search for: nbd_internal_crypto_debug_tls_en

...f_debug (h) {\n"; let errcode = errcode_of_ret ret in (match errcode with | Some r -> diff --git a/lib/crypto.c b/lib/crypto.c index 07d06c0..8d86911 100644 --- a/lib/crypto.c +++ b/lib/crypto.c @@ -676,7 +676,7 @@ nbd_internal_crypto_handshake (struct nbd_handle *h) void nbd_internal_crypto_debug_tls_enabled (struct nbd_handle *h) { - if (h->debug) { + if_debug (h) { const gnutls_session_t session = h->sock->u.tls.session; const gnutls_cipher_algorithm_t cipher = gnutls_cipher_get (session); const gnutls_kx_algorithm_t kx = gnutls_kx_get (session); diff --git a/lib/inter...

This isn't quite finished because not all of the tests or examples have been updated, but it demonstrates an idea: Should we forget about the concept of having multiple connections managed under a single handle? In this patch there is a single ‘struct nbd_handle *’ which manages a single state machine and connection (and therefore no nbd_connection). To connect to a multi-conn server you must

...style-opt-starttls.c b/generator/states-newstyle-opt-starttls.c index 0a18db0..a35e10b 100644 --- a/generator/states-newstyle-opt-starttls.c +++ b/generator/states-newstyle-opt-starttls.c @@ -116,6 +116,7 @@ } if (r == 0) { /* Finished handshake. */ + h->tls_negotiated = true; nbd_internal_crypto_debug_tls_enabled (h); /* Continue with option negotiation. */ diff --git a/lib/crypto.c b/lib/crypto.c index c0a57d7..3274954 100644 --- a/lib/crypto.c +++ b/lib/crypto.c @@ -57,6 +57,12 @@ nbd_unlocked_get_tls (struct nbd_handle *h) return h->tls; } +int +nbd_unlocked_get_tls_negotiated (struc...

...tinuing with unencrypted connection", reply == NBD_REP_ERR_POLICY ? "policy" : "not supported"); - SET_NEXT_STATE (%^OPT_STRUCTURED_REPLY.START); + SET_NEXT_STATE (%^OPT_LIST.START); return 0; } return 0; @@ -120,7 +120,7 @@ STATE_MACHINE { nbd_internal_crypto_debug_tls_enabled (h); /* Continue with option negotiation. */ - SET_NEXT_STATE (%^OPT_STRUCTURED_REPLY.START); + SET_NEXT_STATE (%^OPT_LIST.START); return 0; } /* Continue handshake. */ @@ -143,7 +143,7 @@ STATE_MACHINE { debug (h, "connection is using TLS"); /* Co...

Proposal for new APIs to list exports. The general shape of the API can probably best be seen from the examples/list-exports.c example. Rich.

This is a subset of my v2 posting, but limited to just the NBD_OPT_LIST handling. The biggest change since v2 is the addition of added unit testing in all four language bindings (C, python, ocaml, golang). The tests require nbdkit built from git on PATH, and may not be entirely idiomatic, but I at least validated that they catch issues (for example, adding an exit statement near the end of the

Well, I'm not quite done (I still want to get nbdinfo to work on a single nbd connection for all cases when reading the heads of the file is not required), but I'm happy with patches 1-11, and 12-13 show where I'm headed for getting NBD_OPT_INFO to work. Posting now to see if some of the earlier patches are ready to commit while I continue working on the latter half. Eric Blake (13):