search for: replylen

...; + if (read_full (h->fd, reply, sizeof *reply)) { + nbdkit_error ("unable to read option reply: %m"); + return -1; + } + reply->magic = be64toh (reply->magic); + reply->option = be32toh (reply->option); + reply->reply = be32toh (reply->reply); + reply->replylen = be32toh (reply->replylen); + if (reply->magic != NBD_REP_MAGIC || reply->option != option) { + nbdkit_error ("unexpected option reply"); + return -1; + } + if (reply->replylen) { + if (reply->reply == NBD_REP_ACK) { + nbdkit_error ("NBD_REP_ACK shoul...

...h->sbuf.or.payload; - switch (recv_into_rbuf (h)) { case -1: SET_NEXT_STATE (%.DEAD); return -1; case 0: - /* Read the following payload if it is short enough to fit in the - * static buffer. If it's too long, skip it. - */ - len = be32toh (h->sbuf.or.option_reply.replylen); - if (len <= maxpayload) - h->rbuf = &h->sbuf.or.payload; - else - h->rbuf = NULL; - h->rlen = len; + if (prepare_for_reply_payload (h, NBD_OPT_GO) == -1) { + SET_NEXT_STATE (%.DEAD); + return -1; + } SET_NEXT_STATE (%RECV_REPLY_PAYLOAD);...

I'm still playing with ideas on how to split rstate from wstate (so that we can send a request without waiting for POLLIN to complete a pending reply), but this is some preliminary refactoring I found useful. I also fixed a couple of bugs while in the area (already pushed). There's a question of whether we want nbd_handle to be nearly 5k, or if we should instead keep it small and add one

Updated based on other changes that have happened in the meantime: - rely more on cleanup.h (throughout) - split structured read for easier review (patch 2 and 3 were combined in v1) - rely on nbdkit not leaking a server's partial answer (patch 3) - add tests (patch 5) - other bug fixes I found while testing it - drop EOVERFLOW patch for now; it will be separate once upstream NBD protocol

...below. static void do_auth (guestfs_h *g, void *opaque, uint64_t event, int event_handle, int flags, const char *buf, size_t buf_len, const uint64_t *array, size_t array_len) { char **creds; size_t i; char *prompt; char *reply; size_t replylen; // buf will be the libvirt URI. It is always \0-terminated so // buf_len can be ignored in this case. printf ("Authentication required for libvirt connection '%s'\n", buf); // Ask libguestfs what credentials libvirt is demanding. creds = guestfs_get_libvirt_requested...

...; - if (read_full (h->fd, reply, sizeof *reply)) { - nbdkit_error ("unable to read option reply: %m"); - return -1; - } - reply->magic = be64toh (reply->magic); - reply->option = be32toh (reply->option); - reply->reply = be32toh (reply->reply); - reply->replylen = be32toh (reply->replylen); - if (reply->magic != NBD_REP_MAGIC || reply->option != option) { - nbdkit_error ("unexpected option reply"); - return -1; - } - if (reply->replylen) { - if (reply->reply == NBD_REP_ACK) { - nbdkit_error ("NBD_REP_ACK shoul...

...; - if (read_full (h->fd, reply, sizeof *reply)) { - nbdkit_error ("unable to read option reply: %m"); - return -1; - } - reply->magic = be64toh (reply->magic); - reply->option = be32toh (reply->option); - reply->reply = be32toh (reply->reply); - reply->replylen = be32toh (reply->replylen); - if (reply->magic != NBD_REP_MAGIC || reply->option != option) { - nbdkit_error ("unexpected option reply"); - return -1; - } - if (reply->replylen) { - if (reply->reply == NBD_REP_ACK) { - nbdkit_error ("NBD_REP_ACK shoul...

...; - if (read_full (h->fd, reply, sizeof *reply)) { - nbdkit_error ("unable to read option reply: %m"); - return -1; - } - reply->magic = be64toh (reply->magic); - reply->option = be32toh (reply->option); - reply->reply = be32toh (reply->reply); - reply->replylen = be32toh (reply->replylen); - if (reply->magic != NBD_REP_MAGIC || reply->option != option) { - nbdkit_error ("unexpected option reply"); - return -1; - } - if (reply->replylen) { - if (reply->reply == NBD_REP_ACK) { - nbdkit_error ("NBD_REP_ACK shoul...

I'm hoping to implement .extents for the nbd plugin; this is a prerequisite. I'm not sure about patch 3 - if we like it, I'll squash it to 2, if we don't, I think we are okay just dropping it. I'm also wondering if we have to worry about malicious plugins that don't populate the entire .pread buffer in an effort to get nbdkit to expose portions of the heap; my patch 7 loses

Patch 1 played with an early draft of Rich's Fedora 30 libnbd package: https://bugzilla.redhat.com/show_bug.cgi?id=1713767#c17 Note that comment 21 provides a newer package 0.1.1-1 with a different API; and that libnbd has more unreleased API changes in the pipeline (whether that will be called 0.2 or 0.1.2); so we'll have to tweak things based on what is actually available in distros.

