search for: nbd_get_tls_negoti

Displaying 11 results from an estimated 11 matches for "nbd_get_tls_negoti".

2019 Sep 17
0
[PATCH libnbd 5/5] interop: Add tests of nbdkit + LIBNBD_TLS_ALLOW.
.../interop/interop-qemu-nbd /interop/interop-qemu-nbd-tls-certs diff --git a/TODO b/TODO index 21feb2f..642d39f 100644 --- a/TODO +++ b/TODO @@ -17,9 +17,6 @@ NBD_INFO_BLOCK_SIZE. TLS should properly shut down the session (calling gnutls_bye). -LIBNBD_TLS_ALLOW is not tested. Related to this, -nbd_get_tls_negotiated is not tested. - Implement nbd_connect + systemd socket activation. Improve function trace output so that: diff --git a/interop/Makefile.am b/interop/Makefile.am index 8a5b787..43350a8 100644 --- a/interop/Makefile.am +++ b/interop/Makefile.am @@ -145,17 +145,25 @@ if HAVE_GNUTLS if HAVE_C...
2019 Sep 17
7
[PATCH libnbd 0/5] interop: Check that LIBNBD_TLS_ALLOW works against nbdkit.
I was a little surprised to find that LIBNBD_TLS_ALLOW worked out of the box, so I had to examine the logs whereupon I saw the magic message ... libnbd: debug: nbd1: nbd_connect_command: server refused TLS (policy), continuing with unencrypted connection I don't believe this path has ever been tested before. It's possible the tests could be improved if they actually checked for this
2019 Sep 17
3
[PATCH libnbd 1/2] api: Add new API to read whether TLS was negotiated.
...| 3 +++ 5 files changed, 43 insertions(+), 4 deletions(-) diff --git a/TODO b/TODO index 642d39f..21feb2f 100644 --- a/TODO +++ b/TODO @@ -17,6 +17,9 @@ NBD_INFO_BLOCK_SIZE. TLS should properly shut down the session (calling gnutls_bye). +LIBNBD_TLS_ALLOW is not tested. Related to this, +nbd_get_tls_negotiated is not tested. + Implement nbd_connect + systemd socket activation. Improve function trace output so that: diff --git a/generator/generator b/generator/generator index 87a8cdf..28248ed 100755 --- a/generator/generator +++ b/generator/generator @@ -1132,17 +1132,42 @@ TLS are not handled aut...
2019 Sep 17
0
[PATCH libnbd 4/5] interop: Add -DTLS_MODE to the test.
This neutral refactoring adds -DTLS_MODE. We can in future change the requested TLS mode, but not in this commit. It also checks that nbd_get_tls_negotiated returns true after connecting, when the requested mode was set to LIBNBD_TLS_REQUIRE. --- interop/Makefile.am | 4 ++++ interop/interop.c | 26 ++++++++++++++++++++------ 2 files changed, 24 insertions(+), 6 deletions(-) diff --git a/interop/Makefile.am b/interop/Makefile.am index 9cb8071....
2019 Sep 17
1
[libnbd PATCH] api: Add nbd_get_structured_replies_negotiated
Similar to nbd_get_tls_negotiated, for observing what we actually settled on with the server, rather than what was requested. --- generator/generator | 30 +++++++++++++++++++++++++----- lib/handle.c | 6 ++++++ tests/meta-base-allocation.c | 15 +++++++++++++++ tests/oldstyle.c | 7 +++++...
2019 Sep 18
1
Re: [PATCH libnbd 4/5] interop: Add -DTLS_MODE to the test.
On 9/17/19 5:35 PM, Richard W.M. Jones wrote: > This neutral refactoring adds -DTLS_MODE. We can in future change the > requested TLS mode, but not in this commit. > > It also checks that nbd_get_tls_negotiated returns true after > connecting, when the requested mode was set to LIBNBD_TLS_REQUIRE. > --- > interop/Makefile.am | 4 ++++ > interop/interop.c | 26 ++++++++++++++++++++------ > 2 files changed, 24 insertions(+), 6 deletions(-) > +#if CERTS || PSK > +#define TLS 1 &...
2019 Nov 14
1
ANNOUNCE: libnbd 1.2 & nbdkit 1.16 - high performance NBD client and server
...) nbd_set_request_structured_replies(3) nbd_get_structured_replies_negotiated(3) Can be used when testing NBD servers to avoid various NBD features (Eric Blake). nbd_get_protocol(3) Get the NBD protocol variant that the server supports. nbd_get_tls_negotiated(3) Did we actually negotiate a TLS connection? nbd_set_uri_allow_local_file(3) nbd_set_uri_allow_tls(3) nbd_set_uri_allow_transports(3) These can be used to filter NBD URIs before calling nbd_connect_uri(3). New features New tool...
2020 Aug 03
5
[libnbd PATCH 0/4] More nbdinfo fixes
This rounds up the remaining bugs that I originally identified in: https://www.redhat.com/archives/libguestfs/2020-July/msg00153.html Eric Blake (4): api: Permit export list APIs when Connected info: Support --list with serializing servers info: Fix --json output when list size != 1 info: Permit --size --json generator/API.ml | 6 +++--- info/info-list-json.sh | 9 +++++++++
2020 Aug 11
3
[libnbd PATCH] API: Add nbd_set_opt_mode to expose NEGOTIATING state
...t; ]; ret = RErr; - permitted_states = [ Created ]; + permitted_states = [ Created; Negotiating ]; shortdesc = "set the export name"; longdesc = "\ For servers which require an export name or can serve different @@ -361,7 +362,7 @@ on a particular connection use L<nbd_get_tls_negotiated(3)> instead."; "get_tls_negotiated", { default_call with args = []; ret = RBool; - permitted_states = [ Connected; Closed ]; + permitted_states = [ Negotiating; Connected; Closed ]; shortdesc = "find out if TLS was negotiated on a connection";...
2020 Aug 18
3
[libnbd PATCH v3 0/2] Implementing NBD_OPT_LIST
This is a subset of my v2 posting, but limited to just the NBD_OPT_LIST handling. The biggest change since v2 is the addition of added unit testing in all four language bindings (C, python, ocaml, golang). The tests require nbdkit built from git on PATH, and may not be entirely idiomatic, but I at least validated that they catch issues (for example, adding an exit statement near the end of the
2020 Aug 14
18
[libnbd PATCH v2 00/13] Adding nbd_set_opt_mode to improve nbdinfo
Well, I'm not quite done (I still want to get nbdinfo to work on a single nbd connection for all cases when reading the heads of the file is not required), but I'm happy with patches 1-11, and 12-13 show where I'm headed for getting NBD_OPT_INFO to work. Posting now to see if some of the earlier patches are ready to commit while I continue working on the latter half. Eric Blake (13):