Permalink
Commits on Feb 21, 2017
  1. doc: Fix some minor issues

    Fix a grammar nit, and resolve a conflict between two extensions
    picking the same command number (BLOCK_STATUS is the older proposal,
    so it keeps command 7, RESIZE gets command 8).
    
    Signed-off-by: Eric Blake <eblake@redhat.com>
    [added in missing typo fix]
    Signed-off-by: Wouter Verhelst <w@uter.be>
    Eric Blake committed with yoe Feb 16, 2017
  2. build: Fix build with older gcc

    gcc 4.4.7 (hello RHEL 6) complains about redefinition of typedefs,
    as in:
    
    gcc -std=gnu99 -DHAVE_CONFIG_H -I.  -DSYSCONFDIR='"/usr/local/etc"'  -g -O2  -g -O2 -MT nbd_client-buffer.o -MD -MP -MF .deps/nbd_client-buffer.Tpo -c -o nbd_client-buffer.o `test -f 'buffer.c' || echo './'`buffer.c
    buffer.c:39: error: redefinition of typedef ‘buffer_t’
    buffer.h:31: note: previous declaration of ‘buffer_t’ was here
    
    The .c file only has to declare the struct being typedef'd, not
    repeat the typedef declaration.
    
    Signed-off-by: Eric Blake <eblake@redhat.com>
    Signed-off-by: Wouter Verhelst <w@uter.be>
    Eric Blake committed with yoe Dec 19, 2016
Commits on Jan 23, 2017
  1. Use AM_CONDITIONAL rather than AC_SUBST

    AC_SUBST'ing the nbd-client program worked when we didn't need to
    compile the client twice. Now that we do, this makes us try to compile
    the minimal (i.e., non-TLS) client even if we're on a system where the
    client can't be compiled. This is obviously wrong.
    
    Fix it by using AM_CONDITIONAL a second time, and nesting the whole
    GnuTLS conditional below that.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Jan 23, 2017
  2. Don't seek() in files without holding a lock.

    The introduction of multithread handling of requests failed to consider
    what happens with copyonwrite enabled. We would seek, then read (or
    write), a file.
    
    If we have copyonwrite enabled, this fails badly in that two threads can
    race against eachother for the current file pointer. Instead, we should
    use pread() or pwrite() to read from offset without relying on the
    current file offset, as explained in #43.
    
    Remove the myseek() function to ensure we don't make use of it anymore,
    and fix up all callers.
    
    The only exception where we can still use lseek() safely is in the
    open_treefile() function, since there we hold a mutex and hence we can't
    race against other threads.
    
    TODO: test whether this fixes the problem.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Jan 23, 2017
Commits on Jan 22, 2017
  1. Add numbers for resize extension

    yoe committed Jan 22, 2017
Commits on Jan 17, 2017
  1. Rename request in line with the kernel

    Closes #45
    yoe committed Jan 17, 2017
Commits on Dec 20, 2016
  1. Re-sort options in this man page

    The options are supposed to be alphabetically ranked, but they weren't
    anymore. Fix that.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Dec 20, 2016
  2. Make the TLS priority string configurable

    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Dec 20, 2016
  3. Initialize the GnuTLS library

    GnuTLS <= 3.3 does not initialize at load time, and requires an explicit
    call to gnutls_global_init(). Newer versions don't require it, but don't
    break if the call is absent, either.
    
    Add it for the benefit of older versions of GnuTLS
    
    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Dec 20, 2016
  4. Fix WRITE_ZEROES/STARTTLS combination

    We merged the WRITE_ZEROES support from a branch, where it was written
    before STARTTLS was implemented, without properly adapting it to the way
    things are now done in the light of STARTTLS, resulting in the
    WRITE_ZEROES function sending its reply header in the clear,
    unconditionally.
    
