| /openbmc/qemu/tests/unit/ |
| H A D | test-authz-simple.c | 30 QAuthZSimple *authz = qauthz_simple_new("authz0", in test_authz_simple() local
34 g_assert(!qauthz_is_allowed(QAUTHZ(authz), "cthul", &error_abort)); in test_authz_simple()
35 g_assert(qauthz_is_allowed(QAUTHZ(authz), "cthulu", &error_abort)); in test_authz_simple()
36 g_assert(!qauthz_is_allowed(QAUTHZ(authz), "cthuluu", &error_abort)); in test_authz_simple()
37 g_assert(!qauthz_is_allowed(QAUTHZ(authz), "fred", &error_abort)); in test_authz_simple()
39 object_unparent(OBJECT(authz)); in test_authz_simple()
|
| H A D | meson.build | 84 'test-authz-simple': [authz],
85 'test-authz-list': [authz],
86 'test-authz-listfile': [authz],
111 tests += {'test-authz-pam': [authz]}
|
| /openbmc/qemu/authz/ |
| H A D | base.c | 26 bool qauthz_is_allowed(QAuthZ *authz, in qauthz_is_allowed() argument
30 QAuthZClass *cls = QAUTHZ_GET_CLASS(authz); in qauthz_is_allowed()
33 allowed = cls->is_allowed(authz, identity, errp); in qauthz_is_allowed()
34 trace_qauthz_is_allowed(authz, identity, allowed); in qauthz_is_allowed()
44 QAuthZ *authz; in qauthz_is_allowed_by_id() local
63 authz = QAUTHZ(obj); in qauthz_is_allowed_by_id()
65 return qauthz_is_allowed(authz, identity, errp); in qauthz_is_allowed_by_id()
|
| H A D | trace-events | 4 qauthz_is_allowed(void *authz, const char *identity, bool allowed) "AuthZ %p check identity=%s allo…
7 qauthz_simple_is_allowed(void *authz, const char *wantidentity, const char *gotidentity) "AuthZ sim…
10 qauthz_list_check_rule(void *authz, const char *identity, const char *rule, int format, int policy)…
11 qauthz_list_default_policy(void *authz, const char *identity, int policy) "AuthZ list %p default id…
14 qauthz_list_file_load(void *authz, const char *filename) "AuthZ file %p load filename=%s"
15 qauthz_list_file_refresh(void *authz, const char *filename, int success) "AuthZ file %p load filena…
18 qauthz_pam_check(void *authz, const char *identity, const char *service) "AuthZ PAM %p identity=%s …
|
| H A D | simple.c | 27 static bool qauthz_simple_is_allowed(QAuthZ *authz, in qauthz_simple_is_allowed() argument
31 QAuthZSimple *sauthz = QAUTHZ_SIMPLE(authz); in qauthz_simple_is_allowed()
33 trace_qauthz_simple_is_allowed(authz, sauthz->identity, identity); in qauthz_simple_is_allowed()
83 QAuthZClass *authz = QAUTHZ_CLASS(oc); in qauthz_simple_class_init() local
87 authz->is_allowed = qauthz_simple_is_allowed; in qauthz_simple_class_init()
|
| H A D | pamacct.c | 30 static bool qauthz_pam_is_allowed(QAuthZ *authz, in qauthz_pam_is_allowed() argument
34 QAuthZPAM *pauthz = QAUTHZ_PAM(authz); in qauthz_pam_is_allowed()
39 trace_qauthz_pam_check(authz, identity, pauthz->service); in qauthz_pam_is_allowed()
109 QAuthZClass *authz = QAUTHZ_CLASS(oc); in qauthz_pam_class_init() local
112 authz->is_allowed = qauthz_pam_is_allowed; in qauthz_pam_class_init()
|
| H A D | listfile.c | 37 qauthz_list_file_is_allowed(QAuthZ *authz, in qauthz_list_file_is_allowed() argument
41 QAuthZListFile *fauthz = QAUTHZ_LIST_FILE(authz); in qauthz_list_file_is_allowed()
226 QAuthZClass *authz = QAUTHZ_CLASS(oc); in qauthz_list_file_class_init() local
237 authz->is_allowed = qauthz_list_file_is_allowed; in qauthz_list_file_class_init()
244 QAuthZListFile *authz = QAUTHZ_LIST_FILE(obj); in qauthz_list_file_init() local
246 authz->file_watch = -1; in qauthz_list_file_init()
248 authz->refresh = true; in qauthz_list_file_init()
|
| H A D | list.c | 28 static bool qauthz_list_is_allowed(QAuthZ *authz, in qauthz_list_is_allowed() argument
32 QAuthZList *lauthz = QAUTHZ_LIST(authz); in qauthz_list_is_allowed()
40 trace_qauthz_list_check_rule(authz, rule->match, identity, in qauthz_list_is_allowed()
60 trace_qauthz_list_default_policy(authz, identity, lauthz->policy); in qauthz_list_is_allowed()
121 QAuthZClass *authz = QAUTHZ_CLASS(oc); in qauthz_list_class_init() local
134 authz->is_allowed = qauthz_list_is_allowed; in qauthz_list_class_init()
|
| /openbmc/qemu/include/authz/ |
| H A D | base.h | 50 bool (*is_allowed)(QAuthZ *authz,
74 bool qauthz_is_allowed(QAuthZ *authz,
|
| /openbmc/qemu/docs/system/ |
| H A D | authz.rst | 78 "qom-type": "authz-simple",
89 -object authz-simple,id=authz0,identity=fred
109 "qom-type": "authz-list",
140 "qom-type": "authz-list-file",
171 -object authz-list-file,id=authz0,\
189 "qom-type": "authz-pam",
222 -object authz-pam,id=authz0,service=qemu-vnc-tls
238 will provide ``tls-authz`` property, while any server using SASL will provide
239 a ``sasl-authz`` property.
