OpenE2K
/
qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
qemu-e2k/include
History
Richard W.M. Jones e1a6dc91dd crypto: Implement TLS Pre-Shared Keys (PSK). 
Pre-Shared Keys (PSK) is a simpler mechanism for enabling TLS
connections than using certificates.  It requires only a simple secret
key:

  $ mkdir -m 0700 /tmp/keys
  $ psktool -u rjones -p /tmp/keys/keys.psk
  $ cat /tmp/keys/keys.psk
  rjones:d543770c15ad93d76443fb56f501a31969235f47e999720ae8d2336f6a13fcbc

The key can be secretly shared between clients and servers.  Clients
must specify the directory containing the "keys.psk" file and a
username (defaults to "qemu").  Servers must specify only the
directory.

Example NBD client:

  $ qemu-img info \
    --object tls-creds-psk,id=tls0,dir=/tmp/keys,username=rjones,endpoint=client \
    --image-opts \
    file.driver=nbd,file.host=localhost,file.port=10809,file.tls-creds=tls0,file.export=/

Example NBD server using qemu-nbd:

  $ qemu-nbd -t -x / \
    --object tls-creds-psk,id=tls0,endpoint=server,dir=/tmp/keys \
    --tls-creds tls0 \
    image.qcow2

Example NBD server using nbdkit:

  $ nbdkit -n -e / -fv \
    --tls=on --tls-psk=/tmp/keys/keys.psk \
    file file=disk.img

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
 		2018-07-03 13:04:38 +01:00
..
block nbd/client: Add x-dirty-bitmap to query bitmap from server 2018-07-02 15:27:38 -05:00
chardev chardev: comment details for CLOSED event 2018-06-30 17:50:48 +02:00
crypto crypto: Implement TLS Pre-Shared Keys (PSK). 2018-07-03 13:04:38 +01:00
disas RISC-V Disassembler 2018-03-07 08:30:28 +13:00
exec * IEC units series (Philippe) 2018-07-02 19:07:19 +01:00
fpu fpu/softfloat: Specialize on snan_bit_is_one 2018-05-17 15:27:15 -07:00
hw * IEC units series (Philippe) 2018-07-02 19:07:19 +01:00
io qio: non-default context for TLS handshake 2018-03-06 10:19:07 +00:00
libdecnumber Clean up ill-advised or unusual header guards 2016-07-12 16:20:46 +02:00
migration typedefs: add QJSON 2018-06-15 14:40:56 +01:00
monitor monitor: new parameter "x-oob" 2018-03-27 10:17:45 -05:00
net net: Remove the deprecated "vlan" parameter 2018-05-14 15:47:14 +08:00
qapi block: Add block-specific QDict header 2018-06-15 14:49:44 +02:00
qemu cutils: Do not include "qemu/units.h" directly 2018-07-02 15:41:17 +02:00
qom cpu: Assert asidx_from_attrs return value in range 2018-07-02 08:09:49 -07:00
scsi pr-manager: add query-pr-managers QMP command 2018-06-28 19:05:35 +02:00
standard-headers linux-headers: Update to kernel mainline commit b357bf602 2018-06-22 13:28:35 +01:00
sysemu s390/ipl: fix ipl with -no-reboot 2018-07-02 10:37:38 +02:00
ui Add gles support to egl-helpers, wire up in egl-headless and gtk. 2018-06-26 13:48:49 +02:00
elf.h linux-user: ARM-FDPIC: Identify ARM FDPIC binaries 2018-05-03 18:25:29 +02:00
glib-compat.h glib: enforce the minimum required version and warn about old APIs 2018-06-29 12:22:28 +01:00
qemu-common.h qemu-options: Bail out on unsupported options instead of silently ignoring them 2018-05-09 00:13:39 +02:00
qemu-io.h qemu-io: Let command functions return error code 2018-06-11 16:18:45 +02:00
trace-tcg.h trace: get rid of generated-events.h/generated-events.c 2016-10-12 09:54:52 +02:00