[libvirt] [PATCH v2 0/6] Some patches for native TLS encrypted chardev TCP support

John Ferlan jferlan at redhat.com
Thu Jun 16 10:42:21 UTC 2016 

v1: http://www.redhat.com/archives/libvir-list/2016-June/msg00824.html

Based on Dan's review from patch 4, alter the methodology to use the
libvirt qemu config file to add support for a 'default' and (at first)
a 'chartcp' (I could use chardev, but I was concerned that would imply
more options - udp, unix, etc.).

I have started on the authentication portion of this (e.g. a passwordid=
parameter pointing at a secret object), but I'm a bit held up by the
need to have the secret key patches. I've separated those out and will
post a separate set shortly as well to hopefully get some traction.

For the chartcp, I went with the 'default' location for the /etc/pki
path - that will at least test patch 1. I also tested those locally by
removing the code in qemuxml2xmltest.c to specify the specific -vnc or
-spice paths as the test has.

John Ferlan (6):
  conf: Add new default TLS X.509 certificate default directory
  conf: Introduce chartcp_tls_x509_cert_dir
  qemu: Make qemuBuildShmemBackendStr private
  qemu: Add cfg pointer to various command line helpers
  qemu: Add support for TLS X.509 path to TCP chardev backend
  qemu: Add the ability to hotplug the TLS X.509 environment

 src/conf/domain_conf.h                             |   1 +
 src/qemu/libvirtd_qemu.aug                         |   9 +-
 src/qemu/qemu.conf                                 |  52 ++++---
 src/qemu/qemu_command.c                            | 158 ++++++++++++++++++---
 src/qemu/qemu_command.h                            |  12 +-
 src/qemu/qemu_conf.c                               |  45 +++++-
 src/qemu/qemu_conf.h                               |   5 +
 src/qemu/qemu_hotplug.c                            |  29 +++-
 src/qemu/qemu_monitor_json.c                       |   9 ++
 src/qemu/test_libvirtd_qemu.aug.in                 |   3 +
 .../qemuxml2argv-serial-tcp-tlsx509-chardev.args   |  33 +++++
 .../qemuxml2argv-serial-tcp-tlsx509-chardev.xml    |  41 ++++++
 tests/qemuxml2argvtest.c                           |   6 +
 .../qemuxml2xmlout-serial-tcp-tlsx509-chardev.xml  |  50 +++++++
 tests/qemuxml2xmltest.c                            |   1 +
 15 files changed, 399 insertions(+), 55 deletions(-)
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.xml
 create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-serial-tcp-tlsx509-chardev.xml

-- 
2.5.5

More information about the libvir-list mailing list