nbd: enable use of TLS with NBD block driver

This modifies the NBD driver so that it is possible to request use of TLS. This is done by providing the 'tls-creds' parameter with the ID of a previously created QCryptoTLSCreds object. For example $QEMU -object tls-creds-x509,id=tls0,endpoint=client,\ dir=/home/berrange/security/qemutls \ -drive driver=nbd,host=localhost,port=9000,tls-creds=tls0 The client will drop the connection if the NBD server does not provide TLS. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <1455129674-17255-15-git-send-email-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
author: Daniel P. Berrange <berrange@redhat.com> 2016-02-10 18:41:12 +0000
committer: Paolo Bonzini <pbonzini@redhat.com> 2016-02-16 17:16:33 +0100
commit: 75822a12c046646684bc8cad6296842b60e7b6bb (patch)
tree: b096aa336514a9af14f9115f6d77b9f91fb08f54 /block/nbd-client.h
parent: f95910fe6bbf64bb9b5cea7546a1778ba96ce782 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/block/nbd-client.h b/block/nbd-client.h
index e8b3283382..53f116d017 100644
--- a/block/nbd-client.h
+++ b/block/nbd-client.h
@@ -39,6 +39,8 @@ NbdClientSession *nbd_get_client_session(BlockDriverState *bs);
 int nbd_client_init(BlockDriverState *bs,
                     QIOChannelSocket *sock,
                     const char *export_name,
+                    QCryptoTLSCreds *tlscreds,
+                    const char *hostname,
                     Error **errp);
 void nbd_client_close(BlockDriverState *bs);
author	Daniel P. Berrange <berrange@redhat.com>	2016-02-10 18:41:12 +0000
committer	Paolo Bonzini <pbonzini@redhat.com>	2016-02-16 17:16:33 +0100
commit	75822a12c046646684bc8cad6296842b60e7b6bb (patch)
tree	b096aa336514a9af14f9115f6d77b9f91fb08f54 /block/nbd-client.h
parent	f95910fe6bbf64bb9b5cea7546a1778ba96ce782 (diff)