search for: limit_preconnect

This is a second version of the limit filter. v1 was posted here: https://www.redhat.com/archives/libguestfs/2020-March/msg00015.html I didn't bother to repost the other three patches because they are the same. The difference is this version of the filter takes security more seriously. It shouldn't be possible for malicious clients to connect more than limit=N times to the plugin now,

...connection rejected"); +} + +/* We limit connections in the preconnect stage (in particular before + * any heavyweight NBD or TLS negotiations has been done). However we + * count connections in the open/close calls since clients can drop + * out between preconnect and open. + */ +static int +limit_preconnect (nbdkit_next_preconnect *next, nbdkit_backend *nxdata, + int readonly) +{ + if (next (nxdata, readonly) == -1) + return -1; + + ACQUIRE_LOCK_FOR_CURRENT_SCOPE (&lock); + + if (limit > 0 && connections >= limit) { + too_many_clients_error (); + return -...

...ections in the preconnect stage (in particular before > + * any heavyweight NBD or TLS negotiations has been done). However we > + * count connections in the open/close calls since clients can drop > + * out between preconnect and open. > + */ Seems reasonable. > +static int > +limit_preconnect (nbdkit_next_preconnect *next, nbdkit_backend *nxdata, > + int readonly) > +{ > + if (next (nxdata, readonly) == -1) > + return -1; > + > + ACQUIRE_LOCK_FOR_CURRENT_SCOPE (&lock); > + > + if (limit > 0 && connections >= limit) { >...

This adds a new nbdkit_shutdown() API whereby plugins and filters can request that the server shuts down (asynchronously) during the serving phase. Two new filters are added, one of which depends on this feature and the other not needing it but being somewhat related. Rich.

...char *exportname, int is_tls) { /* Always pass readonly=1 to the underlying plugin. */ if (next (nxdata, 1, exportname) == -1) diff --git a/filters/limit/limit.c b/filters/limit/limit.c index 7c4477eb..fb862df7 100644 --- a/filters/limit/limit.c +++ b/filters/limit/limit.c @@ -91,7 +91,7 @@ limit_preconnect (nbdkit_next_preconnect *next, nbdkit_backend *nxdata, static void * limit_open (nbdkit_next_open *next, nbdkit_backend *nxdata, - int readonly, const char *exportname) + int readonly, const char *exportname, int is_tls) { if (next (nxdata, readonly, exportname) == -1)...

.... */ - if (next (nxdata, 1) == -1) + if (next (nxdata, 1, exportname) == -1) return NULL; return NBDKIT_HANDLE_NOT_NEEDED; diff --git a/filters/limit/limit.c b/filters/limit/limit.c index 563481fa..7c4477eb 100644 --- a/filters/limit/limit.c +++ b/filters/limit/limit.c @@ -91,9 +91,9 @@ limit_preconnect (nbdkit_next_preconnect *next, nbdkit_backend *nxdata, static void * limit_open (nbdkit_next_open *next, nbdkit_backend *nxdata, - int readonly) + int readonly, const char *exportname) { - if (next (nxdata, readonly) == -1) + if (next (nxdata, readonly, exportname) == -...

Patch 3 still needs tests added, but it is at least working from my simple command line tests. Eric Blake (3): server: Implement nbdkit_is_tls for use during .open server: Expose final thread_model to filter's .get_ready tlsdummy: New filter docs/nbdkit-filter.pod | 21 +- docs/nbdkit-plugin.pod | 34 ++- docs/nbdkit-tls.pod