qemu/qapi
Daniel P. Berrangé a0cd6d2972 block/nbd: support override of hostname for TLS certificate validation
When connecting to an NBD server with TLS and x509 credentials,
the client must validate the hostname it uses for the connection,
against that published in the server's certificate. If the client
is tunnelling its connection over some other channel, however, the
hostname it uses may not match the info reported in the server's
certificate. In such a case, the user needs to explicitly set an
override for the hostname to use for certificate validation.

This is achieved by adding a 'tls-hostname' property to the NBD
block driver.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20220304193610.3293146-4-berrange@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2022-03-07 15:58:42 -06:00
..
acpi.json qapi: Extract ACPI commands to 'acpi.json' 2020-09-29 15:41:36 +02:00
audio.json schemas: add missing vim modeline 2022-01-27 11:20:50 +01:00
authz.json qapi/qom: Add ObjectOptions for authz-* 2021-03-19 10:17:13 +01:00
block-core.json block/nbd: support override of hostname for TLS certificate validation 2022-03-07 15:58:42 -06:00
block-export.json qapi/block: Cosmetic change in BlockExportType schema 2022-01-28 16:50:43 -06:00
block.json qapi: Normalize version references x.y.0 to just x.y 2020-12-10 17:16:44 +01:00
char.json ui/dbus: add chardev backend & interface 2021-12-21 10:50:22 +04:00
common.json monitor: introduce HumanReadableText and HMP support 2021-11-02 15:55:13 +00:00
compat.json qapi: Belatedly adjust limitations documentation 2022-02-28 11:39:35 +01:00
control.json monitor: remove 'query-events' QMP command 2021-03-18 09:22:55 +00:00
crypto.json crypto: replace 'des-rfb' cipher with 'des' 2021-07-14 14:15:52 +01:00
dump.json schemas: Add vim modeline 2020-08-03 08:28:08 +02:00
error.json schemas: Add vim modeline 2020-08-03 08:28:08 +02:00
introspect.json qapi: Add feature flags to enum members 2021-10-27 17:18:55 +02:00
job.json migration: introduce snapshot-{save, load, delete} QMP commands 2021-02-08 11:19:52 +00:00
machine-target.json qapi: make 'if' condition strings simple identifiers 2021-08-26 13:53:56 +02:00
machine.json qapi: Cleanup SGX related comments and restore @section-size 2022-01-28 11:13:33 +01:00
meson.build qapi: generate trace events by default 2022-01-27 15:17:35 +01:00
migration.json qapi/migration: Fix examples document wrong field name for arguments 2022-02-28 11:39:35 +01:00
misc-target.json qapi: Move RTC_CHANGE back out of target schema 2022-02-28 11:39:35 +01:00
misc.json rtc: Have event RTC_CHANGE identify the RTC by QOM path 2022-02-28 11:39:35 +01:00
net.json netdev: add more commands to preconfig mode 2021-06-11 10:30:13 +08:00
opts-visitor.c qapi, qemu-options: make all parsing visitors parse boolean options the same 2020-11-04 12:00:40 -05:00
pci.json qapi: Normalize version references x.y.0 to just x.y 2020-12-10 17:16:44 +01:00
pragma.json block: Remove monitor command block_passwd 2021-03-23 22:31:56 +01:00
qapi-clone-visitor.c qapi: Make visitor functions taking Error ** return bool, not void 2020-07-10 15:18:08 +02:00
qapi-dealloc-visitor.c qapi: Make visitor functions taking Error ** return bool, not void 2020-07-10 15:18:08 +02:00
qapi-forward-visitor.c qapi: Generalize struct member policy checking 2021-10-29 18:23:09 +02:00
qapi-schema.json qemu-options: New -compat to set policy for deprecated interfaces 2021-03-19 15:43:33 +01:00
qapi-type-helpers.c monitor: introduce HumanReadableText and HMP support 2021-11-02 15:55:13 +00:00
qapi-util.c qapi: Fix stale reference to scripts/qapi.py in a comment 2022-02-28 11:39:35 +01:00
qapi-visit-core.c qapi: Factor out compat_policy_input_ok() 2021-10-29 21:27:20 +02:00
qdev.json softmmu: fix device deletion events with -device JSON syntax 2022-01-14 12:03:16 +01:00
qmp-dispatch.c qapi: Factor out compat_policy_input_ok() 2021-10-29 21:27:20 +02:00
qmp-event.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
qmp-registry.c qapi: Generalize command policy checking 2021-10-29 18:24:46 +02:00
qobject-input-visitor.c qapi: Factor out compat_policy_input_ok() 2021-10-29 21:27:20 +02:00
qobject-output-visitor.c qapi: Extend -compat to set policy for unstable interfaces 2021-10-29 21:28:01 +02:00
qom.json qapi/qom,target/i386: sev-guest: Introduce kernel-hashes=on|off option 2021-11-18 11:07:44 +00:00
rdma.json schemas: Add vim modeline 2020-08-03 08:28:08 +02:00
replay.json schemas: add missing vim modeline 2022-01-27 11:20:50 +01:00
rocker.json schemas: Add vim modeline 2020-08-03 08:28:08 +02:00
run-state.json runstate: cleanup reboot and panic actions 2021-01-21 13:00:41 +01:00
sockets.json build-sys: add HAVE_IPPROTO_MPTCP 2021-09-30 15:30:25 +02:00
string-input-visitor.c qapi, qemu-options: make all parsing visitors parse boolean options the same 2020-11-04 12:00:40 -05:00
string-output-visitor.c string-output-visitor: Fix to use sufficient precision 2020-12-19 10:37:16 +01:00
tpm.json qapi: Convert simple union TpmTypeOptions to flat one 2021-09-27 08:22:25 +02:00
trace-events qapi: Generalize struct member policy checking 2021-10-29 18:23:09 +02:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00
trace.json schemas: add missing vim modeline 2022-01-27 11:20:50 +01:00
transaction.json qapi: deprecate drive-backup 2021-11-09 18:21:19 +01:00
ui.json qapi/monitor: allow VNC display id in set/expire_password 2022-03-02 18:12:40 +00:00
yank.json Introduce yank feature 2021-01-13 10:21:17 +01:00