Commit Graph

28 Commits

Author SHA1 Message Date
Daniel P. Berrange
25ff8dd29e docs: update instructions for TLS cert generation
Currently we only describe setting the CN field for server certs. This leads
to inevitable pain for users who set it to the fully qualified hostname and
then use a unqualified hostname or IP address to connect in the URI. Describe
the usage of Subject Alt Name extensions, to provide multiple hostnames and
IP addresses. This will help users avoid the classic mistake and is important
future proofing, since at least in browsers, TLS libraries no longer use the
CN field for validation, mandating use of SAN info instead.

Reviewed-by: John Ferlan <jferlan@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-12-07 09:21:04 +00:00
Daniel P. Berrange
b1c81567c7 docs: switch to using HTML5 doctype declaration
The HTML5 doctype is simply

  <!DOCTYPE html>

no DTD is present because HTML5 is no longer defined as an
extension of SGML.

XSL has no way to natively output a doctype without a public
or system identifier, so we have to use an <xsl:text> hack
instead.

See also

  https://dev.w3.org/html5/html-author/#doctype-declaration

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-08-02 17:00:11 +01:00
Daniel P. Berrange
4e42ff6b7e docs: switch to using 'id' attribute instead of 'name' for links
The 'name' attribute on <a...> elements is deprecated in favour
of the 'id' attribute which is allowed on any element. HTML5
drops 'name' support entirely.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-08-02 17:00:11 +01:00
Erik Skultety
9c25d7a4ca docs: Utilize our XSLT list generating template more
Since we do have this template at hand, why not using it wherever
possible (list of supported pool types and remote access section).
Also, perform some stylistic micro adjustments.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2017-04-24 12:37:37 +02:00
Pino Toscano
9b39a9dcf4 docs: fix default value for sshauth option of libssh2/libssh
Both transports include "password" in their default authentication
methods.
2016-11-15 15:50:51 +01:00
Pino Toscano
22eaee8e01 remote: expose a new libssh transport
Implement in virtNetClient and VirNetSocket the needed functions to
expose a new libssh transport, providing all the options that the
libssh2 transport supports.
2016-11-15 15:50:51 +01:00
Daniel P. Berrange
fb2236f9f7 Revert "syntax-check: Enforce <code> inside <dt> elements"
This reverts commit 1f29f3da06.

Assuming <dt> is always used to document symbols is way too
broad, requiring far too many exemptions to be marked to
avoid syntax check rules.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-11-11 12:15:05 +00:00
Daniel P. Berrange
c255bc7185 docs: expand docs on user x509 cert locations
The layout in $HOME/.pki is different from that in /etc/pki
but we never tell anyone about this trap. Add docs showing
the required $HOME/.pki layout.
2016-09-19 11:02:26 +01:00
Daniel P. Berrange
416358d99d remote: allow TLS protocol/cipher priority override in URI
Add support for a "tls_priority" URI parameter in remote
driver URIs. eg

 qemu+tls://localhost/session?tls_priority=NORMAL:-VERS-SSL3.0

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-06-08 13:48:45 +01:00
Andrea Bolognani
1f29f3da06 syntax-check: Enforce <code> inside <dt> elements
Commit 61b070cf20 cleaned up a number of cases where the <dt>
element was used to document symbols, but the symbol itself was
not inside a <code> element.

To make sure we don't end up having to clean up again a few
months from now, introduce a syntax-check rule that can spot
such mistakes.

All existing exceptions are marked as such, with either file
or line granularity depending on the case.
2016-04-25 12:09:34 +02:00
Andrea Bolognani
61b070cf20 docs: Use <code> inside <dt> for symbols
Most of the time, the <dt> tag is used when providing
documentation for a symbol; enclose symbols in <code> tags to
style them appropriately.
2016-04-22 10:36:14 +02:00
Nehal J Wani
968a46923a Fix typos in various docs
Fix 8 minor spelling errors in docs/*.html.in
2013-12-02 10:21:26 +08:00
Daniel P. Berrange
f2f9742d4d Fix multiple formatting problems in HTML docs
The rule generating the HTML docs passing the --html flag
to xsltproc. This makes it use the legacy HTML parser, which
either ignores or tries to fix all sorts of broken XML tags.
There's no reason why we should be writing broken XML in
the first place, so removing --html and adding the XHTML
doctype to all files forces us to create good XML.

