/qemu/tests/qemu-iotests/ |
H A D | 233 | 45 . ./common.tls 90 --tls-creds tls0 \ 118 --tls-creds=tls0 | _filter_qemu_nbd_exports 124 driver=nbd,host=localhost,port=$nbd_tcp_port,tls-creds=tls0,tls-hostname=127.0.0.1 \ 127 --tls-creds=tls0 --tls-hostname=127.0.0.1 | _filter_qemu_nbd_exports 158 --tls-authz authz0 \ 159 --tls-creds tls0 \ 176 --tls-creds tls0 \ 191 driver=nbd,path=$nbd_unix_socket,tls-creds=tls0,tls-hostname=127.0.0.1 \ 194 --tls-creds=tls0 --tls-hostname=127.0.0.1 2>&1 | _filter_qemu_nbd_exports [all …]
|
H A D | 233.out | 19 qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Denied by server for… 25 Did you forget a valid tls-creds? 45 qemu-img: Could not open 'driver=nbd,host=localhost,port=PORT,tls-creds=tls0': Certificate does not… 60 qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': The certificate hasn… 72 qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Failed to read optio… 73 qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Failed to read optio… 76 qemu-img: Could not open 'driver=nbd,path=SOCK_DIR/qemu-nbd.sock,tls-creds=tls0': No hostname for c… 102 qemu-img: Could not open 'driver=nbd,path=SOCK_DIR/qemu-nbd.sock,tls-creds=tls0': TLS handshake fai…
|
/qemu/ui/ |
H A D | vnc-ws.c | 55 QIOChannelTLS *tls; in vncws_tls_handshake_io() local 68 tls = qio_channel_tls_new_server( in vncws_tls_handshake_io() 73 if (!tls) { in vncws_tls_handshake_io() 80 qio_channel_set_name(QIO_CHANNEL(tls), "vnc-ws-server-tls"); in vncws_tls_handshake_io() 83 vs->ioc = QIO_CHANNEL(tls); in vncws_tls_handshake_io() 85 vs->tls = qio_channel_tls_get_session(tls); in vncws_tls_handshake_io() 87 qio_channel_tls_handshake(tls, in vncws_tls_handshake_io()
|
H A D | vnc-auth-vencrypt.c | 101 QIOChannelTLS *tls; in protocol_client_vencrypt_auth() local 110 tls = qio_channel_tls_new_server( in protocol_client_vencrypt_auth() 115 if (!tls) { in protocol_client_vencrypt_auth() 123 qio_channel_set_name(QIO_CHANNEL(tls), "vnc-server-tls"); in protocol_client_vencrypt_auth() 125 vs->ioc = QIO_CHANNEL(tls); in protocol_client_vencrypt_auth() 127 vs->tls = qio_channel_tls_get_session(tls); in protocol_client_vencrypt_auth() 129 qio_channel_tls_handshake(tls, in protocol_client_vencrypt_auth()
|
H A D | ui-qmp-cmds.c | 117 bool has_tls, bool tls, Error **errp) in qmp_add_client_spice() argument 123 tls = has_tls ? tls : false; in qmp_add_client_spice() 124 if (qemu_spice.display_add_client(fd, skipauth, tls) < 0) { in qmp_add_client_spice() 133 bool has_tls, bool tls, Error **errp) in qmp_add_client_vnc() argument 143 bool has_tls, bool tls, Error **errp) in qmp_add_client_dbus_display() argument
|
H A D | spice-core.c | 201 int tls = info->flags & SPICE_CHANNEL_EVENT_FLAG_TLS; in add_channel_info() local 206 sc->tls = !!tls; in add_channel_info() 404 chan->tls = item->info->flags & SPICE_CHANNEL_EVENT_FLAG_TLS; in qmp_query_spice_channels() 929 static int qemu_spice_display_add_client(int csock, int skipauth, int tls) in qemu_spice_display_add_client() argument 934 if (tls) { in qemu_spice_display_add_client()
|
H A D | spice-module.c | 59 int tls) in qemu_spice_display_add_client_stub() argument
|
/qemu/include/monitor/ |
H A D | qmp-helpers.h | 16 bool has_tls, bool tls, Error **errp); 19 bool has_tls, bool tls, Error **errp); 23 bool has_tls, bool tls, Error **errp); 26 bool has_tls, bool tls, const char *protocol,
|
/qemu/monitor/ |
H A D | qmp-cmds.c | 119 bool has_skipauth, bool skipauth, bool has_tls, bool tls, in qmp_add_client() argument 125 bool has_tls, bool tls, Error **errp); in qmp_add_client() 151 has_tls, tls, errp)) { in qmp_add_client() 158 if (!qmp_add_client_char(fd, has_skipauth, skipauth, has_tls, tls, in qmp_add_client()
|
/qemu/docs/system/ |
H A D | authz.rst | 31 ``tls-creds-x509`` object, which is in fact the default. 192 "service": "qemu-vnc-tls" 200 file /etc/pam.d/qemu-vnc-tls. For a simple file 222 -object authz-pam,id=authz0,service=qemu-vnc-tls 238 will provide ``tls-authz`` property, while any server using SASL will provide 253 echo "CN=laptop.qemu.org,O=QEMU Project,L=London,ST=London,C=GB" >> tls.acl 255 --object authz-list-file,id=authz1,filename=tls.acl \ 256 --object tls-creds-x509,id=tls0,dir=/etc/qemu/tls,verify-peer=yes \ 257 --vnc 0.0.0.0:1,sasl,sasl-authz=auth0,tls-creds=tls0,tls-authz=authz1
|
