This commit documents the limits on export name, encoding, etc.
---
generator/generator | 12 +---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/generator/generator b/generator/generator
index a72f36c..87a8cdf 100755
--- a/generator/generator
+++ b/generator/generator
@@
On Mon, Sep 16, 2019 at 11:01:49AM -0500, Eric Blake wrote:
> On 9/15/19 9:55 AM, Richard W.M. Jones wrote:
> > +Another use for the reflection plugin is to send back the client's IP
> > +address:
> > +
> > + $ nbdkit reflection mode=address
> > + $ nbdsh -u 'nbd://localhost' -c
On Mon, Sep 16, 2019 at 02:29:38PM -0500, Eric Blake wrote:
> When we moved to an enum instead of raw int for nbd_set_tls(), we
> should have also updated our code to prefer the enum values. While at
> it, improve the grammar of error messages (confusing since 632196ec,
> and copy-and-pasted into
On Mon, Sep 16, 2019 at 02:35:33PM -0500, Eric Blake wrote:
> Similar to the recent --mask-handshake command line added to nbdkit to
> test client fallbacks to crippled servers, it can be worth testing
> server fallbacks to crippled clients. And just as we have exposed
> whether the client will
On Mon, Sep 16, 2019 at 07:13:44PM +0200, Pino Toscano wrote:
> Split the VM existance check out of the precheck script to a new vmcheck
> script, and invoke that in #prepare_targets. Invoke the precheck script
> in #precheck, as now it can be run with only values of command line
> options.
>
>
On Mon, Sep 16, 2019 at 07:13:46PM +0200, Pino Toscano wrote:
> -(* We don't have the storage domain UUID, but instead we write
> - * in a magic value which the Python code (which can get it)
> - * will substitute.
> - *)
> -let sd_uuid = "@SD_UUID@" in
> +(* The storage
On 9/17/19 2:42 AM, Richard W.M. Jones wrote:
> On Mon, Sep 16, 2019 at 10:33:18AM -0500, Eric Blake wrote:
>> Is it worth noting that the NBD protocol imposes a 4k limit on the
>> export name, which would limit things to about a 3k disk image when
>> using base64? (It looks like nbdkit does not
This commit adds a new API which can be used from the connected to
state to read back which NBD protocol (eg. oldstyle, newstyle-fixed)
we are using.
It was helpful to add a new state in newstyle negotiation
(%NEWSTYLE.FINISHED) so we can route all successful option
negotiations through a single
When LIBNBD_TLS_ALLOW is used we don't have a way to find out if TLS
was really negotiated. This adds a flag and a way to read it back.
Unfortunately there is no test yet, because LIBNBD_TLS_ALLOW is not
tested -- it really should be but requires quite a complicated set of
tests because ideally
On Mon, Sep 16, 2019 at 07:13:47PM +0200, Pino Toscano wrote:
> If there is no DC with the specified storage domain attached to it, it
> can mean that the SD does not exist.
> ---
> v2v/rhv-upload-precheck.py | 9 +
> 1 file changed, 9 insertions(+)
>
> diff --git
On 9/17/19 3:32 AM, Richard W.M. Jones wrote:
> This commit documents the limits on export name, encoding, etc.
> ---
> generator/generator | 12 +---
> 1 file changed, 9 insertions(+), 3 deletions(-)
>
ACK.
> diff --git a/generator/generator b/generator/generator
> index
On Mon, Sep 16, 2019 at 07:13:48PM +0200, Pino Toscano wrote:
> Add a simple method in the Output class to do work right after a disk
> was successfully copied.
> ---
> v2v/types.ml | 1 +
> v2v/types.mli | 4
> v2v/v2v.ml| 9 -
> 3 files changed, 13 insertions(+), 1 deletion(-)
I think we should do this slightly differently for consistency with
other classes. See here for example:
https://github.com/libguestfs/libguestfs/blob/dea9636c596acd030c9955057863cf080bdd89fb/v2v/output_openstack.ml#L395-L398
(1) Declare a val mutable in the object:
val mutable
On Mon, Sep 16, 2019 at 07:13:51PM +0200, Pino Toscano wrote:
> Make sure to cancel the trasfer in RHV in case of failure during the
> copying of a disk: this way, the disk can be actually removed by RHV
> itself.
