similar to: nbdkit low priority security fix: TLS connections cause memory leak

On Thu, Mar 26, 2020 at 02:34:41PM -0500, Eric Blake wrote: > We're still seeing sporadic failures of 'nbdkit nbd tls=', and I'm > still trying to come up with a root cause fix (it may involve smarter > use of gnutls_bye() in libnbd). In the meantime, here's what we know: > when the hang/failure happens, the 'nbdkit nbd tls=' client process is > stuck in

We're still seeing sporadic failures of 'nbdkit nbd tls=', and I'm still trying to come up with a root cause fix (it may involve smarter use of gnutls_bye() in libnbd). In the meantime, here's what we know: when the hang/failure happens, the 'nbdkit nbd tls=' client process is stuck in a poll() waiting to see EOF from the server, while the 'nbdkit example1'

--- docs/nbdkit.pod.in | 45 +++++++++-- src/crypto.c | 234 +++++++++++++++++++++++++++++++++++++---------------- src/internal.h | 1 + src/main.c | 8 +- 4 files changed, 210 insertions(+), 78 deletions(-) diff --git a/docs/nbdkit.pod.in b/docs/nbdkit.pod.in index 42e6e6b..80d1ecd 100644 --- a/docs/nbdkit.pod.in +++ b/docs/nbdkit.pod.in @@ -11,7 +11,7 @@ nbdkit - A

On Thu, Jun 28, 2018 at 10:18:25AM -0500, Eric Blake wrote: > On 06/25/2018 12:01 PM, Richard W.M. Jones wrote: > > --- > > docs/nbdkit.pod.in | 45 +++++++++-- > > src/crypto.c | 234 +++++++++++++++++++++++++++++++++++++---------------- > > src/internal.h | 1 + > > src/main.c | 8 +- > > 4 files changed, 210 insertions(+), 78

On Thu, Jun 28, 2018 at 6:56 PM Daniel P. Berrangé <berrange@redhat.com> wrote: > On Thu, Jun 28, 2018 at 10:18:25AM -0500, Eric Blake wrote: > > On 06/25/2018 12:01 PM, Richard W.M. Jones wrote: > > > --- > > > docs/nbdkit.pod.in | 45 +++++++++-- > > > src/crypto.c | 234 > +++++++++++++++++++++++++++++++++++++---------------- > > >

On Fedora 29, nbdkit-devel at 1.10.4 is too old for any of the tests/Makefile.am actions to run, but this also means we don't create any tls pki/ or keys.psk files that we then want to reuse during qemu testing, as evidenced by 'make check' failures such as: FAIL: interop-qemu-nbd-tls-certs ================================ qemu-nbd: Unable to access credentials

On 06/25/2018 12:01 PM, Richard W.M. Jones wrote: > --- > docs/nbdkit.pod.in | 45 +++++++++-- > src/crypto.c | 234 +++++++++++++++++++++++++++++++++++++---------------- > src/internal.h | 1 + > src/main.c | 8 +- > 4 files changed, 210 insertions(+), 78 deletions(-) > > +Create a PSK file containing one or more C<username:key> pairs.

* Change the title so it's informative and searchable. * Remove references to the non-libnbd plugin. * Headings for examples. * Correct reference to qemu-nbd(8) man page. * General copy-editing to improve readability. * Change style in places so it matches other manual pages. --- plugins/nbd/nbdkit-nbd-plugin.pod | 192 +++++++++++++++++------------- 1 file changed, 109 insertions(+), 83

* Change the title so it's informative and searchable. * Remove references to the non-libnbd plugin. * Headings for examples. * Correct reference to qemu-nbd(8) man page. * General copy-editing to improve readability. * Change style in places so it matches other manual pages. --- plugins/nbd/nbdkit-nbd-plugin.pod | 192 +++++++++++++++++------------- 1 file changed, 109 insertions(+), 83

Test both the TLS enabled and fallback paths. nbd-server doesn't appear to support TLS at all, and qemu-nbd is known not to allow fallback to unencrypted, and therefore it only makes sense to test nbdkit at the moment. --- .gitignore | 4 ++++ TODO | 3 --- interop/Makefile.am | 54 +++++++++++++++++++++++++++++++++++++++++++++ interop/interop.c | 30

[replying here, as I seem to have been dropped from cc on the subthread at https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/ELUEHAA7X7YKU5DFIOBS3UQ5AXQYJWLY/ - maybe I should subscribe to devel@ instead of seeing this second-hand... hmm - I can't even post to devel@ without subscribing, so now just sending this to libguestfs] [adding libguestfs - now

On 8/7/20 5:00 PM, Eric Blake wrote: > Take advantage of the fact that we can now detect the type of client > during --tls=on in order to provide safe dummy content for plaintext > clients without having to rewrite plugins to do so. > > Signed-off-by: Eric Blake <eblake@redhat.com> > --- I got a test working (although it still shows that we are bit awkward until nbdkit

The path to bash on FreeBSD is /usr/local/bin/bash. --- docs/make-links.sh | 2 +- nbdkit.in | 2 +- tests/make-pki.sh | 2 +- tests/make-psk.sh | 2 +- tests/test-blocksize.sh | 2 +- tests/test-cache.sh | 2 +- tests/test-captive.sh | 2 +- tests/test-cow.sh | 2 +-

This assumes bashisms, but bash is required to run the tests. This is mostly simple refactoring. Except for the test-memory*.sh tests where nbdkit used to run in the foreground, but that seems to be a consequence of some left over debugging. --- tests/functions.sh.in | 35 ++++++++++++++++++++ tests/test-blocksize.sh | 23 +++---------- tests/test-cache.sh

This assumes bashisms, but bash is required to run the tests. This is mostly refactoring. However the changes (simplifications) are quite substantial: - Since the new start_nbdkit helper function cleans up nbdkit on exit, most scripts no longer need to deal with the pid or kill the pid in the cleanup function. - As a result, cleanup functions are radically simpler, and often

We had several poor option-parsing actions in our ./nbdkit wrapper: Attempting './nbdkit --filter' went into an infloop with growing memory, because bash treats 'shift 2' when $# as a soft error (which we ignored) without even shifting 1, such that $# never decreases but $args[] continues to grow (dash, on the other hand, follows the POSIX recommendation of a hard error with

Thanks: Eric Blake for the suggestion here: https://www.redhat.com/archives/libguestfs/2018-September/msg00069.html --- tests/functions.sh.in | 25 +++++++++++++++++++++++++ tests/test-blocksize.sh | 9 ++------- tests/test-cache.sh | 9 ++------- tests/test-cow.sh | 9 ++------- tests/test-data-7E.sh | 9

This resurrects the unused tests/functions.sh file (although now we need to generate it from tests/functions.sh.in). Put the common code for running a test against every plugin here. Because of the previous commits we can now use the plugins list directly from configure.ac instead of needing to use weird shell script, although we still need to preserve the test that the plugin was built so that

This resurrects the unused tests/functions.sh file (although now we need to generate it from tests/functions.sh.in). Put the common code for running a test against every plugin here. Because of the previous commits we can now use the plugins list directly from configure.ac instead of needing to use weird shell script, although we still need to preserve the test that the plugin was built so that

On 9/12/19 12:41 PM, Richard W.M. Jones wrote: > We have discovered a potential Denial of Service / Amplification Attack > in nbdkit. Unfortunately, our fix for this issue cause another potential Denial of Service attack: > > Lifecycle > --------- > > Reported: 2019-09-11 Fixed: 2019-09-11 Published: 2019-09-12 > > There is no CVE number assigned for this issue