#include "io/channel-websock.h"
#include "io/net-listener.h"
#include "qemu/error-report.h"
+#include "qemu/module.h"
#include "qemu/option.h"
#include "qapi/error.h"
#include "qapi/clone-visitor.h"
QIONetListener *listener;
GSource *hup_source;
QCryptoTLSCreds *tls_creds;
+ char *tls_authz;
TCPChardevState state;
int max_size;
int do_telnetopt;
if (s->is_listen) {
tioc = qio_channel_tls_new_server(
s->ioc, s->tls_creds,
- NULL, /* XXX Use an ACL */
+ s->tls_authz,
&err);
} else {
tioc = qio_channel_tls_new_client(
if (s->tls_creds) {
object_unref(OBJECT(s->tls_creds));
}
+ g_free(s->tls_authz);
qemu_chr_be_event(chr, CHR_EVENT_CLOSED);
}
break;
}
+ if (sock->has_tls_authz && !sock->has_tls_creds) {
+ error_setg(errp, "'tls_authz' option requires 'tls_creds' option");
+ return false;
+ }
+
/* Validate any options which have a dependancy on client vs server */
if (!sock->has_server || sock->server) {
if (sock->has_reconnect) {
return false;
}
if (sock->has_wait) {
- error_setg(errp, "%s",
- "'wait' option is incompatible with "
- "socket in client connect mode");
- return false;
+ warn_report("'wait' option is deprecated with "
+ "socket in client connect mode");
+ if (sock->wait) {
+ error_setg(errp, "%s",
+ "'wait' option is incompatible with "
+ "socket in client connect mode");
+ return false;
+ }
}
}
}
}
}
+ s->tls_authz = g_strdup(sock->tls_authz);
s->addr = addr = socket_address_flatten(sock->addr);
sock->reconnect = qemu_opt_get_number(opts, "reconnect", 0);
sock->has_tls_creds = qemu_opt_get(opts, "tls-creds");
sock->tls_creds = g_strdup(qemu_opt_get(opts, "tls-creds"));
+ sock->has_tls_authz = qemu_opt_get(opts, "tls-authz");
+ sock->tls_authz = g_strdup(qemu_opt_get(opts, "tls-authz"));
addr = g_new0(SocketAddressLegacy, 1);
if (path) {
projects / qemu.git / blobdiff