Displaying 19 results from an estimated 19 matches for "tls_certificates".
2020 Aug 28
4
[nbdkit PATCH 0/3] .list_exports in nbd plugin
Another series on top of my exportname filter, marking off another
todo bullet point. With this, you can now use the NBD plugin as a
transparent passthrough of all export names served by the remote
server in both directions (list advertisement server to client, and
export name from client to server).
Eric Blake (3):
nbd: Implement .default_export, .export_description
nbd: Add
2019 Aug 15
3
[nbdkit PATCH] nbd: Another libnbd version bump
...(value);
+ if (r == -1)
exit (EXIT_FAILURE);
+ tls = r ? LIBNBD_TLS_ALLOW : LIBNBD_TLS_DISABLE;
}
}
else if (strcmp (key, "tls-certificates") == 0) {
@@ -245,8 +246,9 @@ nbdplug_config_complete (void)
export = "";
if (tls == -1)
- tls = tls_certificates || tls_verify >= 0 || tls_username || tls_psk;
- if (tls > 0) {
+ tls = (tls_certificates || tls_verify >= 0 || tls_username || tls_psk)
+ ? LIBNBD_TLS_ALLOW : LIBNBD_TLS_DISABLE;
+ if (tls != LIBNBD_TLS_DISABLE) {
struct nbd_handle *nbd = nbd_create ();
if (!nbd) {
@@...
2019 Jul 25
0
[PATCH libnbd] lib: Kill subprocess in nbd_close.
...ndle *h)
freeaddrinfo (h->result);
if (h->sock)
h->sock->ops->close (h->sock);
- if (h->pid >= 0) /* XXX kill it? */
+ if (h->pid >= 0) {
+ kill (h->pid, SIGHUP);
waitpid (h->pid, NULL, 0);
+ }
free (h->export_name);
free (h->tls_certificates);
--
2.22.0
2020 Jul 01
0
[PATCH nbdkit 8/9] nbd: Fix shared=true so it creates background thread after fork.
...d91e0 100644
--- a/plugins/nbd/nbd.c
+++ b/plugins/nbd/nbd.c
@@ -109,7 +109,7 @@ static void nbdplug_close_handle (struct handle *h);
static void
nbdplug_unload (void)
{
- if (shared)
+ if (shared && shared_handle)
nbdplug_close_handle (shared_handle);
free (sockname);
free (tls_certificates);
@@ -266,8 +266,15 @@ nbdplug_config_complete (void)
}
nbd_close (nbd);
}
+ return 0;
+}
- /* Create the shared connection. */
+/* Create the shared connection. Because this may create a background
+ * thread it must be done after we fork.
+ */
+static int
+nbdplug_after_fork (vo...
2019 Jul 25
2
[PATCH libnbd] lib: Kill subprocess in nbd_close.
This is a simple patch which stops nbd_close from waiting too long for
a server subprocess to shut down.
I wanted to send SIGHUP because the server will be able to catch it
and do a clean shutdown if that is required. Is another signal
better?
Is it right to send a signal here?
Rich.
2016 Oct 26
2
multiple SSL certificates story
Hi.
Little story :-)
I'm playing with dovecot 2.2.25 and multiple SSL certificates. ~7000 certificates
which are loaded twice, so my dovecot has ~14 000 certificate pairs
(14k key + 14k cert) in config.
14 000 local_name entries. Like these:
local_name imap.example.com {
ssl_cert = </etc/certs/cert1.pem
ssl_key = </etc/certs/cert1.pem
}
local_name pop3.example.com {
ssl_cert =
2023 Jan 30
2
[PATCH libnbd v2 3/4] generator: Add APIs to get/set the socket activation socket name
...clude <sys/types.h>
#include <sys/wait.h>
+#include "ascii-ctype.h"
#include "internal.h"
static void
@@ -161,6 +162,7 @@ nbd_close (struct nbd_handle *h)
waitpid (h->pid, NULL, 0);
free (h->export_name);
+ free (h->sa_name);
free (h->tls_certificates);
free (h->tls_username);
free (h->tls_psk_file);
@@ -200,6 +202,60 @@ nbd_unlocked_get_handle_name (struct nbd_handle *h)
return copy;
}
+int
+nbd_unlocked_set_socket_activation_name (struct nbd_handle *h,
+ const char *name)
+{
+ size_t i...
2023 Mar 23
1
[libnbd PATCH v3 18/19] generator: Add APIs to get/set the socket activation socket name
...ude <sys/types.h>
#include <sys/wait.h>
+#include "ascii-ctype.h"
#include "internal.h"
static void
@@ -159,6 +160,7 @@ nbd_close (struct nbd_handle *h)
waitpid (h->pid, NULL, 0);
free (h->export_name);
+ free (h->sact_name);
free (h->tls_certificates);
free (h->tls_username);
free (h->tls_psk_file);
@@ -197,6 +199,60 @@ nbd_unlocked_get_handle_name (struct nbd_handle *h)
return copy;
}
+int
+nbd_unlocked_set_socket_activation_name (struct nbd_handle *h,
+ const char *name)
+{
+ size_t i...
