Hi Daniel, Something occurred to me earlier today:
On Fri, Nov 27, 2015 at 12:20:38PM +0000, Daniel P. Berrange wrote: > As is, if the client connects to a TLS enabled NBD server and then > immediately sends NBD_OPT_EXPORT_NAME, it is not possible for us > to send back NBD_REP_ERR_TLS_REQD as the spec requires that the > server close the connection :-( For this reason I have made the > qemu NBD client always send NBD_OPT_LIST as the first thing it > does, so that we can see the NBD_REP_ERR_TLS_REQD response. Why not have it send NBD_OPT_STARTTLS as the first message if you want to do TLS? That way, either the server doesn't support it because too old (and you get NBD_REP_ERR_UNSUP) or configuration (and you get NBD_REP_ERR_POLICY), or it does and you're in TLS. Did I miss something? -- It is easy to love a country that is famous for chocolate and beer -- Barack Obama, speaking in Brussels, Belgium, 2014-03-26 ------------------------------------------------------------------------------ Go from Idea to Many App Stores Faster with Intel(R) XDK Give your users amazing mobile app experiences with Intel(R) XDK. Use one codebase in this all-in-one HTML5 development environment. Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs. http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140 _______________________________________________ Nbd-general mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nbd-general
