From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1LWdC5-0001pf-BT
	for qemu-devel@nongnu.org; Mon, 09 Feb 2009 15:57:29 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1LWdC4-0001pT-Jp
	for qemu-devel@nongnu.org; Mon, 09 Feb 2009 15:57:28 -0500
Received: from [199.232.76.173] (port=42039 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1LWdC4-0001pQ-EM
	for qemu-devel@nongnu.org; Mon, 09 Feb 2009 15:57:28 -0500
Received: from mx2.redhat.com ([66.187.237.31]:58913)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <ehabkost@redhat.com>) id 1LWdC3-0002Yh-Kv
	for qemu-devel@nongnu.org; Mon, 09 Feb 2009 15:57:28 -0500
Date: Mon, 9 Feb 2009 18:57:04 -0200
From: Eduardo Habkost <ehabkost@redhat.com>
Subject: Re: [Qemu-devel] [PATCH 0/9] encryption code changes
Message-ID: <20090209205704.GI5336@blackpad>
References: <1233954540-4754-1-git-send-email-ehabkost@redhat.com>
	<498CCB11.1090005@codemonkey.ws>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <498CCB11.1090005@codemonkey.ws>
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Anthony Liguori <anthony@codemonkey.ws>
Cc: qemu-devel@nongnu.org

On Fri, Feb 06, 2009 at 05:43:13PM -0600, Anthony Liguori wrote:
> Eduardo Habkost wrote:
>> Hi,
>>
>> This patch series for qemu contain multiple changes on the way encryption
>> and authentication code is handled.
>>
>> The first patch is a behaviour change to avoid silent security holes on
>> the VNC server caused by user configuration errors.
>>
>> Patches 2 and 3 are bugfixes to some of the multiple problems
>> I had with monitor_readline(), when testing the qcow encryption
>> support. monitor_readline() is still not completely functional, but
>> at least it allows the qcow password to be read when an qcow encrypted
>> image is specified on the command-line, now.
>>
>> The remaining patches may be more controversial. The first half makes the
>> use of aes.c and d3des.c optional at compile time. The rest remove aes.c
>> and d3des.c from the source tree and replace them with calls to libgcrypt.
>>   
>
> What's the availability of libgcrypt?  Are there Windows versions  
> readily available?  That would be my biggest concern here.

libgcrypt is included on the GnuTLS Windows package. I didn't test the
changes under Windows, though.

-- 
Eduardo