From: Marcus Watts Date: Wed, 12 Feb 2020 10:58:31 +0000 (-0500) Subject: kmip: configuration options. X-Git-Tag: v17.1.0~2721^2~11 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=480431015a11229da56b9b7c69f5f8cb863300b0;p=ceph.git kmip: configuration options. First pass at configuration configuration for kmip. Signed-off-by: Marcus Watts --- diff --git a/src/common/legacy_config_opts.h b/src/common/legacy_config_opts.h index 83840e26b9ff..12835cec3e4a 100644 --- a/src/common/legacy_config_opts.h +++ b/src/common/legacy_config_opts.h @@ -1505,6 +1505,15 @@ OPTION(rgw_crypt_vault_prefix, OPT_STR) // Optional URL prefix to Vault secret p OPTION(rgw_crypt_vault_secret_engine, OPT_STR) // kv, transit or other supported secret engines OPTION(rgw_crypt_vault_namespace, OPT_STR) // Vault Namespace (only availabe in Vault Enterprise Version) +OPTION(rgw_crypt_kmip_addr, OPT_STR) // kmip server address +OPTION(rgw_crypt_kmip_ca_path, OPT_STR) // ca for kmip servers +OPTION(rgw_crypt_kmip_username, OPT_STR) // when authenticating via username +OPTION(rgw_crypt_kmip_password, OPT_STR) // optional w/ username +OPTION(rgw_crypt_kmip_client_cert, OPT_STR) // connect using client certificate +OPTION(rgw_crypt_kmip_client_key, OPT_STR) // connect using client certificate +OPTION(rgw_crypt_kmip_kms_key_template, OPT_STR) // sse-kms; kmip key names +OPTION(rgw_crypt_kmip_s3_key_template, OPT_STR) // sse-s3; kmip key names + OPTION(rgw_crypt_s3_kms_encryption_keys, OPT_STR) // extra keys that may be used for aws:kms // defined as map "key1=YmluCmJvb3N0CmJvb3N0LQ== key2=b3V0CnNyYwpUZXN0aW5nCg==" OPTION(rgw_crypt_suppress_logs, OPT_BOOL) // suppress logs that might print customer key diff --git a/src/common/options.cc b/src/common/options.cc index f2c460dfc5cb..4028ee7bc667 100644 --- a/src/common/options.cc +++ b/src/common/options.cc @@ -7064,6 +7064,38 @@ std::vector