| /qemu/crypto/ |
| A D | tlscredsanon.c | 36 qcrypto_tls_creds_anon_load(QCryptoTLSCredsAnon *creds, in qcrypto_tls_creds_anon_load() argument
42 trace_qcrypto_tls_creds_anon_load(creds, in qcrypto_tls_creds_anon_load()
43 creds->parent_obj.dir ? creds->parent_obj.dir : "<nodir>"); in qcrypto_tls_creds_anon_load()
84 if (creds->data.client) { in qcrypto_tls_creds_anon_unload()
86 creds->data.client = NULL; in qcrypto_tls_creds_anon_unload()
89 if (creds->data.server) { in qcrypto_tls_creds_anon_unload()
91 creds->data.server = NULL; in qcrypto_tls_creds_anon_unload()
94 if (creds->parent_obj.dh_params) { in qcrypto_tls_creds_anon_unload()
96 creds->parent_obj.dh_params = NULL; in qcrypto_tls_creds_anon_unload()
126 qcrypto_tls_creds_anon_load(creds, errp); in qcrypto_tls_creds_anon_complete()
[all …]
|
| A D | tlscredspsk.c | 82 creds->parent_obj.dir ? creds->parent_obj.dir : "<nodir>"); in qcrypto_tls_creds_psk_load()
85 if (creds->username) { in qcrypto_tls_creds_psk_load()
127 if (creds->username) { in qcrypto_tls_creds_psk_load()
163 if (creds->data.client) { in qcrypto_tls_creds_psk_unload()
165 creds->data.client = NULL; in qcrypto_tls_creds_psk_unload()
168 if (creds->data.server) { in qcrypto_tls_creds_psk_unload()
170 creds->data.server = NULL; in qcrypto_tls_creds_psk_unload()
173 if (creds->parent_obj.dh_params) { in qcrypto_tls_creds_psk_unload()
215 g_free(creds->username); in qcrypto_tls_creds_psk_finalize()
225 creds->username = g_strdup(value); in qcrypto_tls_creds_psk_prop_set_username()
[all …]
|
| A D | trace-events | 4 qcrypto_tls_creds_load_dh(void *creds, const char *filename) "TLS creds load DH creds=%p filename=%…
5 qcrypto_tls_creds_get_path(void *creds, const char *filename, const char *path) "TLS creds path cre…
8 qcrypto_tls_creds_anon_load(void *creds, const char *dir) "TLS creds anon load creds=%p dir=%s"
11 qcrypto_tls_creds_psk_load(void *creds, const char *dir) "TLS creds psk load creds=%p dir=%s"
14 qcrypto_tls_creds_x509_load(void *creds, const char *dir) "TLS creds x509 load creds=%p dir=%s"
15 …x509_check_basic_constraints(void *creds, const char *file, int status) "TLS creds x509 check basi…
16 …x509_check_key_usage(void *creds, const char *file, int status, int usage, int critical) "TLS cred…
17 …heck_key_purpose(void *creds, const char *file, int status, const char *usage, int critical) "TLS …
18 qcrypto_tls_creds_x509_load_cert(void *creds, int isServer, const char *file) "TLS creds x509 load …
19 qcrypto_tls_creds_x509_load_cert_list(void *creds, const char *file) "TLS creds x509 load cert list…
[all …]
|
| A D | tlscredsx509.c | 89 creds, certFile, status); in qcrypto_tls_creds_check_cert_basic_constraints()
543 creds->parent_obj.dir ? creds->parent_obj.dir : "<nodir>"); in qcrypto_tls_creds_x509_load()
577 if (creds->sanityCheck && in qcrypto_tls_creds_x509_load()
602 if (creds->passwordid) { in qcrypto_tls_creds_x509_load()
657 if (creds->data) { in qcrypto_tls_creds_x509_unload()
659 creds->data = NULL; in qcrypto_tls_creds_x509_unload()
661 if (creds->parent_obj.dh_params) { in qcrypto_tls_creds_x509_unload()
705 creds->sanityCheck = value; in qcrypto_tls_creds_x509_prop_set_sanity()
736 return creds->sanityCheck; in qcrypto_tls_creds_x509_prop_get_sanity()
790 creds->sanityCheck = true; in qcrypto_tls_creds_x509_init()
[all …]
|
| A D | tlscreds.c | 106 if (!creds->dir) { in qcrypto_tls_creds_get_path()
148 creds->verifyPeer = value; in qcrypto_tls_creds_prop_set_verify()
158 return creds->verifyPeer; in qcrypto_tls_creds_prop_get_verify()
169 creds->dir = g_strdup(value); in qcrypto_tls_creds_prop_set_dir()
179 return g_strdup(creds->dir); in qcrypto_tls_creds_prop_get_dir()
200 return g_strdup(creds->priority); in qcrypto_tls_creds_prop_get_priority()
211 creds->endpoint = value; in qcrypto_tls_creds_prop_set_endpoint()
221 return creds->endpoint; in qcrypto_tls_creds_prop_get_endpoint()
250 creds->verifyPeer = true; in qcrypto_tls_creds_init()
259 g_free(creds->dir); in qcrypto_tls_creds_finalize()
