aboutsummaryrefslogtreecommitdiff
path: root/blockdev-nbd.c
diff options
context:
space:
mode:
authorDaniel P. Berrange <berrange@redhat.com>2016-02-10 18:41:13 +0000
committerPaolo Bonzini <pbonzini@redhat.com>2016-02-16 17:17:42 +0100
commit145614a112a8e67d6c84b26faaf2b2002e17d9be (patch)
treefa7204b2f7957acfe349a3bb3345fc7ddb38ae2b /blockdev-nbd.c
parent75822a12c046646684bc8cad6296842b60e7b6bb (diff)
downloadqemu-145614a112a8e67d6c84b26faaf2b2002e17d9be.zip
qemu-145614a112a8e67d6c84b26faaf2b2002e17d9be.tar.gz
qemu-145614a112a8e67d6c84b26faaf2b2002e17d9be.tar.bz2
nbd: enable use of TLS with qemu-nbd server
This modifies the qemu-nbd program so that it is possible to request the use of TLS with the server. It simply adds a new command line option --tls-creds which is used to provide the ID of a QCryptoTLSCreds object previously created via the --object command line option. For example qemu-nbd --object tls-creds-x509,id=tls0,endpoint=server,\ dir=/home/berrange/security/qemutls \ --tls-creds tls0 \ --exportname default TLS requires the new style NBD protocol, so if no export name is set (via --export-name), then we use the default NBD protocol export name "" TLS is only supported when using an IPv4/IPv6 socket listener. It is not possible to use with UNIX sockets, which includes when connecting the NBD server to a host device. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <1455129674-17255-16-git-send-email-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'blockdev-nbd.c')
0 files changed, 0 insertions, 0 deletions