On 3/7/19 12:51 PM, Marc-André Lureau wrote: > Hi > >> +++ b/qapi/char.json >> @@ -248,6 +248,11 @@ >> # @addr: socket address to listen on (server=true) >> # or connect to (server=false) >> # @tls-creds: the ID of the TLS credentials object (since 2.6) >> +# @tls-authz: the ID of the QAuthZ authorization object against which >> +# the client's x509 distinguished name will validated. This > > will be? (not a native speaker, but sounds weird to me)
Yes, 'be' is missing.
>> @@ -2568,6 +2568,11 @@ and specifies the id of the TLS credentials to use
>> for the handshake. The
>> credentials must be previously created with the @option{-object tls-creds}
>> argument.
>>
>> +@option{tls-auth} provides the ID of the QAuthZ authorization object against
>> +which the client's x509 distinguished name will validated. This object is
>> only
>
> same
>
>> +resolved at time of use, so can be deleted and recreated on the fly while
>> the
>> +chardev server is active. If missing, it will default to denying access.
>
> Why not have "(since 4.0)" here?
We haven't been using it in .hx doc anywhere else (which in turn feeds
the man page and online documentation); only the QMP descriptions have
used the tag. Uniformly using it in the .hx file might make sense, but
as a much bigger cleanup task separate from this patch that just
preserves existing style.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3226
Virtualization: qemu.org | libvirt.org
signature.asc
Description: OpenPGP digital signature
