Re: [Qemu-devel] [PATCH v2 5/5] ui: convert VNC server to use QCryptoTLSSession

Daniel P. Berrange Tue, 11 Aug 2015 10:23:21 -0700

On Tue, Aug 11, 2015 at 06:44:34PM +0200, Paolo Bonzini wrote:
> 
> 
> On 11/08/2015 16:26, Daniel P. Berrange wrote:
> >   -object tls-creds,id=tls0,credtype=anon,endpoint=server \
> >   -vnc hostname:0,tls-creds=tls0
> > 
> > Old syntax for x509 credentials, no client certs:
> > 
> >   -vnc hostname:0,tls,x509=/path/to/certs
> > 
> > New syntax:
> > 
> >   -object 
> > tls-creds,id=tls0,credtype=x509,dir=/path/to/certs,endpoint=server,verify-peer=no
> >  \
> >   -vnc hostname:0,tls-creds=tls0
> > 
> > Old syntax for x509 credentials, requiring client certs:
> > 
> >   -vnc hostname:0,tls,x509verify=/path/to/certs
> 
> Would it be possible to change credtype=foo to subclasses of the
> abstract tls-creds class?  That is
> 
>    -object tls-creds-anon,id=tls0,endpoint=server
>    -object 
> tls-creds-x509,id=tls0,dir=/path/to/certs,endpoint=server,verify-peer=yes|no
> 
> This would be more similar to how -object is usually used.  You
> get to choose whether to keep the union or have separate structs
> QCryptoTLSCredsX509 and QCryptoTLSCredsAnonymous.


Yeah that would work too.

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

Re: [Qemu-devel] [PATCH v2 5/5] ui: convert VNC server to use QCryptoTLSSession

Reply via email to