motorhead/qemu
1
0
Fork 0
mirror of https://github.com/Motorhead1991/qemu.git synced 2026-02-26 14:15:09 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions
qemu/qapi
History
Daniel P. Berrange 000194556b nbd: allow authorization with nbd-server-start QMP command 
As with the previous patch to qemu-nbd, the nbd-server-start QMP command
also needs to be able to specify authorization when enabling TLS encryption.

First the client must create a QAuthZ object instance using the
'object-add' command:

   {
     'execute': 'object-add',
     'arguments': {
       'qom-type': 'authz-list',
       'id': 'authz0',
       'parameters': {
         'policy': 'deny',
         'rules': [
           {
             'match': '*CN=fred',
             'policy': 'allow'
           }
         ]
       }
     }
   }

They can then reference this in the new 'tls-authz' parameter when
executing the 'nbd-server-start' command:

   {
     'execute': 'nbd-server-start',
     'arguments': {
       'addr': {
           'type': 'inet',
           'host': '127.0.0.1',
           'port': '9000'
       },
       'tls-creds': 'tls0',
       'tls-authz': 'authz0'
     }
   }

Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <20190227162035.18543-3-berrange@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2019-03-06 11:05:27 -06:00
..
authz.json authz: add QAuthZList object type for an access control list 2019-02-26 15:32:18 +00:00
block-core.json block/dirty-bitmap: Documentation and Comment fixups 2019-02-19 17:49:43 -05:00
block.json nbd: allow authorization with nbd-server-start QMP command 2019-03-06 11:05:27 -06:00
char.json qapi: add more conditions to SPICE 2018-12-14 06:52:48 +01:00
common.json qapi: Define PCIe link speed and width properties 2018-12-19 16:48:16 -05:00
crypto.json crypto: Fix defaults in QCryptoBlockCreateOptionsLUKS 2018-12-12 11:16:49 +00:00
introspect.json json: Update references to RFC 7159 to RFC 8259 2018-08-24 20:27:14 +02:00
job.json qapi/job: The next release will be 3.0 2018-06-29 14:20:56 +02:00
Makefile.objs authz: add QAuthZList object type for an access control list 2019-02-26 15:32:18 +00:00
migration.json qapi/migration.json: Remove a variable that doesn't exist in example 2019-03-06 10:49:18 +00:00
misc.json qapi: move RTC_CHANGE to the target schema 2019-02-18 14:44:05 +01:00
net.json qmp: Add announce-self command 2019-03-05 11:27:41 +08:00
opts-visitor.c qapi: Fix QemuOpts visitor regression on unvisited input 2017-03-22 19:24:34 +01:00
qapi-clone-visitor.c qapi/qnull: Add own header 2017-11-17 18:21:30 +01:00
qapi-dealloc-visitor.c qobject: Replace qobject_incref/QINCREF qobject_decref/QDECREF 2018-05-04 08:27:53 +02:00
qapi-schema.json authz: add QAuthZList object type for an access control list 2019-02-26 15:32:18 +00:00
qapi-util.c qapi: Change data type of the FOO_lookup generated for enum FOO 2017-09-04 13:09:13 +02:00
qapi-visit-core.c Include qapi/qmp/qobject.h exactly where needed 2018-02-09 13:52:15 +01:00
qmp-dispatch.c qmp: constify qmp_is_oob() 2018-08-30 16:08:47 +02:00
qmp-event.c qapi: Eliminate indirection through qmp_event_get_func_emit() 2019-01-24 10:01:05 +01:00
qmp-registry.c qapi: remove qmp_unregister_command() 2019-02-18 14:44:05 +01:00
qobject-input-visitor.c qapi: Use qemu_strtod_finite() in qobject-input-visitor 2018-12-13 19:10:06 +01:00
qobject-output-visitor.c qobject: Modify qobject_ref() to return obj 2018-05-04 08:27:53 +02:00
rdma.json qapi: Define new QMP message for pvrdma 2018-12-22 11:09:56 +02:00
rocker.json qapi: The #optional tag is redundant, drop 2017-03-16 07:13:02 +01:00
run-state.json qmp: Split ShutdownCause host-qmp into quit and system-reset 2018-12-18 07:55:47 +01:00
sockets.json sockets: allow SocketAddress 'fd' to reference numeric file descriptors 2018-03-13 18:06:06 +00:00
string-input-visitor.c qapi: Rewrite string-input-visitor's integer and list parsing 2018-12-13 19:10:06 +01:00
string-output-visitor.c qapi: Use QNull for a more regular visit_type_null() 2017-07-24 13:35:11 +02:00
target.json target/mips: implement QMP query-cpu-definitions command 2019-02-21 19:36:47 +01:00
tpm.json qapi: break long lines at 'data' member 2018-12-13 19:20:11 +01:00
trace-events trace: forbid floating point types 2018-06-27 11:09:29 +01:00
trace.json qapi-schema: Improve section headings 2017-09-04 13:09:12 +02:00
transaction.json block: remove 'x' prefix from experimental bitmap APIs 2019-01-14 10:09:46 -06:00
ui.json display: add -display spice-app launching a Spice client 2019-02-22 07:42:59 +01:00