[all …]
|
| A D | tlssession.c | 38 QCryptoTLSCreds *creds; member
71 object_unref(OBJECT(session->creds)); in qcrypto_tls_session_free()
133 qcrypto_tls_session_new(QCryptoTLSCreds *creds, in qcrypto_tls_session_new() argument
153 session->creds = creds; in qcrypto_tls_session_new()
154 object_ref(OBJECT(creds)); in qcrypto_tls_session_new()
156 if (creds->endpoint != endpoint) { in qcrypto_tls_session_new()
172 if (object_dynamic_cast(OBJECT(creds), in qcrypto_tls_session_new()
177 if (creds->priority != NULL) { in qcrypto_tls_session_new()
213 if (creds->priority != NULL) { in qcrypto_tls_session_new()
247 const char *prio = creds->priority; in qcrypto_tls_session_new()
[all …]
|
| A D | tls-cipher-suites.c | 37 QCryptoTLSCreds *creds = QCRYPTO_TLS_CREDS(obj); in qcrypto_tls_cipher_suites_get_data() local
44 trace_qcrypto_tls_cipher_suite_priority(creds->priority); in qcrypto_tls_cipher_suites_get_data()
45 ret = gnutls_priority_init(&pcache, creds->priority, &err); in qcrypto_tls_cipher_suites_get_data()
48 creds->priority, gnutls_strerror(ret)); in qcrypto_tls_cipher_suites_get_data()
90 QCryptoTLSCreds *creds = QCRYPTO_TLS_CREDS(uc); in qcrypto_tls_cipher_suites_complete() local
92 if (!creds->priority) { in qcrypto_tls_cipher_suites_complete()
|
| A D | tlscredspriv.h | 73 int qcrypto_tls_creds_get_path(QCryptoTLSCreds *creds,
79 int qcrypto_tls_creds_get_dh_params_file(QCryptoTLSCreds *creds,
|
| A D | secret_common.c | 199 QCryptoSecretCommon *creds = QCRYPTO_SECRET_COMMON(obj); in qcrypto_secret_prop_set_format() local
200 creds->format = value; in qcrypto_secret_prop_set_format()
208 QCryptoSecretCommon *creds = QCRYPTO_SECRET_COMMON(obj); in qcrypto_secret_prop_get_format() local
209 return creds->format; in qcrypto_secret_prop_get_format()
|
| /qemu/tests/qemu-iotests/ |
| A D | 233 | 81 --tls-creds=tls0 2>&1 | _filter_qemu_nbd_exports
90 --tls-creds tls0 \
109 --tls-creds=tls0 2>&1 | _filter_qemu_nbd_exports
118 --tls-creds=tls0 | _filter_qemu_nbd_exports
136 --tls-creds=tls0 2>&1 | _filter_qemu_nbd_exports
159 --tls-creds tls0 \
176 --tls-creds tls0 \
203 --tls-creds tls0 \
208 driver=nbd,path=$nbd_unix_socket,tls-creds=tls0 \
211 --tls-creds=tls0 2>&1 | _filter_qemu_nbd_exports
[all …]
|
| A D | 233.out | 3 == preparing TLS creds ==
19 qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Denied by server for…
25 Did you forget a valid tls-creds?
45 qemu-img: Could not open 'driver=nbd,host=localhost,port=PORT,tls-creds=tls0': Certificate does not…
60 qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': The certificate hasn…
72 qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Failed to read optio…
73 qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Failed to read optio…
76 qemu-img: Could not open 'driver=nbd,path=SOCK_DIR/qemu-nbd.sock,tls-creds=tls0': No hostname for c…
102 qemu-img: Could not open 'driver=nbd,path=SOCK_DIR/qemu-nbd.sock,tls-creds=tls0': TLS handshake fai…
|
| /qemu/migration/ |
| A D | tls.c | 34 Object *creds; in migration_tls_get_creds() local
38 creds = object_resolve_path_component(object_get_objects_root(), tls_creds); in migration_tls_get_creds()
39 if (!creds) { in migration_tls_get_creds()
44 creds, TYPE_QCRYPTO_TLS_CREDS); in migration_tls_get_creds()
78 QCryptoTLSCreds *creds; in migration_tls_channel_process_incoming() local
81 creds = migration_tls_get_creds(QCRYPTO_TLS_CREDS_ENDPOINT_SERVER, errp); in migration_tls_channel_process_incoming()
82 if (!creds) { in migration_tls_channel_process_incoming()
86 tioc = qio_channel_tls_new_server(ioc, creds, migrate_tls_authz(), errp); in migration_tls_channel_process_incoming()
121 QCryptoTLSCreds *creds; in migration_tls_client_create() local
124 if (!creds) { in migration_tls_client_create()
[all …]
|
| /qemu/tests/unit/ |
| A D | test-crypto-tlscredsx509.c | 44 Object *creds = object_new_with_props( in test_tls_creds_create() local
56 if (!creds) { in test_tls_creds_create()
59 return QCRYPTO_TLS_CREDS(creds); in test_tls_creds_create()