2023 Mar 25
1
[libnbd PATCH v5 3/4] generator: Add APIs to get/set the socket activation socket name
...ude <sys/types.h>
#include <sys/wait.h>
+#include "ascii-ctype.h"
#include "internal.h"
static void
@@ -159,6 +160,7 @@ nbd_close (struct nbd_handle *h)
waitpid (h->pid, NULL, 0);
free (h->export_name);
+ free (h->sact_name);
free (h->tls_certificates);
free (h->tls_username);
free (h->tls_psk_file);
@@ -197,6 +199,60 @@ nbd_unlocked_get_handle_name (struct nbd_handle *h)
return copy;
}
+int
+nbd_unlocked_set_socket_activation_name (struct nbd_handle *h,
+ const char *name)
+{
+ size_t i...
2020 Jul 01
15
[PATCH nbdkit 0/9] nbd: Implement command= and socket-fd= parameters.
I fixed the deadlock - turned out to be an actual bug in the nbd
plugin (see patch 8).
I changed the command syntax so it's now:
nbdkit nbd command=qemu arg=-f arg=qcow2 arg=/path/to/disk.qcow2
Nir wrote:
18:08 < nsoffer> rwmjones: regarding the nbd proxy patches, did you have specific flow that help us?
18:08 < nsoffer> rwmjones: or this is just a way to support qcow2 in the
2019 Jun 12
8
[nbdkit PATCH v3 0/5] Play with libnbd for nbdkit-nbd
libnbd-0.1.4-1 is now available in Fedora 29/30 updates testing.
Diffs since v2 - rebase to master, bump from libnbd 0.1.2 to 0.1.3+,
add tests to TLS usage which flushed out the need to turn relative
pathnames into absolute, doc tweaks
Now that the testsuite covers TLS and libnbd has been fixed to provide
the things I found lacking when developing v2, I'm leaning towards
pushing this on
2023 Jan 30
4
[PATCH libnbd v2 0/4] Pass LISTEN_FDNAMES with systemd socket activation
This is an alternative approach to
https://listman.redhat.com/archives/libguestfs/2023-January/030535.html
After discussing this with Dan Berrange we came to the conclusion that
you really might want to set LISTEN_FDNAMES to arbitrary short strings
(or not set it). Especially when talking to qemu-storage-daemon which
would allow you to use these names on the command line.
Rich.
2019 May 30
5
[nbdkit PATCH 0/4] Play with libnbd for nbdkit-add
Patch 1 played with an early draft of Rich's Fedora 30 libnbd package:
https://bugzilla.redhat.com/show_bug.cgi?id=1713767#c17
Note that comment 21 provides a newer package 0.1.1-1 with a different
API; and that libnbd has more unreleased API changes in the pipeline
(whether that will be called 0.2 or 0.1.2); so we'll have to tweak
things based on what is actually available in distros.
2019 Jun 02
5
[nbdkit PATCH v2 0/5] Play with libnbd for nbdkit-nbd
libnbd-0.1.2-1 is now available in Fedora 29/30 updates-testing,
although it was not compiled against libxml2 so it lacks uri support
(I ended up testing patch 4 with a self-built libnbd).
Diffs since v1 - rebase to master, bump from libnbd 0.1 to 0.1.2, add
URI support, better timing results
Still not done - patch 5 needs associated tests
Eric Blake (5):
nbd: Check for libnbd
nbd:
2019 May 23
2
[PATCH libnbd] api: Get rid of nbd_connection.
This isn't quite finished because not all of the tests or examples
have been updated, but it demonstrates an idea: Should we forget about
the concept of having multiple connections managed under a single
handle?
In this patch there is a single ‘struct nbd_handle *’ which manages a
single state machine and connection (and therefore no nbd_connection).
To connect to a multi-conn server you must
2023 Mar 25
4
[libnbd PATCH v5 0/4] pass LISTEN_FDNAMES with systemd socket activation
V4 was here (incorrectly versioned on the mailing list as v3):
<http://mid.mail-archive.com/20230323121016.1442655-1-lersek at redhat.com>.
See the Notes section on each patch for the v5 updates.
Laszlo Ersek (2):
socket activation: generalize environment construction
socket activation: set LISTEN_FDNAMES
Richard W.M. Jones (2):
common/include: Copy ascii-ctype functions from nbdkit
2020 Sep 21
18
[nbdkit PATCH v3 00/14] exportname filter
It's been several weeks since I posted v2 (I got distracted by
improving libnbd to better test things, which in turn surfaced some
major memory leak problems in nbdsh that are now fixed). Many of the
patches are minor rebases from v2, with the biggest changes being
fallout from:
- patch 2: rename nbdkit_add_default_export to nbdkit_use_default_export
- overall: this missed 1.22, so update
2020 Oct 27
6
[PATCH libnbd 0/5] info: --map: Coalesce adjacent extents of the same type.
This adds coalescing of adjacent extents of the same type, as
mentioned by Eric Blake in the commit message here:
https://github.com/libguestfs/libnbd/commit/46072f6611f80245846a445766da071e457b00cd
The patch series is rather long because it detours through adding the
<vector.h> library from nbdkit into libnbd and replacing ad hoc uses
of realloc, char ** etc in various places.
Rich.
2023 Mar 23
20
[libnbd PATCH v3 00/19] pass LISTEN_FDNAMES with systemd socket activation
V3 was here:
<http://mid.mail-archive.com/20230215141158.2426855-1-lersek at redhat.com>.
See the Notes section on each patch for the v4 updates.
The series is nearly ready for merging: every patch has at least one R-b
tag, except "socket activation: avoid manipulating the sign bit".
The series builds, and passes "make check" and "make check-valgrind", at