246 $QEMU --object authz-simple,id=authz0,identity=fred \
[all …]
|
| H A D | index.rst | 30 authz
|
| /openbmc/qemu/qapi/ |
| H A D | authz.json | 61 # Properties for authz-list objects.
77 # Properties for authz-listfile objects.
97 # Properties for authz-pam objects.
109 # Properties for authz-simple objects.
|
| /openbmc/qemu/ui/ |
| H A D | vnc-auth-sasl.h | 62 QAuthZ *authz; member
|
| H A D | vnc.c | 40 #include "authz/list.h"
3520 if (vd->sasl.authz) { in vnc_display_close()
3521 object_unparent(OBJECT(vd->sasl.authz)); in vnc_display_close()
3522 vd->sasl.authz = NULL; in vnc_display_close()
3637 .name = "tls-authz",
3640 .name = "sasl-authz",
4163 tlsauthz = qemu_opt_get(opts, "tls-authz"); in vnc_display_open()
4165 error_setg(errp, "'tls-authz' provided but TLS is not enabled"); in vnc_display_open()
4169 saslauthz = qemu_opt_get(opts, "sasl-authz"); in vnc_display_open()
4171 error_setg(errp, "'sasl-authz' provide in vnc_display_open()
[all...] |
| /openbmc/qemu/docs/tools/ |
| H A D | qemu-storage-daemon.rst | 145 …er addr.type=inet,addr.host=<host>,addr.port=<port>[,tls-creds=<id>][,tls-authz=<id>][,max-connect…
146 …--nbd-server addr.type=unix,addr.path=<path>[,tls-creds=<id>][,tls-authz=<id>][,max-connections=<n…
147 --nbd-server addr.type=fd,addr.str=<fd>[,tls-creds=<id>][,tls-authz=<id>][,max-connections=<n>]
152 authz-* secrets (see below).
|
| H A D | qemu-nbd.rst | 199 .. option:: --tls-authz=ID
244 --object 'authz-simple,id=auth0,identity=CN=laptop.example.com,,\
246 --tls-creds tls0 --tls-authz auth0 \
|
| /openbmc/qemu/tests/qemu-iotests/ |
| H A D | 233.out | 110 qemu-nbd: option negotiation failed: TLS x509 authz check for DISTINGUISHED-NAME is denied
111 qemu-nbd: option negotiation failed: TLS x509 authz check for DISTINGUISHED-NAME is denied
|
| H A D | 233 | 158 --tls-authz authz0 \
|
| /openbmc/qemu/storage-daemon/qapi/ |
| H A D | qapi-schema.json | 64 { 'include': '../../qapi/authz.json' }
|
| /openbmc/ |
| D | opengrok1.0.log | 3165 2026-02-07 03:01:08.146-0600 FINEST t523 IndexDatabase.setupDeletedUids: live doc: '/openbmc/qemu/tests/unit/test-authz-list.c' (1,572) at 20210927100127641
4437 2026-02-07 03:01:08.224-0600 FINEST t523 IndexDatabase.setupDeletedUids: live doc: '/openbmc/qemu/include/authz/listfile.h' (2,844) at 20210927100127221
5177 2026-02-07 03:01:08.287-0600 FINEST t523 IndexDatabase.setupDeletedUids: live doc: '/openbmc/qemu/tests/unit/test-authz-pam.c' (3,584) at 20210927100127641
[all...] |
| D | opengrok2.0.log | 3123 2026-02-06 03:01:09.414-0600 FINEST t487 IndexDatabase.setupDeletedUids: live doc: '/openbmc/qemu/tests/unit/test-authz-list.c' (1,572) at 20210927100127641
4395 2026-02-06 03:01:09.493-0600 FINEST t487 IndexDatabase.setupDeletedUids: live doc: '/openbmc/qemu/include/authz/listfile.h' (2,844) at 20210927100127221
5135 2026-02-06 03:01:09.534-0600 FINEST t487 IndexDatabase.setupDeletedUids: live doc: '/openbmc/qemu/tests/unit/test-authz-pam.c' (3,584) at 20210927100127641
[all...] |