Re: [Libguestfs] [PATCH libnbd 1/2] api: Add new API to read whether TLS was negotiated.

When LIBNBD_TLS_ALLOW is used we don't have a way to find out if TLS was really negotiated. This adds a flag and a way to read it back. Unfortunately there is no test yet, because LIBNBD_TLS_ALLOW is not tested -- it really should be but requires quite a complicated set of tests because ideally we'd like to find out whether it falls back correctly for all supported servers.

"get_tls", { default_call with args = []; ret = RInt; may_set_error = false; - shortdesc = "get the current TLS setting"; + shortdesc = "get the TLS request setting"; longdesc = "\ -Get the current TLS setting."; - see_also = ["L<nbd_set_tls(3)>"]; +Get the TLS request setting. + +B<Note:> If you want to find out if TLS was actually negotiated +on a particular connection use L<nbd_get_tls_negotiated(3)> instead."; + see_also = ["L<nbd_set_tls(3)>"; "L<nbd_get_tls_negotiated(3)>"]; + }; + + "get_tls_negotiated", { + default_call with + args = []; ret = RBool; + permitted_states = [ Connected; Closed ]; + shortdesc = "find out if TLS was negotiated on a connection"; + longdesc = "\ +After connecting you may call this to find out if the +connection is using TLS.