H A D | vnc-security.rst | 68 -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=off \ 69 -vnc :1,tls-creds=tls0 -monitor stdio 92 -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=on \ 93 -vnc :1,tls-creds=tls0 -monitor stdio 106 -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=on \ 107 -vnc :1,tls-creds=tls0,password=on -monitor stdio 148 -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=on \ 149 -vnc :1,tls-creds=tls0,sasl=on -monitor stdio
|
H A D | tls.rst | 247 ``tls-creds-x509`` class name to the ``--object`` command line argument 283 |qemu_system| -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server 289 |qemu_system| -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=client 291 Network services which support TLS will all have a ``tls-creds`` 297 |qemu_system| -vnc 0.0.0.0:0,tls-creds=tls0 318 --object tls-creds-psk,id=tls0,endpoint=server,dir=/tmp/keys \ 319 --tls-creds tls0 \ 326 --object tls-creds-psk,id=tls0,dir=/tmp/keys,username=rich,endpoint=client \ 328 file.driver=nbd,file.host=localhost,file.port=10809,file.tls-creds=tls0,file.export=/
|
H A D | index.rst | 28 tls
|
/qemu/docs/tools/ |
H A D | qemu-nbd.rst | 40 keys, and the ``tls-creds`` object, which is used to supply TLS 164 .. option:: --tls-creds=ID 171 .. option:: --tls-hostname=hostname 178 to connect to the remote server, the :option:`--tls-hostname` option should 192 .. option:: --tls-authz=ID 236 --object tls-creds-x509,id=tls0,endpoint=server,dir=/path/to/qemutls \ 239 --tls-creds tls0 --tls-authz auth0 \ 273 --object tls-creds-psk,id=tls0,dir=/tmp/keys,username=eblake,endpoint=client \ 274 --tls-creds tls0 -L -b remote.example.com
|
H A D | qemu-storage-daemon.rst | 143 .. option:: --nbd-server addr.type=inet,addr.host=<host>,addr.port=<port>[,tls-creds=<id>][,tls-aut… 144 …--nbd-server addr.type=unix,addr.path=<path>[,tls-creds=<id>][,tls-authz=<id>][,max-connections=<n… 145 --nbd-server addr.type=fd,addr.str=<fd>[,tls-creds=<id>][,tls-authz=<id>][,max-connections=<n>] 149 below). TLS encryption can be configured using ``--object`` tls-creds-* and
|
/qemu/tests/unit/ |
H A D | meson.build | 102 'test-crypto-tlscredsx509': ['crypto-tls-x509-helpers.c', 'pkix_asn1_tab.c', 104 …'test-crypto-tlssession': ['crypto-tls-x509-helpers.c', 'pkix_asn1_tab.c', 'crypto-tls-psk-helpers… 106 … 'test-io-channel-tls': ['io-channel-helpers.c', 'crypto-tls-x509-helpers.c', 'pkix_asn1_tab.c',
|
/qemu/qapi/ |
H A D | ui.json | 255 # @tls: true if the channel is encrypted, false otherwise. 262 'tls': 'bool'}, 302 # @tls-port: The SPICE server's TLS port number. 586 'tls', 'vencrypt', 'sasl' ], 598 'tls-none', 'x509-none', 599 'tls-vnc', 'x509-vnc', 600 'tls-plain', 'x509-plain', 601 'tls-sasl', 'x509-sasl' ], 1591 # @tls-certs: reload tls certs or not. 1596 'data': { '*tls-certs': 'bool' } } [all …]
|
H A D | block-export.json | 20 # @tls-creds: ID of the TLS credentials object (since 2.6). 22 # @tls-authz: ID of the QAuthZ authorization object used to validate 37 '*tls-creds': 'str', 38 '*tls-authz': 'str', 55 # @tls-creds: ID of the TLS credentials object (since 2.6). 57 # @tls-authz: ID of the QAuthZ authorization object used to validate 75 '*tls-creds': 'str', 76 '*tls-authz': 'str',
|
H A D | migration.json | 806 # @tls-creds: ID of the 'tls-creds' object that provides credentials 939 'tls-creds', 'tls-hostname', 'tls-authz', 'max-bandwidth', 1014 # @tls-creds: ID of the 'tls-creds' object that provides credentials 1157 '*tls-creds': 'StrOrNull', 1158 '*tls-hostname': 'StrOrNull', 1159 '*tls-authz': 'StrOrNull', 1250 # @tls-creds: ID of the 'tls-creds' object that provides credentials 1258 # Note: 2.8 omits empty @tls-creds instead. 1386 '*tls-creds': 'str', 1387 '*tls-hostname': 'str', [all …]
|
H A D | char.json | 250 # @tls-creds: the ID of the TLS credentials object (since 2.6) 252 # @tls-authz: the ID of the QAuthZ authorization object against which 282 '*tls-creds': 'str', 283 '*tls-authz' : 'str',
|
H A D | qom.json | 1003 'tls-creds-anon', 1004 'tls-creds-psk', 1005 'tls-creds-x509', 1006 'tls-cipher-suites', 1072 'tls-creds-anon': 'TlsCredsAnonProperties', 1073 'tls-creds-psk': 'TlsCredsPskProperties', 1074 'tls-creds-x509': 'TlsCredsX509Properties', 1075 'tls-cipher-suites': 'TlsCredsProperties',
|
/qemu/include/ui/ |
H A D | qemu-spice-module.h | 34 int (*display_add_client)(int csock, int skipauth, int tls);
|
/qemu/io/ |
H A D | meson.build | 8 'channel-tls.c',
|
/qemu/migration/ |
H A D | meson.build | 31 'tls.c',
|
/qemu/contrib/gitdm/ |
H A D | group-map-individuals | 10 mjt@tls.msk.ru
|