search for: tls_certif

Displaying 19 results from an estimated 19 matches for "tls_certif".

Did you mean: tls_cert
2020 Aug 28
4
[nbdkit PATCH 0/3] .list_exports in nbd plugin
Another series on top of my exportname filter, marking off another todo bullet point. With this, you can now use the NBD plugin as a transparent passthrough of all export names served by the remote server in both directions (list advertisement server to client, and export name from client to server). Eric Blake (3): nbd: Implement .default_export, .export_description nbd: Add
2019 Aug 15
3
[nbdkit PATCH] nbd: Another libnbd version bump
...(value); + if (r == -1) exit (EXIT_FAILURE); + tls = r ? LIBNBD_TLS_ALLOW : LIBNBD_TLS_DISABLE; } } else if (strcmp (key, "tls-certificates") == 0) { @@ -245,8 +246,9 @@ nbdplug_config_complete (void) export = ""; if (tls == -1) - tls = tls_certificates || tls_verify >= 0 || tls_username || tls_psk; - if (tls > 0) { + tls = (tls_certificates || tls_verify >= 0 || tls_username || tls_psk) + ? LIBNBD_TLS_ALLOW : LIBNBD_TLS_DISABLE; + if (tls != LIBNBD_TLS_DISABLE) { struct nbd_handle *nbd = nbd_create (); if (!nbd...
2019 Jul 25
0
[PATCH libnbd] lib: Kill subprocess in nbd_close.
...ndle *h) freeaddrinfo (h->result); if (h->sock) h->sock->ops->close (h->sock); - if (h->pid >= 0) /* XXX kill it? */ + if (h->pid >= 0) { + kill (h->pid, SIGHUP); waitpid (h->pid, NULL, 0); + } free (h->export_name); free (h->tls_certificates); -- 2.22.0
2020 Jul 01
0
[PATCH nbdkit 8/9] nbd: Fix shared=true so it creates background thread after fork.
...d91e0 100644 --- a/plugins/nbd/nbd.c +++ b/plugins/nbd/nbd.c @@ -109,7 +109,7 @@ static void nbdplug_close_handle (struct handle *h); static void nbdplug_unload (void) { - if (shared) + if (shared && shared_handle) nbdplug_close_handle (shared_handle); free (sockname); free (tls_certificates); @@ -266,8 +266,15 @@ nbdplug_config_complete (void) } nbd_close (nbd); } + return 0; +} - /* Create the shared connection. */ +/* Create the shared connection. Because this may create a background + * thread it must be done after we fork. + */ +static int +nbdplug_after_fo...
2019 Jul 25
2
[PATCH libnbd] lib: Kill subprocess in nbd_close.
This is a simple patch which stops nbd_close from waiting too long for a server subprocess to shut down. I wanted to send SIGHUP because the server will be able to catch it and do a clean shutdown if that is required. Is another signal better? Is it right to send a signal here? Rich.
2016 Oct 26
2
multiple SSL certificates story
...icates.That's because it loads certificates on demand, when these are actually needed. Core part of exim ssl config is two lines: tls_privatekey = ${if exists{/etc/certs/cert.${lc:${sha1:${lc:${tls_sni}}}}.pem}{/etc/certs//cert.${lc:${sha1:${lc:${tls_sni}}}}.pem}{/etc/certs/default-cert.key}} tls_certificate = ${if exists{/etc/certs/cert.${lc:${sha1:${lc:${tls_sni}}}}.pem}{/etc/certs/cert.${lc:${sha1:${lc:${tls_sni}}}}.pem}{/etc/certs/default-cert.pem}} which means check runtime if file on disk exists; if it exists then use it for tls_XYZ option; if it doesn't exist use default-cert.{pem/key}...
2023 Jan 30
2
[PATCH libnbd v2 3/4] generator: Add APIs to get/set the socket activation socket name
...clude <sys/types.h> #include <sys/wait.h> +#include "ascii-ctype.h" #include "internal.h" static void @@ -161,6 +162,7 @@ nbd_close (struct nbd_handle *h) waitpid (h->pid, NULL, 0); free (h->export_name); + free (h->sa_name); free (h->tls_certificates); free (h->tls_username); free (h->tls_psk_file); @@ -200,6 +202,60 @@ nbd_unlocked_get_handle_name (struct nbd_handle *h) return copy; } +int +nbd_unlocked_set_socket_activation_name (struct nbd_handle *h, + const char *name) +{ + si...
2023 Mar 23
1
[libnbd PATCH v3 18/19] generator: Add APIs to get/set the socket activation socket name
...ude <sys/types.h> #include <sys/wait.h> +#include "ascii-ctype.h" #include "internal.h" static void @@ -159,6 +160,7 @@ nbd_close (struct nbd_handle *h) waitpid (h->pid, NULL, 0); free (h->export_name); + free (h->sact_name); free (h->tls_certificates); free (h->tls_username); free (h->tls_psk_file); @@ -197,6 +199,60 @@ nbd_unlocked_get_handle_name (struct nbd_handle *h) return copy; } +int +nbd_unlocked_set_socket_activation_name (struct nbd_handle *h, + const char *name) +{ + si...
