1d7b5b4afd
Make use of the QCryptoSecret object to support loading of encrypted x509 keys. The optional 'passwordid' parameter to the tls-creds-x509 object type, provides the ID of a secret object instance that holds the decryption password for the PEM file. # printf "123456" > mypasswd.txt # $QEMU \ -object secret,id=sec0,filename=mypasswd.txt \ -object tls-creds-x509,passwordid=sec0,id=creds0,\ dir=/home/berrange/.pki/qemu,endpoint=server \ -vnc :1,tls-creds=creds0 This requires QEMU to be linked to GNUTLS >= 3.1.11. If GNUTLS is too old an error will be reported if an attempt is made to pass a decryption password. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> |
||
---|---|---|
.. | ||
aes.c | ||
cipher-builtin.c | ||
cipher-gcrypt.c | ||
cipher-nettle.c | ||
cipher.c | ||
desrfb.c | ||
hash.c | ||
init.c | ||
Makefile.objs | ||
secret.c | ||
tlscreds.c | ||
tlscredsanon.c | ||
tlscredspriv.h | ||
tlscredsx509.c | ||
tlssession.c |