From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:41651)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1ZPCfN-00088R-HF
	for qemu-devel@nongnu.org; Tue, 11 Aug 2015 12:44:46 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1ZPCfI-0003ZC-Ib
	for qemu-devel@nongnu.org; Tue, 11 Aug 2015 12:44:45 -0400
Received: from mx1.redhat.com ([209.132.183.28]:34530)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1ZPCfI-0003Z7-CQ
	for qemu-devel@nongnu.org; Tue, 11 Aug 2015 12:44:40 -0400
Received: from int-mx09.intmail.prod.int.phx2.redhat.com
	(int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22])
	by mx1.redhat.com (Postfix) with ESMTPS id 8F1F48F260
	for <qemu-devel@nongnu.org>; Tue, 11 Aug 2015 16:44:39 +0000 (UTC)
References: <1439303203-15999-1-git-send-email-berrange@redhat.com>
	<1439303203-15999-6-git-send-email-berrange@redhat.com>
From: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <55CA2672.80006@redhat.com>
Date: Tue, 11 Aug 2015 18:44:34 +0200
MIME-Version: 1.0
In-Reply-To: <1439303203-15999-6-git-send-email-berrange@redhat.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] [PATCH v2 5/5] ui: convert VNC server to use
	QCryptoTLSSession
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: "Daniel P. Berrange" <berrange@redhat.com>, qemu-devel@nongnu.org
Cc: Gerd Hoffmann <kraxel@redhat.com>



On 11/08/2015 16:26, Daniel P. Berrange wrote:
>   -object tls-creds,id=3Dtls0,credtype=3Danon,endpoint=3Dserver \
>   -vnc hostname:0,tls-creds=3Dtls0
>=20
> Old syntax for x509 credentials, no client certs:
>=20
>   -vnc hostname:0,tls,x509=3D/path/to/certs
>=20
> New syntax:
>=20
>   -object tls-creds,id=3Dtls0,credtype=3Dx509,dir=3D/path/to/certs,endp=
oint=3Dserver,verify-peer=3Dno \
>   -vnc hostname:0,tls-creds=3Dtls0
>=20
> Old syntax for x509 credentials, requiring client certs:
>=20
>   -vnc hostname:0,tls,x509verify=3D/path/to/certs

Would it be possible to change credtype=3Dfoo to subclasses of the
abstract tls-creds class?  That is

   -object tls-creds-anon,id=3Dtls0,endpoint=3Dserver
   -object tls-creds-x509,id=3Dtls0,dir=3D/path/to/certs,endpoint=3Dserve=
r,verify-peer=3Dyes|no

This would be more similar to how -object is usually used.  You
get to choose whether to keep the union or have separate structs
QCryptoTLSCredsX509 and QCryptoTLSCredsAnonymous.

Paolo