From a5b284a41516a742a67030f5cf61c9e437046b58 Mon Sep 17 00:00:00 2001 From: Hannes Reinecke Date: Thu, 23 Mar 2023 16:14:53 +0100 Subject: [PATCH] nvme-connect: enable option '--tls' Enable the option '--tls' to activate TLS encrypted connections. Signed-off-by: Hannes Reinecke --- Documentation/nvme-connect.txt | 9 +++++++++ fabrics.c | 6 ++++-- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/Documentation/nvme-connect.txt b/Documentation/nvme-connect.txt index f57b34dd..ea43cb80 100644 --- a/Documentation/nvme-connect.txt +++ b/Documentation/nvme-connect.txt @@ -27,10 +27,12 @@ SYNOPSIS [--keep-alive-tmo=<#> | -k <#>] [--reconnect-delay=<#> | -c <#>] [--ctrl-loss-tmo=<#> | -l <#>] + [--tos=<#> | -T <#>] [--duplicate-connect | -D] [--disable-sqflow | -d] [--hdr-digest | -g] [--data-digest | -G] + [--tls ] [--dump-config | -O] [--output-format= | -o ] @@ -150,6 +152,10 @@ OPTIONS --ctrl-loss-tmo=<#>:: Overrides the default controller loss timeout period (in seconds). +-T <#>:: +--tos=<#>:: + Type of service for the connection (TCP) + -D:: --duplicate-connect:: Allows duplicated connections between same transport host and subsystem @@ -168,6 +174,9 @@ OPTIONS --data-digest:: Generates/verifies data digest (TCP). +--tls:: + Enable TLS encryption (TCP). + -O:: --dump-config:: Print out resulting JSON configuration file to stdout. diff --git a/fabrics.c b/fabrics.c index 1349042d..a1f4c75e 100644 --- a/fabrics.c +++ b/fabrics.c @@ -79,17 +79,18 @@ static const char *nvmf_dup_connect = "allow duplicate connections between same static const char *nvmf_disable_sqflow = "disable controller sq flow control (default false)"; static const char *nvmf_hdr_digest = "enable transport protocol header digest (TCP transport)"; static const char *nvmf_data_digest = "enable transport protocol data digest (TCP transport)"; +static const char *nvmf_tls = "enable TLS"; static const char *nvmf_config_file = "Use specified JSON configuration file or 'none' to disable"; #define NVMF_OPTS(c) \ OPT_STRING("transport", 't', "STR", &transport, nvmf_tport), \ + OPT_STRING("nqn", 'n', "STR", &subsysnqn, nvmf_nqn), \ OPT_STRING("traddr", 'a', "STR", &traddr, nvmf_traddr), \ OPT_STRING("trsvcid", 's', "STR", &trsvcid, nvmf_trsvcid), \ OPT_STRING("host-traddr", 'w', "STR", &c.host_traddr, nvmf_htraddr), \ OPT_STRING("host-iface", 'f', "STR", &c.host_iface, nvmf_hiface), \ OPT_STRING("hostnqn", 'q', "STR", &hostnqn, nvmf_hostnqn), \ OPT_STRING("hostid", 'I', "STR", &hostid, nvmf_hostid), \ - OPT_STRING("nqn", 'n', "STR", &subsysnqn, nvmf_nqn), \ OPT_STRING("dhchap-secret", 'S', "STR", &hostkey, nvmf_hostkey), \ OPT_INT("nr-io-queues", 'i', &c.nr_io_queues, nvmf_nr_io_queues), \ OPT_INT("nr-write-queues", 'W', &c.nr_write_queues, nvmf_nr_write_queues),\ @@ -102,7 +103,8 @@ static const char *nvmf_config_file = "Use specified JSON configuration file or OPT_FLAG("duplicate-connect", 'D', &c.duplicate_connect, nvmf_dup_connect), \ OPT_FLAG("disable-sqflow", 'd', &c.disable_sqflow, nvmf_disable_sqflow), \ OPT_FLAG("hdr-digest", 'g', &c.hdr_digest, nvmf_hdr_digest), \ - OPT_FLAG("data-digest", 'G', &c.data_digest, nvmf_data_digest) \ + OPT_FLAG("data-digest", 'G', &c.data_digest, nvmf_data_digest), \ + OPT_FLAG("tls", 0, &c.tls, nvmf_tls) \ struct tr_config { const char *subsysnqn; -- 2.50.1