git.ipfire.org Git - thirdparty/qemu.git/commit

author	Daniel P. Berrange <berrange@redhat.com>
	Fri, 13 Mar 2015 17:39:26 +0000 (17:39 +0000)
committer	Daniel P. Berrange <berrange@redhat.com>
	Tue, 15 Sep 2015 14:00:20 +0000 (15:00 +0100)
commit	e00adf6c3edf8dbbe7eb60c94e24fe2158e8342f
tree	bce3971fd6eb9fcdf5494a74c01a808b863c708b	tree \| snapshot
parent	a090187de116a3d0b8146ca481249c8fc83ad3ee	commit \| diff

crypto: introduce new module for TLS anonymous credentials

Introduce a QCryptoTLSCredsAnon class which is used to
manage anonymous TLS credentials. Use of this class is
generally discouraged since it does not offer strong
security, but it is required for backwards compatibility
with the current VNC server implementation.

Simple example CLI configuration:

$QEMU -object tls-creds-anon,id=tls0,endpoint=server

Example using pre-created diffie-hellman parameters

$QEMU -object tls-creds-anon,id=tls0,endpoint=server,\
dir=/path/to/creds/dir

The 'id' value in the -object args will be used to associate the
credentials with the network services. For example, when the VNC
server is later converted it would use

$QEMU -object tls-creds-anon,id=tls0,.... \
-vnc 127.0.0.1:1,tls-creds=tls0

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>

crypto/Makefile.objs		diff \| blob \| blame \| history
crypto/tlscredsanon.c	[new file with mode: 0644]	blob
include/crypto/tlscredsanon.h	[new file with mode: 0644]	blob
qemu-options.hx		diff \| blob \| blame \| history
trace-events		diff \| blob \| blame \| history