemuhotplugtest.c | 2 +-
...argv-serial-tcp-tlsx509-chardev-disableTLS.args | 30 +++++
...2argv-serial-tcp-tlsx509-chardev-disableTLS.xml | 50 +++++++
...xml2argv-serial-tcp-tlsx509-secret-chardev.args | 38 ++++++
...uxml2argv-serial-tcp-tlsx509-secret-chardev.xml | 50 +++++++
tests/qemuxml2argvtest.c | 22 ++++
...mlout-serial-tcp-tlsx509-chardev-disableTLS.xml | 1 +
tests/qemuxml2xmltest.c | 1 +
30 files changed, 588 insertions(+), 34 deletions(-)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev-disableTLS.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev-disableTLS.xml
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.xml
create mode 120000 tests/qemuxml2xmloutdata/qemuxml2xmlout-serial-tcp-tlsx509-chardev-disableTLS.xml
--
2.7.4
More information about the libvir-list
mailing list