mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
000194556b
qemu/include/block
History
Daniel P. Berrange 000194556b nbd: allow authorization with nbd-server-start QMP command 
As with the previous patch to qemu-nbd, the nbd-server-start QMP command
also needs to be able to specify authorization when enabling TLS encryption.

First the client must create a QAuthZ object instance using the
'object-add' command:

   {
     'execute': 'object-add',
     'arguments': {
       'qom-type': 'authz-list',
       'id': 'authz0',
       'parameters': {
         'policy': 'deny',
         'rules': [
           {
             'match': '*CN=fred',
             'policy': 'allow'
           }
         ]
       }
     }
   }

They can then reference this in the new 'tls-authz' parameter when
executing the 'nbd-server-start' command:

   {
     'execute': 'nbd-server-start',
     'arguments': {
       'addr': {
           'type': 'inet',
           'host': '127.0.0.1',
           'port': '9000'
       },
       'tls-creds': 'tls0',
       'tls-authz': 'authz0'
     }
   }

Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <20190227162035.18543-3-berrange@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2019-03-06 11:05:27 -06:00
..
accounting.h block/accounting: introduce latency histogram 2018-03-19 14:58:37 -05:00
aio-wait.h block: Use a single global AioWait 2018-09-25 15:50:15 +02:00
aio.h qemu-timer: introduce timer attributes 2018-10-19 13:44:03 +02:00
block_backup.h block/backup: drop unused synchronization interface 2018-12-14 11:52:40 +01:00
block_int.h block: Purify .bdrv_refresh_filename() 2019-02-25 15:11:27 +01:00
block.h block: Add bdrv_dirname() 2019-02-25 15:11:26 +01:00
blockjob_int.h block: Really pause block jobs on drain 2018-06-18 15:03:25 +02:00
blockjob.h block: Use a single global AioWait 2018-09-25 15:50:15 +02:00
dirty-bitmap.h Revert "block/dirty-bitmap: Add bdrv_dirty_iter_next_area" 2019-01-15 18:26:50 -05:00
nbd.h nbd: allow authorization with nbd-server-start QMP command 2019-03-06 11:05:27 -06:00
nvme.h block: Move NVMe constants to a separate header 2018-02-08 09:22:03 +08:00
qapi.h Drop superfluous includes of qapi-types.h and test-qapi-types.h 2018-02-09 05:05:11 +01:00
qdict.h block: Factor out qobject_input_visitor_new_flat_confused() 2018-06-15 14:49:44 +02:00
raw-aio.h file-posix: Make .bdrv_co_truncate asynchronous 2018-06-29 14:20:56 +02:00
snapshot.h block/snapshot: remove bdrv_snapshot_delete_by_id_or_name 2019-02-25 15:03:18 +01:00
thread-pool.h Clean up decorations and whitespace around header guards 2016-07-12 16:20:46 +02:00
throttle-groups.h throttle-groups: fix restart coroutine iothread race 2019-01-24 10:02:28 +00:00
write-threshold.h Use scripts/clean-includes to drop redundant qemu/typedefs.h 2016-03-22 22:20:16 +01:00