On Mon, Aug 24, 2015 at 02:46:30PM -0600, Eric Blake wrote: > On 08/24/2015 08:14 AM, Daniel P. Berrange wrote: > > Introduce a QCryptoTLSCredsAnon class which is used to > > manage anonymous TLS credentials. Use of this class is > > generally discouraged since it does not offer strong > > security, but it is required for backwards compatibility > > with the current VNC server implementation. > > > > Simple example CLI configuration: > > > > $QEMU -object tls-creds-anon,id=tls0,endpoint=server > > > > Example using pre-created diffie-hellman parameters > > > > $QEMU -object tls-creds-anon,id=tls0,endpoint=server,\ > > dir=/path/to/creds/dir > > > > The 'id' value in the -object args will be used to associate the > > credentials with the network services. For eample, when the VNC > > s/eample/example/ > > > server is later converted it would use > > > > $QEMU -object tls-creds-anon,id=tls0,.... \ > > -vnc 127.0.0.1:1,tls-creds=tls0 > > > > Signed-off-by: Daniel P. Berrange <berra...@redhat.com> > > --- > > > +++ b/crypto/init.c > > @@ -20,6 +20,7 @@ > > > > #include "crypto/init.h" > > #include "crypto/tlscreds.h" > > +#include "crypto/tlscredsanon.h" > > #include "qemu/thread.h" > > > > #ifdef CONFIG_GNUTLS > > @@ -144,6 +145,7 @@ int qcrypto_init(Error **errp) > > * clever enough to see the constructor :-( > > */ > > qcrypto_tls_creds_dummy(); > > + qcrypto_tls_creds_anon_dummy(); > > Are there any gcc hacks such as adding __attribute__((used)) that might > help?
I finally figured out that we can use -Wl,--whole-archive when linking to libqemuutil.a to fix this properly. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|