75 QCryptoTLSCreds *creds; in test_tls_creds() local
109 creds = test_tls_creds_create( in test_tls_creds()
117 g_assert(creds == NULL); in test_tls_creds()
119 g_assert(creds != NULL); in test_tls_creds()
131 if (creds) { in test_tls_creds()
132 object_unparent(OBJECT(creds)); in test_tls_creds()
|
| A D | test-crypto-tlssession.c | 79 Object *creds = object_new_with_props( in test_tls_creds_psk_create() local
91 return QCRYPTO_TLS_CREDS(creds); in test_tls_creds_psk_create()
211 Object *creds = object_new_with_props( in test_tls_creds_x509_create() local
231 return QCRYPTO_TLS_CREDS(creds); in test_tls_creds_x509_create()
|
| A D | test-io-channel-tls.c | 70 Object *creds = object_new_with_props( in test_tls_creds_create() local
91 return QCRYPTO_TLS_CREDS(creds); in test_tls_creds_create()
|
| /qemu/ |
| A D | blockdev-nbd.c | 138 QCryptoTLSCreds *creds; in nbd_get_tls_creds() local
147 creds = (QCryptoTLSCreds *) in nbd_get_tls_creds()
149 if (!creds) { in nbd_get_tls_creds()
155 if (!qcrypto_tls_creds_check_endpoint(creds, in nbd_get_tls_creds()
161 return creds; in nbd_get_tls_creds()
|
| A D | qemu-nbd.c | 448 QCryptoTLSCreds *creds; in nbd_get_tls_creds() local
457 creds = (QCryptoTLSCreds *) in nbd_get_tls_creds()
459 if (!creds) { in nbd_get_tls_creds()
465 if (!qcrypto_tls_creds_check_endpoint(creds, in nbd_get_tls_creds()
473 return creds; in nbd_get_tls_creds()
|
| /qemu/tests/qemu-iotests/tests/ |
| A D | nbd-tls-iothread.out | 3 == preparing TLS creds and spare port ==
27 "tls-creds": "tls0"}}
39 "export": "drive_image1", "tls-creds": "tls0",
|
| /qemu/include/io/ |
| A D | channel-tls.h | 80 QCryptoTLSCreds *creds,
110 QCryptoTLSCreds *creds,
|
| /qemu/docs/system/ |
| A D | vnc-security.rst | 68 -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=off \
69 -vnc :1,tls-creds=tls0 -monitor stdio
92 -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=on \
93 -vnc :1,tls-creds=tls0 -monitor stdio
106 -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=on \
107 -vnc :1,tls-creds=tls0,password=on -monitor stdio
148 -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server,verify-peer=on \
149 -vnc :1,tls-creds=tls0,sasl=on -monitor stdio
|
| A D | tls.rst | 247 ``tls-creds-x509`` class name to the ``--object`` command line argument
283 |qemu_system| -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=server
289 |qemu_system| -object tls-creds-x509,id=tls0,dir=/etc/pki/qemu,endpoint=client
291 Network services which support TLS will all have a ``tls-creds``
297 |qemu_system| -vnc 0.0.0.0:0,tls-creds=tls0
318 --object tls-creds-psk,id=tls0,endpoint=server,dir=/tmp/keys \
319 --tls-creds tls0 \
326 --object tls-creds-psk,id=tls0,dir=/tmp/keys,username=rich,endpoint=client \
328 file.driver=nbd,file.host=localhost,file.port=10809,file.tls-creds=tls0,file.export=/
|
| /qemu/io/ |
| A D | channel-tls.c | 66 QCryptoTLSCreds *creds, in qio_channel_tls_new_server() argument
84 creds, in qio_channel_tls_new_server()
99 trace_qio_channel_tls_new_server(tioc, master, creds, aclname); in qio_channel_tls_new_server()
109 QCryptoTLSCreds *creds, in qio_channel_tls_new_client() argument
127 creds, in qio_channel_tls_new_client()
142 trace_qio_channel_tls_new_client(tioc, master, creds, hostname); in qio_channel_tls_new_client()
|
| A D | trace-events | 40 …_new_client(void *ioc, void *master, void *creds, const char *hostname) "TLS new client ioc=%p mas…
41 …_new_server(void *ioc, void *master, void *creds, const char *aclname) "TLS new client ioc=%p mast…
|
| /qemu/docs/tools/ |
| A D | qemu-nbd.rst | 40 keys, and the ``tls-creds`` object, which is used to supply TLS
164 .. option:: --tls-creds=ID
236 --object tls-creds-x509,id=tls0,endpoint=server,dir=/path/to/qemutls \
239 --tls-creds tls0 --tls-authz auth0 \
273 --object tls-creds-psk,id=tls0,dir=/tmp/keys,username=eblake,endpoint=client \
274 --tls-creds tls0 -L -b remote.example.com
|
| /qemu/include/crypto/ |
| A D | tlscreds.h | 63 bool qcrypto_tls_creds_check_endpoint(QCryptoTLSCreds *creds,
|