Re: [libvirt] [PATCH 04/12] Generic module for handling TLS encryption and x509 certs
On 03/18/2011 12:54 PM, Daniel P. Berrange wrote:
This provides two modules for handling TLS
* virNetTLSContext provides the process-wide state, in particular
all the x509 credentials, DH params and x509 whitelists
* virNetTLSSession provides the per-connection state, ie the
TLS session itself.
The virNetTLSContext provides APIs for validating a TLS session's
x509 credentials. The virNetTLSSession includes APIs for performing
the initial TLS handshake and sending/recving encrypted data
* src/Makefile.am: Add to libvirt-net-rpc.la
* src/rpc/virnettlscontext.c, src/rpc/virnettlscontext.h: Generic
TLS handling code
* bootstrap.conf: Add fnmatch module
+
+virNetTLSContextPtr virNetTLSContextNewServerPath(const char *pkipath,
+ bool tryUserPkiPath,
+ const char *const*x509dnWhitelist,
+ bool requireValidCert);
ATTRIBUTE_NONNULL(1)
Likewise check if anything else in the header needs annotations.
ACK with that nit fixed.
--
Eric Blake eblake(a)redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 619 bytes)