libnbd-0.1.2-1 is now available in Fedora 29/30 updates-testing, although it was not compiled against libxml2 so it lacks uri support (I ended up testing patch 4 with a self-built libnbd). Diffs since v1 - rebase to master, bump from libnbd 0.1 to 0.1.2, add URI support, better timing results Still not done - patch 5 needs associated tests Eric Blake (5): nbd: Check for libnbd nbd:

libnbd-0.1.4-1 is now available in Fedora 29/30 updates testing. Diffs since v2 - rebase to master, bump from libnbd 0.1.2 to 0.1.3+, add tests to TLS usage which flushed out the need to turn relative pathnames into absolute, doc tweaks Now that the testsuite covers TLS and libnbd has been fixed to provide the things I found lacking when developing v2, I'm leaning towards pushing this on

...void *opaque, + uint64_t event, + int event_handle, + int flags, + const char *buf, size_t buf_len, + const uint64_t *array, size_t array_len) +{ + char **creds; + size_t i; + char *prompt; + char *reply = NULL; + size_t replylen; + char *pass; + ssize_t len; + int r; + + printf ("libvirt_auth.c: authentication required for libvirt URI '%s'\n\n", + buf); + + /* Ask libguestfs what credentials libvirt is demanding. */ + creds = guestfs_get_libvirt_requested_credentials (g); + if (creds == NU...

Some of these affect attempts to connect to older qemu-nbd versions, some of them were triggered by manual edits to qemu-nbd source code to provoke various other compliant (if uncommon) server behaviors. Eric Blake (4): starttls: Skip error payload if falling back to unencrypted states: Reject payload to NBD_REP_ACK meta-context: Skip error payload if server lacks meta_context states: Add

This isn't quite finished because not all of the tests or examples have been updated, but it demonstrates an idea: Should we forget about the concept of having multiple connections managed under a single handle? In this patch there is a single ‘struct nbd_handle *’ which manages a single state machine and connection (and therefore no nbd_connection). To connect to a multi-conn server you must

...ted server reply. If it is an error, log any > + * message from the server and return 0; otherwise, return -1. > + */ > +static int > +handle_reply_error (struct nbd_handle *h) > +{ > + uint32_t len; > + uint32_t reply; > + > + len = be32toh (h->sbuf.or.option_reply.replylen); > + reply = be32toh (h->sbuf.or.option_reply.reply); > + if (!NBD_REP_IS_ERR (reply)) { > + set_error (0, "handshake: unexpected option reply type %d", reply); > + return -1; > + } > + > + assert (NBD_MAX_STRING < sizeof h->sbuf.or.payload); Miss...

...4,12 @@ prepare_for_reply_payload (struct nbd_handle *h, uint32_t opt) /* Read the following payload if it is short enough to fit in the * static buffer. If it's too long, skip it. */ - /* XXX Move to DEAD if len > MAX_REQUEST_SIZE */ len = be32toh (h->sbuf.or.option_reply.replylen); - if (len <= maxpayload) + if (len > MAX_REQUEST_SIZE) { + set_error (0, "handshake: invalid option reply length"); + return -1; + } + else if (len <= maxpayload) h->rbuf = &h->sbuf.or.payload; else h->rbuf = NULL; diff --git a/generator/stat...

...(packed));; +} NBD_ATTRIBUTE_PACKED;; /* Fixed newstyle handshake reply message. */ struct nbd_fixed_new_option_reply { @@ -84,7 +90,7 @@ struct nbd_fixed_new_option_reply { uint32_t option; /* option we are replying to */ uint32_t reply; /* NBD_REP_* */ uint32_t replylen; -} __attribute__((packed)); +} NBD_ATTRIBUTE_PACKED; #define NBD_REP_MAGIC UINT64_C(0x3e889045565a9) @@ -140,19 +146,19 @@ struct nbd_fixed_new_option_reply_info_export { uint16_t info; /* NBD_INFO_EXPORT */ uint64_t exportsize; /* size of export */ uint16_t e...

..._t opt) return 0; } +/* Check an unexpected server reply. If it is an error, log any + * message from the server and return 0; otherwise, return -1. + */ +static int +handle_reply_error (struct nbd_handle *h) +{ + uint32_t len; + uint32_t reply; + + len = be32toh (h->sbuf.or.option_reply.replylen); + reply = be32toh (h->sbuf.or.option_reply.reply); + if (!NBD_REP_IS_ERR (reply)) { + set_error (0, "handshake: unexpected option reply type %d", reply); + return -1; + } + + assert (NBD_MAX_STRING < sizeof h->sbuf.or.payload); + if (len > NBD_MAX_STRING) { + s...

...a/generator/states-newstyle-opt-go.c +++ b/generator/states-newstyle-opt-go.c @@ -124,6 +124,7 @@ STATE_MACHINE { uint64_t exportsize; uint16_t eflags; uint32_t min, pref, max; + int err; reply = be32toh (h->sbuf.or.option_reply.reply); len = be32toh (h->sbuf.or.option_reply.replylen); @@ -241,15 +242,21 @@ STATE_MACHINE { reply); } nbd_internal_reset_size_and_flags (h); - if (h->opt_mode) - SET_NEXT_STATE (%.NEGOTIATING); - else - SET_NEXT_STATE (%^PREPARE_OPT_ABORT); + err = nbd_get_errno (); break; case NBD_REP_ACK: +...