From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44464) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aiQuT-0004Yu-Ex for qemu-devel@nongnu.org; Tue, 22 Mar 2016 14:20:06 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aiQuP-0007yO-9U for qemu-devel@nongnu.org; Tue, 22 Mar 2016 14:20:05 -0400 References: <1457635927-23045-1-git-send-email-berrange@redhat.com> <1457636396-24983-1-git-send-email-berrange@redhat.com> <1457636396-24983-8-git-send-email-berrange@redhat.com> From: Eric Blake Message-ID: <56F18CCB.4030404@redhat.com> Date: Tue, 22 Mar 2016 12:19:55 -0600 MIME-Version: 1.0 In-Reply-To: <1457636396-24983-8-git-send-email-berrange@redhat.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="Wds4hAeifDUKiWUBEImrQO48bq3KiDhLH" Subject: Re: [Qemu-devel] [PATCH v3 08/10] nbd: allow an ACL to be set with nbd-server-start QMP command List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Daniel P. Berrange" , qemu-devel@nongnu.org Cc: Paolo Bonzini , qemu-block@nongnu.org, Markus Armbruster , =?UTF-8?Q?Andreas_F=c3=a4rber?= , Max Reitz This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --Wds4hAeifDUKiWUBEImrQO48bq3KiDhLH Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 03/10/2016 11:59 AM, Daniel P. Berrange wrote: > As with the previous patch to qemu-nbd, the nbd-server-start > QMP command also needs to be able to specify an ACL when > enabling TLS encryption. >=20 > First the client must create a QAuthZ object instance using > the 'object-add' command: >=20 > Signed-off-by: Daniel P. Berrange > --- > +++ b/qapi/block.json > @@ -147,6 +147,7 @@ > # > # @addr: Address on which to listen. > # @tls-creds: (optional) ID of the TLS credentials object. Since 2.6 > +# @tls-acl: (optional) ID of the QAuthZ authorization object. Since 2.= 6 > # > # Returns: error if the server is already running. > # > @@ -154,7 +155,8 @@ > ## > { 'command': 'nbd-server-start', > 'data': { 'addr': 'SocketAddress', > - '*tls-creds': 'str'} } > + '*tls-creds': 'str', > + '*tls-acl': 'str'} } > =20 Interface change is deceptively simple :) Reviewed-by: Eric Blake --=20 Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --Wds4hAeifDUKiWUBEImrQO48bq3KiDhLH Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJW8YzLAAoJEKeha0olJ0NqLsgIALC4ShnmlaZkqjDqFwlG35T2 s30ZL+CW5QYk4oIasKXyPkPzl1Ks3QToHhg7lJEDD93bAXDkUDPzWwCA9A44yELE MgY6bAx9U2ciQpG7+4vY6eyQ4wwzk60C/xAaL7C4LsthkCVrNAF8+PigqV4LP/pG LdcY0H03zvZAok4GtBtouaQbNK0CfsRKwvxc1N7H92M7Ttf47RQL5g46EEiX72dv yCHAnQfP89hcqc1e4I6Iw97/Y538AkYVvNIkTVa6VufE9vjh7LYFJX80y55a2FBf FzYLu+OmlYSdc0LbG4UJ93gF6mtyyn1R2UyBCNE+TFm34DVjabRwtL96EH0khYI= =NkPU -----END PGP SIGNATURE----- --Wds4hAeifDUKiWUBEImrQO48bq3KiDhLH--