> ---
> v2v/rhv-upload-plugin.py | 2 ++
> 1 file changed, 2 insertions(+)
>
>
On Tue, Sep 17, 2019 at 11:43:33AM +0100, Richard W.M. Jones wrote:
> > +(* The virtual machine was created successfully, so there are no disks
> > + * to remove manually.
> > + *)
> > +disks_uuids <- []
>
> (3) Remove this hunk.
Sorry, don't remove it, change it to
On 9/17/19 3:14 AM, Richard W.M. Jones wrote:
> On Mon, Sep 16, 2019 at 11:01:49AM -0500, Eric Blake wrote:
>> On 9/15/19 9:55 AM, Richard W.M. Jones wrote:
>>> +Another use for the reflection plugin is to send back the client's IP
>>> +address:
>>> +
>>> + $ nbdkit reflection mode=address
>>> + $
On Mon, Sep 16, 2019 at 07:13:49PM +0200, Pino Toscano wrote:
> Instead of waiting for the completion of the nbdkit transfers to get the
> UUIDs of the disks, use the new #disk_copied hook to do that after each
> disk is copied.
>
> This has almost no behaviour on rhv-upload, except for the
On 9/17/19 5:02 AM, Richard W.M. Jones wrote:
> When LIBNBD_TLS_ALLOW is used we don't have a way to find out if TLS
> was really negotiated. This adds a flag and a way to read it back.
>
> Unfortunately there is no test yet, because LIBNBD_TLS_ALLOW is not
> tested -- it really should be but
On Tue, Sep 17, 2019 at 05:51:15AM -0500, Eric Blake wrote:
> >>> +#define reflection_config_help \
> >>> + "mode=MODEPlugin mode."
> >>> +
> >>
> >> Worth listing the valid values of MODE, or the fact that this parameter
> >> is optional because it defaults to exportname?
> >
> > OK.
>
> I
On 9/17/19 5:02 AM, Richard W.M. Jones wrote:
> This commit adds a new API which can be used from the connected to
> state to read back which NBD protocol (eg. oldstyle, newstyle-fixed)
> we are using.
Somewhat of an overlap with my get_handshake_flags (as newstyle-fixed
corresponds to whether
On 9/17/19 6:38 AM, Eric Blake wrote:
>> +++ b/generator/generator
>> @@ -1066,10 +1066,16 @@ C<\"nbd2\">, etc.";
>> longdesc = "\
>> For servers which require an export name or can serve different
>> content on different exports, set the C to
>> -connect to. This is only relevant for the
Similar to nbd_get_tls_negotiated, for observing what we actually
settled on with the server, rather than what was requested.
---
generator/generator | 30 +-
lib/handle.c | 6 ++
tests/meta-base-allocation.c | 15 +++
Thanks - I pushed the series now.
I will be doing a release of 1.0 and 1.1 today to include the
security fix that you found.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
ACK
(Was pushed already after discussion on IRC)
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-top is 'top' for virtual machines. Tiny program with many
powerful monitoring
This neutral refactoring adds -DTLS_MODE. We can in future change the
requested TLS mode, but not in this commit.
It also checks that nbd_get_tls_negotiated returns true after
connecting, when the requested mode was set to LIBNBD_TLS_REQUIRE.
---
interop/Makefile.am | 4
interop/interop.c
Test both the TLS enabled and fallback paths.
nbd-server doesn't appear to support TLS at all, and qemu-nbd is known
not to allow fallback to unencrypted, and therefore it only makes
sense to test nbdkit at the moment.
---
.gitignore | 4
TODO| 3 ---
I was a little surprised to find that LIBNBD_TLS_ALLOW worked out of
the box, so I had to examine the logs whereupon I saw the magic
message ...
libnbd: debug: nbd1: nbd_connect_command: server refused TLS (policy),
continuing with unencrypted connection
I don't believe this path has ever
Simple refactoring with no effect.
---
interop/Makefile.am | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/interop/Makefile.am b/interop/Makefile.am
index 1d2d187..7bb44d9 100644
--- a/interop/Makefile.am
+++ b/interop/Makefile.am
@@ -47,8 +47,6 @@ if HAVE_QEMU_NBD
Neutral refactoring.
---
interop/interop.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/interop/interop.c b/interop/interop.c
index a3ab39b..0b7b1a5 100644
--- a/interop/interop.c
+++ b/interop/interop.c
@@ -66,10 +66,12 @@ main (int argc, char *argv[])
goto out;
}
+#ifdef
29 matches
Mail list logo