This adds the XHTML doc type and fixes many, many XML tag
problems it exposes.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-05-03 15:56:15 +01:00
Ján Tomko
149c87b49d Various typos and misspellings 2012-10-12 00:03:43 +02:00
Peter Krempa
239c5d7138 libssh2_transport: Add docs to remote.html
Describe the existence of the transport driver and document the
configurable options.
2012-08-24 15:50:20 +02:00
Stef Walter
53e1d56dd4 Change the default of mdns_adv to false
* Don't advertise information on the network without consent of
   the user, either through manual configuration, or a user
   interface that drives this option.
 * Since libvirtd must be configured for network access anyway
   (for all but ssh), this setting was not useful "out of the box",
   so changing this default setting does not remove "out of the box"
   functionality.
2012-03-27 09:54:49 -06:00
Daniel P. Berrange
977ba05973 Add some docs about the RPC protocol and APIs
* remote.html.in: Remove obsolete notes about internals of the
  RPC protocol
* internals/rpc.html.in: Extensive docs on RPC protocol/API
* sitemap.html.in: Add new page
2011-08-12 13:54:10 +01:00
Oskari Saarenmaa
6b01c83a63 remote/ssh: optional "keyfile" parameter.
New optional parameter "keyfile" for ssh transport allows the user to select
the private key to be used to authenticate to the remote host.
2011-07-22 07:49:49 -06:00
Oskari Saarenmaa
9a0e6a8fae remote/ssh: support for no_verify.
Set StrictHostKeyChecking=no to auto-accept new ssh host keys if the
no_verify extra parameter was specified.  This won't disable host key
checking for already known hosts.  Includes a test and documentation.
2011-07-12 15:09:05 +02:00
Doug Goldstein
fa4732724e docs: updates to CA cert and client cert/key info
Update the documentation to mention that the CA certificate and the
client cert/key pair can come from the user's location or the global
location independent of each other.

Signed-off-by: Doug Goldstein <cardoe@gentoo.org>
2011-05-10 14:56:53 -06:00
Osier Yang
cc4447b68a docs: Add docs for new extra parameter pkipath
* docs/remote.html.in
2011-01-27 20:47:17 -07:00
Matthias Bolte
30b2945595 esx: Add documentation about certificates and connection problems 2010-10-22 22:08:22 +02:00
Justin Clift
5bc4307597 docs: fix the xml validity errors regarding name and id
Got sick of seeing the "validity error : ID Objects already defined"
errors, which this patch addresses.
2010-09-17 00:41:08 +10:00
Matthias Bolte
d392f4db9d docs: Remove outdated information about remote limitations 2010-01-20 10:03:17 +01:00
Daniel P. Berrange
3decd4f9f1 Make pki_check.sh into an installed & supported tool
* docs/pki_check.sh: Move to tool/virt-pki-validate.in and add
  in POD man page documentation
* tools/.gitignore: Ignore generated virt-pki-validate file
* tools/Makefile.am: Install & build virt-pki-validate and
  virt-pki-validate.1
* docs/remote.html, docs/remote.html.in: Refer to new tool
  name virt-pki-validate
* libvirt.spec.in, mingw32-libvirt.spec.in: Add virt-pki-validate
  and virt-pki-validate.1 to files list
2009-09-21 14:41:46 +01:00
Daniel Veillard
e43d1ae0c6 * NEWS configure.in libvirt.spec.in doc/* include/libvirt/libvirt.h:
release of 0.6.1
* po/*: rebuilt
* AUTHORS: updated to list new contributors
Daniel
2009-03-04 13:17:44 +00:00
Daniel Veillard
1290f50284 Notes on the use of listen_tls/listen_tcp
* docs/remote.html docs/remote.html.in: patch from Kenneth Nagin
  with Notes on the use of listen_tls/listen_tcp
Daniel
2008-05-20 15:55:00 +00:00
Daniel P. Berrange
9092c3d491 Split website out into one file per page. APply new layout and styling 2008-04-23 17:08:31 +00:00