[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 1/1] slirp: add SOCKS5 support
From: |
Laurent Vivier |
Subject: |
Re: [Qemu-devel] [PATCH 1/1] slirp: add SOCKS5 support |
Date: |
Mon, 27 Mar 2017 20:58:50 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 |
Le 27/03/2017 à 20:41, Eric Blake a écrit :
> On 03/27/2017 01:21 PM, Laurent Vivier wrote:
>> When the VM is used behind a firewall, This allows
>> to use a SOCKS5 proxy server to connect the VM IP stack
>
> "allows to $verb" is not idiomatic English; the correct forms are
> generally "allows $subject to $verb" or "allows ${verb}ing". In this
> case, I'd lean towards "this allows the use of a SOCKS5 proxy server"
Thank you, and sorry.
>
>> directly to the Internet.
>>
>> This implementation doesn't manage UDP packets, so they
>> are simply dropped (as with restrict=on), except for
>> the localhost as we need it for DNS.
>>
>> Signed-off-by: Laurent Vivier <address@hidden>
>> ---
>
>> +++ b/qapi-schema.json
>> @@ -3680,6 +3680,9 @@
>> '*ipv6-dns': 'str',
>> '*smb': 'str',
>> '*smbserver': 'str',
>> + '*proxy-server': 'str',
>> + '*proxy-user': 'str',
>> + '*proxy-passwd': 'str',
>
> Why can't we spell this out as password, instead of abbreviating?
because of unix command "passwd" ;) . I will fix.
> Should this hook into the "secrets object" framework so that someone
> does not have to pass the password in plaintext?
>
>> '*hostfwd': ['String'],
>> '*guestfwd': ['String'] } }
>
> Missing documentation.
I will fix.
> Do we want all three proxy elements to be in a substruct? The difference
> is between:
>
> { ... "smb": "foo", "proxy-server": "bar", "proxy-user": "noone",
> "proxy-passwd": "hello" }
>
> and a substruct:
>
> { ... "smb": "foo", "proxy": { "server": "bar", "user", "noone",
> "passwd": "hello" } }
yes, substruct looks better.
>
>>
>> address@hidden address@hidden:@var{port}[,address@hidden,address@hidden
>
> Yes, you DEFINITELY need to hook into the "secrets object" framework to
> avoid having to pass a password in plaintext on the command line. Dan
> Berrange may have more advice on doing that.
>
OK
Thank you for the review.
Laurent
signature.asc
Description: OpenPGP digital signature