Re: [patch v2 1/1] virt-aa-helper: Add support for smartcard host-certificates

On Fri, Jan 24, 2020 at 2:15 PM Arnaud Patard wrote: > Christian Ehrhardt writes: > > > On Thu, Dec 5, 2019 at 6:25 PM Arnaud Patard > wrote: > > > >> When emulating smartcard with host certificates, qemu needs to > >> be able to read the certificates files. Add necessary code to > >> add the

撤回: [PATCH 6/6] docs: update virt-admin.rst for server-update-tls

Zhangbo (Oscar) 将撤回邮件“[PATCH 6/6] docs: update virt-admin.rst for server-update-tls”。

撤回: [PATCH 5/6] virt-admin: Introduce command srv-update-tls

Zhangbo (Oscar) 将撤回邮件“[PATCH 5/6] virt-admin: Introduce command srv-update-tls”。

撤回: [PATCH 1/6] virnettlscontext: refactoring virNetTLSContextLoadCredentials

Zhangbo (Oscar) 将撤回邮件“[PATCH 1/6] virnettlscontext: refactoring virNetTLSContextLoadCredentials”。

[PATCH 3/6] admin: Introduce virAdmServerUpdateTlsFiles

The server needs to use CA certificate, CRL, server certificate/key to complete the TLS handshake. If these files change, we need to restart libvirtd for them to take effect. This API can update the TLS context without restarting libvirtd. --- include/libvirt/libvirt-admin.h | 4

撤回: [PATCH 4/6] admin: support server cert update mode

Zhangbo (Oscar) 将撤回邮件“[PATCH 4/6] admin: support server cert update mode”。

[PATCH 0/6] update tls files without restarting libvirtd

When a client wants to establish a TLS connection with libvirtd, a CRL file， CA cert and server cert/key are used. Right now, if these files are changed, you must restart libvirtd to make them take effect. The restart behavior of libvirtd will cause clients connecting with libvirtd to fail. In a

[PATCH 4/6] admin: support server cert update mode

virAdmServerUpdateTlsFiles: @flags specifies how to update server cert/key in tls service. Two modes are currently supported: append mode and clear mode, means whether to clear the original cert then add the new one, or just append to the original one. --- include/libvirt/libvirt-admin.h | 14

[PATCH 1/6] virnettlscontext: refactoring virNetTLSContextLoadCredentials

Encapsulate the code for setting TLS-related files into functions, which is convenient for other modules to call. --- src/rpc/virnettlscontext.c | 135 ++--- 1 file changed, 82 insertions(+), 53 deletions(-) diff --git a/src/rpc/virnettlscontext.c

撤回: [PATCH 3/6] admin: Introduce virAdmServerUpdateTlsFiles

Zhangbo (Oscar) 将撤回邮件“[PATCH 3/6] admin: Introduce virAdmServerUpdateTlsFiles”。

撤回: [PATCH 2/6] virnetserver: Introduce virNetServerUpdateTlsFiles

Zhangbo (Oscar) 将撤回邮件“[PATCH 2/6] virnetserver: Introduce virNetServerUpdateTlsFiles”。

[PATCH 5/6] virt-admin: Introduce command srv-update-tls

wire-up virAdmServerUpdateTlsFiles API into virt-admin client. --- tools/virt-admin.c | 88 ++ 1 file changed, 88 insertions(+) diff --git a/tools/virt-admin.c b/tools/virt-admin.c index 32edfe5757..85235ae03d 100644 --- a/tools/virt-admin.c +++

[PATCH 2/6] virnetserver: Introduce virNetServerUpdateTlsFiles

Add an API to update server's tls context before admin method can be introduced. --- include/libvirt/libvirt-admin.h | 8 src/libvirt_remote.syms | 1 + src/rpc/virnetserver.c | 72 + src/rpc/virnetserver.h | 3 ++

[PATCH 6/6] docs: update virt-admin.rst for server-update-tls

Update the manpage for the 'server-update-tls' command --- docs/manpages/virt-admin.rst | 21 + 1 file changed, 21 insertions(+) diff --git a/docs/manpages/virt-admin.rst b/docs/manpages/virt-admin.rst index 51c3d3917e..e19d1f1577 100644 --- a/docs/manpages/virt-admin.rst +++

撤回: [PATCH 0/6] update tls files without restarting libvirtd

Zhangbo (Oscar) 将撤回邮件“[PATCH 0/6] update tls files without restarting libvirtd”。

[PATCH 5/6] virt-admin: Introduce command srv-update-tls

wire-up virAdmServerUpdateTlsFiles API into virt-admin client. --- tools/virt-admin.c | 88 ++ 1 file changed, 88 insertions(+) diff --git a/tools/virt-admin.c b/tools/virt-admin.c index 32edfe5757..85235ae03d 100644 --- a/tools/virt-admin.c +++

[PATCH 6/6] docs: update virt-admin.rst for server-update-tls

Update the manpage for the 'server-update-tls' command --- docs/manpages/virt-admin.rst | 21 + 1 file changed, 21 insertions(+) diff --git a/docs/manpages/virt-admin.rst b/docs/manpages/virt-admin.rst index 51c3d3917e..e19d1f1577 100644 --- a/docs/manpages/virt-admin.rst +++

[PATCH 4/6] admin: support server cert update mode

virAdmServerUpdateTlsFiles: @flags specifies how to update server cert/key in tls service. Two modes are currently supported: append mode and clear mode, means whether to clear the original cert then add the new one, or just append to the original one. --- include/libvirt/libvirt-admin.h | 14

[PATCH 3/6] admin: Introduce virAdmServerUpdateTlsFiles

The server needs to use CA certificate, CRL, server certificate/key to complete the TLS handshake. If these files change, we need to restart libvirtd for them to take effect. This API can update the TLS context without restarting libvirtd. --- include/libvirt/libvirt-admin.h | 4

[PATCH 1/6] virnettlscontext: refactoring virNetTLSContextLoadCredentials

Encapsulate the code for setting TLS-related files into functions, which is convenient for other modules to call. --- src/rpc/virnettlscontext.c | 135 ++--- 1 file changed, 82 insertions(+), 53 deletions(-) diff --git a/src/rpc/virnettlscontext.c

[PATCH 2/6] virnetserver: Introduce virNetServerUpdateTlsFiles

Add an API to update server's tls context before admin method can be introduced. --- include/libvirt/libvirt-admin.h | 8 src/libvirt_remote.syms | 1 + src/rpc/virnetserver.c | 72 + src/rpc/virnetserver.h | 3 ++

[PATCH 0/6] update tls files without restarting libvirtd

When a client wants to establish a TLS connection with libvirtd, a CRL file， CA cert and server cert/key are used. Right now, if these files are changed, you must restart libvirtd to make them take effect. The restart behavior of libvirtd will cause clients connecting with libvirtd to fail. In a