    Fix by using the correct function instead.
    yoe committed Dec 20, 2016
Commits on Dec 19, 2016
  1. Add the NBD_FLAG_CAN_MULTI_CONN flag, unless copyonwrite was selected

    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Dec 19, 2016
  2. Don't use relative paths for certdir

    yoe committed Dec 19, 2016
  3. Ship the self-signed key and certificate, too

    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Dec 19, 2016
  4. Define certdir in a VPATH-compatible way

    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Dec 19, 2016
  5. Add initial implementation of client certificate verification

    There are still a few things we should really be checking, but those are
    less critical and can be done later.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Dec 19, 2016
  6. Fix -d behaviour

    Since -d stops all sort of forking, we don't have a parent process to
    talk to, so don't even try.
    
    Fixes: 7e90161
    Signed-off-by: Wouter Verhelst <w@uter.be>
    Eric Blake committed with yoe Dec 19, 2016
  7. Add missing -t option

    yoe committed Dec 19, 2016
Commits on Dec 17, 2016
  1. WRITE_ZEROES is no longer an extension

    Signed-off-by: Alex Bligh <alex@alex.org.uk>
    abligh committed Dec 17, 2016
  2. INFO extension does not define NBD_OPT_BLOCKSIZE

    (it uses NBD_INFO_BLOCKSIZE)
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>
    abligh committed Dec 17, 2016
Commits on Dec 15, 2016
  1. nbd-server: Kill dead mainloop()

    Unused since commit 6c2d851.  Be the chainsaw mentioned in the comment :)
    
    Signed-off-by: Eric Blake <eblake@redhat.com>
    Signed-off-by: Alex Bligh <alex@alex.org.uk>
    abligh committed Dec 15, 2016
  2. write-zeroes: Fix doc typo prior to mainline merge

    Signed-off-by: Eric Blake <eblake@redhat.com>
    Signed-off-by: Alex Bligh <alex@alex.org.uk>
    abligh committed Dec 15, 2016
  3. Merge branch 'master' into extension-write-zeroes

    Signed-off-by: Alex Bligh <alex@alex.org.uk>
    abligh committed Dec 15, 2016
  4. Remove second include of unistd.h

    Signed-off-by: Alex Bligh <alex@alex.org.uk>
    abligh committed Dec 15, 2016
  5. Fix warning that would SEGV

    Signed-off-by: Alex Bligh <alex@alex.org.uk>
    abligh committed Dec 15, 2016
Commits on Nov 27, 2016
  1. Add BLOCK_STATUS flag

    Used by the extension of the same name.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Nov 27, 2016
  2. Refer to the project rather than the user

    Since the canonical location is now in the NetworkBlockDevice
    organisation rather than the yoe user, update URLs that we link to.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Nov 27, 2016
Commits on Nov 22, 2016
  1. Make note about NBD_FLAG_CAN_MULTI_CONN

    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Nov 22, 2016
Commits on Nov 21, 2016
  1. Request (but do not require) a certificate

    If the client has a certificate, at least we can send it to them then,
    that way.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Nov 21, 2016
  2. Add a "wrong certificate used" test

    We want to fail authentication when the certificate in use is one not
    signed by the correct CA, so ensure that that happens.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Nov 21, 2016
Commits on Nov 20, 2016
  1. Re-add the SERVER_PRECEDENCE flag

    That's still a good idea, even if we require TLS1.2
    
    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Nov 20, 2016
  2. Swap hostname and tlshostname

    The "tlshostname" argument must match the CN attribute on the server's
    certificate if we want SNI to work. Since that is set to "localhost", we
    should make sure that the -H argument actually matches that, or this
    test may fail (depending on GnuTLS version)
    
    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Nov 20, 2016
  3. Reorder tls initialization

    If we're going to check whether tlshostname != NULL, then make sure we
    don't just always set it to !NULL the line before.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Nov 20, 2016
  4. Update priority string

    We want to disallow TLS <1.2, as per spec, so update the priority string
    to do so.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Nov 20, 2016
  5. Move DH initialization into the start of the program

    Initializing DH parameters takes a while (~1s on a 2.3GHz Intel Haswell
    core i7). Rather than doing it once per connection, do it once per
    nbd-server run.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>
    yoe committed Nov 20, 2016