2023 Mar 25
1
[libnbd PATCH v5 3/4] generator: Add APIs to get/set the socket activation socket name
...ude <sys/types.h> #include <sys/wait.h> +#include "ascii-ctype.h" #include "internal.h" static void @@ -159,6 +160,7 @@ nbd_close (struct nbd_handle *h) waitpid (h->pid, NULL, 0); free (h->export_name); + free (h->sact_name); free (h->tls_certificates); free (h->tls_username); free (h->tls_psk_file); @@ -197,6 +199,60 @@ nbd_unlocked_get_handle_name (struct nbd_handle *h) return copy; } +int +nbd_unlocked_set_socket_activation_name (struct nbd_handle *h, + const char *name) +{ + si...
2020 Jul 01
15
[PATCH nbdkit 0/9] nbd: Implement command= and socket-fd= parameters.
I fixed the deadlock - turned out to be an actual bug in the nbd plugin (see patch 8). I changed the command syntax so it's now: nbdkit nbd command=qemu arg=-f arg=qcow2 arg=/path/to/disk.qcow2 Nir wrote: 18:08 < nsoffer> rwmjones: regarding the nbd proxy patches, did you have specific flow that help us? 18:08 < nsoffer> rwmjones: or this is just a way to support qcow2 in the
2019 Jun 12
8
[nbdkit PATCH v3 0/5] Play with libnbd for nbdkit-nbd
libnbd-0.1.4-1 is now available in Fedora 29/30 updates testing. Diffs since v2 - rebase to master, bump from libnbd 0.1.2 to 0.1.3+, add tests to TLS usage which flushed out the need to turn relative pathnames into absolute, doc tweaks Now that the testsuite covers TLS and libnbd has been fixed to provide the things I found lacking when developing v2, I'm leaning towards pushing this on
2023 Jan 30
4
[PATCH libnbd v2 0/4] Pass LISTEN_FDNAMES with systemd socket activation
This is an alternative approach to https://listman.redhat.com/archives/libguestfs/2023-January/030535.html After discussing this with Dan Berrange we came to the conclusion that you really might want to set LISTEN_FDNAMES to arbitrary short strings (or not set it). Especially when talking to qemu-storage-daemon which would allow you to use these names on the command line. Rich.
2019 May 30
5
[nbdkit PATCH 0/4] Play with libnbd for nbdkit-add
Patch 1 played with an early draft of Rich's Fedora 30 libnbd package: https://bugzilla.redhat.com/show_bug.cgi?id=1713767#c17 Note that comment 21 provides a newer package 0.1.1-1 with a different API; and that libnbd has more unreleased API changes in the pipeline (whether that will be called 0.2 or 0.1.2); so we'll have to tweak things based on what is actually available in distros.
2019 Jun 02
5
[nbdkit PATCH v2 0/5] Play with libnbd for nbdkit-nbd
libnbd-0.1.2-1 is now available in Fedora 29/30 updates-testing, although it was not compiled against libxml2 so it lacks uri support (I ended up testing patch 4 with a self-built libnbd). Diffs since v1 - rebase to master, bump from libnbd 0.1 to 0.1.2, add URI support, better timing results Still not done - patch 5 needs associated tests Eric Blake (5): nbd: Check for libnbd nbd:
2019 May 23
2
[PATCH libnbd] api: Get rid of nbd_connection.
This isn't quite finished because not all of the tests or examples have been updated, but it demonstrates an idea: Should we forget about the concept of having multiple connections managed under a single handle? In this patch there is a single ‘struct nbd_handle *’ which manages a single state machine and connection (and therefore no nbd_connection). To connect to a multi-conn server you must
2023 Mar 25
4
[libnbd PATCH v5 0/4] pass LISTEN_FDNAMES with systemd socket activation
V4 was here (incorrectly versioned on the mailing list as v3): <http://mid.mail-archive.com/20230323121016.1442655-1-lersek at redhat.com>. See the Notes section on each patch for the v5 updates. Laszlo Ersek (2): socket activation: generalize environment construction socket activation: set LISTEN_FDNAMES Richard W.M. Jones (2): common/include: Copy ascii-ctype functions from nbdkit
2020 Sep 21
18
[nbdkit PATCH v3 00/14] exportname filter
It's been several weeks since I posted v2 (I got distracted by improving libnbd to better test things, which in turn surfaced some major memory leak problems in nbdsh that are now fixed). Many of the patches are minor rebases from v2, with the biggest changes being fallout from: - patch 2: rename nbdkit_add_default_export to nbdkit_use_default_export - overall: this missed 1.22, so update
2020 Oct 27
6
[PATCH libnbd 0/5] info: --map: Coalesce adjacent extents of the same type.
This adds coalescing of adjacent extents of the same type, as mentioned by Eric Blake in the commit message here: https://github.com/libguestfs/libnbd/commit/46072f6611f80245846a445766da071e457b00cd The patch series is rather long because it detours through adding the <vector.h> library from nbdkit into libnbd and replacing ad hoc uses of realloc, char ** etc in various places. Rich.
2023 Mar 23
20
[libnbd PATCH v3 00/19] pass LISTEN_FDNAMES with systemd socket activation
V3 was here: <http://mid.mail-archive.com/20230215141158.2426855-1-lersek at redhat.com>. See the Notes section on each patch for the v4 updates. The series is nearly ready for merging: every patch has at least one R-b tag, except "socket activation: avoid manipulating the sign bit". The series builds, and passes "make check" and "make check-valgrind", at