From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([140.186.70.92]:59386)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <eblake@redhat.com>) id 1RpOIe-0000Aw-1A
	for qemu-devel@nongnu.org; Mon, 23 Jan 2012 13:07:25 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <eblake@redhat.com>) id 1RpOIb-0008Kn-SS
	for qemu-devel@nongnu.org; Mon, 23 Jan 2012 13:07:23 -0500
Received: from mx1.redhat.com ([209.132.183.28]:39362)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <eblake@redhat.com>) id 1RpOIb-0008Ka-J8
	for qemu-devel@nongnu.org; Mon, 23 Jan 2012 13:07:21 -0500
Message-ID: <4F1DA1D5.1010600@redhat.com>
Date: Mon, 23 Jan 2012 11:07:17 -0700
From: Eric Blake <eblake@redhat.com>
MIME-Version: 1.0
References: <1327140203-3165-1-git-send-email-ronniesahlberg@gmail.com>
	<1327140203-3165-2-git-send-email-ronniesahlberg@gmail.com>
In-Reply-To: <1327140203-3165-2-git-send-email-ronniesahlberg@gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature";
	boundary="------------enigF2D074369E66F877E56A84E3"
Subject: Re: [Qemu-devel] [PATCH] iSCSI: add configuration variables for
	iSCSI
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Cc: kwolf@redhat.com, qemu-devel@nongnu.org

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigF2D074369E66F877E56A84E3
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On 01/21/2012 03:03 AM, Ronnie Sahlberg wrote:
> This patch adds configuration variables for iSCSI to set
> initiator-name to use when logging in to the target,
> which type of header-digest to negotiate with the target
> and username and password for CHAP authentication.
>=20
> This allows specifying a initiator-name either from the command line
> -iscsi initiator-name=3Diqn.2004-01.com.example:test
> or from a configuration file included with -readconfig
>     [iscsi]
>       initiator-name =3D iqn.2004-01.com.example:test
>       header-digest =3D CRC32C|CRC32C-NONE|NONE-CRC32C|NONE
>       user =3D CHAP username
>       password =3D CHAP password
>=20

Can -readconfig support reading from an inherited fd, rather than only
taking a file name that qemu has to open()?  That way, libvirt could
create a pipe, pass in the fd with something like '-readconfig fd:nnn',
then pass in the configuration data over the pipe without ever having to
store the unencrypted CHAP password in an on-disk file (libvirt has
mechanisms already in place for storing authentication data in a secure
manner, but once libvirt has decrypted secure storage into something
that qemu can consume, writing it out to a temporary file on disk
defeats some of the security).

> +++ b/qemu-doc.texi
> @@ -730,6 +730,41 @@ export LIBISCSI_CHAP_PASSWORD=3D<password>
>  iscsi://<host>/<target-iqn-name>/<lun>
>  @end example
> =20
> +Various session related parameters can be set via special options, eit=
her
> +in a configuration file provided via '-readconfig' or directly on the
> +command line.
> +
> +@example
> +Setting a specific initiator name to use when logging in to the target=

> +-iscsi initiator-name=3Diqn.qemu.test:my-initiator
> +@end example
> +
> +@example
> +Controlling which type of header digest to negotiate with the target
> +-iscsi header-digest=3DCRC32C|CRC32C-NONE|NONE-CRC32C|NONE
> +@end example
> +
> +These can also be set via a configuration file
> +@example
> +[iscsi]
> +  user =3D "CHAP username"
> +  password =3D "CHAP password"
> +  initiator-name =3D "iqn.qemu.test:my-initiator"
> +  # header digest is one of CRC32C|CRC32C-NONE|NONE-CRC32C|NONE
> +  header-digest =3D "CRC32C"
> +@end example

Can you give an actual command line that uses -readconfig, as part of
your example?

> +
> +Settign the target name allows different options for different targets=


s/Settign/Setting/

--=20
Eric Blake   eblake@redhat.com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org


--------------enigF2D074369E66F877E56A84E3
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Public key at http://people.redhat.com/eblake/eblake.gpg
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBCAAGBQJPHaHVAAoJEKeha0olJ0Nq4HQH/RfzncgYpz2juFKEd4ZAbYTS
LpZ7d2AREHS6rXmPMteJ3jCsym8o6Ois/YUD0HRaIRJWaGQiJQLYJunCS45wkSFK
rs8pBGbBWpGfeuZt+pUSAr+NShTYK1as7KtUBpbl9bqhOYHILU3m532Mvl9z86qS
fElvD0oQQsLkzq2zBbkUUzlpNmAIjbdkj32GilMmlQbE+qqtVCOcpShXzGxWc7Cz
3zIOym+GLM3NVvw6bnN3GCt3i1ebb5m8WCVYgE+hr1WlWvT9gxiJ3lmtH5Ix35cl
lzcTovi+pcqiITZebbOcOjFo4kRlubqD8Dp6srTkyaJSF6kWJBxVwp+PDtjrOyQ=
=lAnT
-----END PGP SIGNATURE-----

--------------enigF2D074369E66F877E56A84E3--