On 02/04/2016 06:50 AM, Daniel P. Berrange wrote: > This modifies the nbd-server-start QMP command so that it > is possible to request use of TLS. This is done by adding > a new optional parameter "tls-creds" which provides the ID > of a previously created QCryptoTLSCreds object instance. > > TLS is only supported when using an IPv4/IPv6 socket listener. > > Signed-off-by: Daniel P. Berrange <berra...@redhat.com> > ---
> +static QCryptoTLSCreds *nbd_get_tls_creds(const char *id, Error **errp)
> +{
> + Object *obj;
> + QCryptoTLSCreds *creds;
> +
> + obj = object_resolve_path_component(
> + object_get_objects_root(), id);
> + if (!obj) {
> + error_setg(errp, "No TLS credentials with id '%s'",
> + id);
> + return NULL;
> + }
> + creds = (QCryptoTLSCreds *)
> + object_dynamic_cast(obj, TYPE_QCRYPTO_TLS_CREDS);
Do we really need the C cast alongside an object_dynamic_cast()?
> +++ b/qapi/block.json
> @@ -146,13 +146,15 @@
> # QEMU instance could refer to them as "nbd:HOST:PORT:exportname=NAME".
> #
> # @addr: Address on which to listen.
> +# @tls-creds: (optional) ID of the TLS credentials object. Since 2.6
Worth a comment that it only works with IPv4/6?
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
