Signed-off-by: Alex Bligh <[email protected]>
---
nbd-client.c | 60 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++---
1 file changed, 57 insertions(+), 3 deletions(-)
diff --git a/nbd-client.c b/nbd-client.c
index d9cdb19..ff79a27 100644
--- a/nbd-client.c
+++ b/nbd-client.c
@@ -344,7 +344,7 @@ void negotiate(int sock, u64 *rsize64, uint16_t *flags,
char* name, uint32_t nee
*rsize64 = size64;
}
-bool get_from_config(char* cfgname, char** name_ptr, char** dev_ptr, char**
hostn_ptr, int* bs, int* timeout, int* persist, int* swap, int* sdp, int*
b_unix, char**port) {
+bool get_from_config(char* cfgname, char** name_ptr, char** dev_ptr, char**
hostn_ptr, int* bs, int* timeout, int* persist, int* swap, int* sdp, int*
b_unix, char**port, char **certfile, char **keyfile, char **cacertfile, char
**tlshostname) {
int fd = open(SYSCONFDIR "/nbdtab", O_RDONLY);
bool retval = false;
if(fd < 0) {
@@ -433,6 +433,22 @@ bool get_from_config(char* cfgname, char** name_ptr,
char** dev_ptr, char** host
loc += 4;
goto next;
}
+ if(!strncmp(loc, "certfile=", 9)) {
+ *certfile = strndup(loc+9, strcspn(loc+9, ","));
+ goto next;
+ }
+ if(!strncmp(loc, "keyfile=", 8)) {
+ *keyfile = strndup(loc+8, strcspn(loc+8, ","));
+ goto next;
+ }
+ if(!strncmp(loc, "cacertfile=", 11)) {
+ *cacertfile = strndup(loc+11, strcspn(loc+11, ","));
+ goto next;
+ }
+ if(!strncmp(loc, "hostname=", 9)) {
+ *tlshostname = strndup(loc+9, strcspn(loc+9, ","));
+ goto next;
+ }
// skip unknown options, with a warning unless they start with
a '_'
l = strcspn(loc, ",");
if(*loc != '_') {
@@ -545,6 +561,9 @@ void usage(char* errmsg, ...) {
fprintf(stderr, "Or : nbd-client -c nbd_device\n");
fprintf(stderr, "Or : nbd-client -h|--help\n");
fprintf(stderr, "Or : nbd-client -l|--list host\n");
+#ifdef WITH_GNUTLS
+ fprintf(stderr, "All commands that connect to a host also take:
[-C|-certfile certfile] [-K|-keyfile keyfile] [-A|-cacertfile cacertfile]
[-H|-hostname hostname]\n");
+#endif
fprintf(stderr, "Default value for blocksize is 1024 (recommended for
ethernet)\n");
fprintf(stderr, "Allowed values for blocksize are
512,1024,2048,4096\n"); /* will be checked in kernel :) */
fprintf(stderr, "Note, that kernel 2.4.2 and older ones do not work
correctly with\n");
@@ -588,6 +607,10 @@ int main(int argc, char *argv[]) {
uint32_t cflags=NBD_FLAG_C_FIXED_NEWSTYLE;
uint32_t opts=0;
sigset_t block, old;
+ char *certfile = NULL;
+ char *keyfile = NULL;
+ char *cacertfile = NULL;
+ char *tlshostname = NULL;
struct sigaction sa;
struct option long_options[] = {
{ "block-size", required_argument, NULL, 'b' },
@@ -603,12 +626,16 @@ int main(int argc, char *argv[]) {
{ "systemd-mark", no_argument, NULL, 'm' },
{ "timeout", required_argument, NULL, 't' },
{ "unix", no_argument, NULL, 'u' },
+ { "certfile", required_argument, NULL, 'C' },
+ { "keyfile", required_argument, NULL, 'K' },
+ { "cacertfile", required_argument, NULL, 'A' },
+ { "hostname", required_argument, NULL, 'H' },
{ 0, 0, 0, 0 },
};
logging(MY_NAME);
- while((c=getopt_long_only(argc, argv, "-b:c:d:hlnN:pSst:u",
long_options, NULL))>=0) {
+ while((c=getopt_long_only(argc, argv, "-b:c:d:hlnN:pSst:uC:K:A:H:",
long_options, NULL))>=0) {
switch(c) {
case 1:
// non-option argument
@@ -693,6 +720,27 @@ int main(int argc, char *argv[]) {
case 'u':
b_unix = 1;
break;
+#ifdef WITH_GNUTLS
+ case 'C':
+ certfile=strdup(optarg);
+ break;
+ case 'K':
+ keyfile=strdup(optarg);
+ break;
+ case 'A':
+ cacertfile=strdup(optarg);
+ break;
+ case 'H':
+ tlshostname=strdup(optarg);
+ break;
+#else
+ case 'C':
+ case 'K':
+ case 'H':
+ case 'A':
+ fprintf(stderr, "E: TLS support not compiled in\n");
+ exit(EXIT_FAILURE);
+#endif
default:
fprintf(stderr, "E: option eaten by 42 mice\n");
exit(EXIT_FAILURE);
@@ -706,7 +754,7 @@ int main(int argc, char *argv[]) {
if(hostname) {
if((!name || !nbddev) && !(opts & NBDC_DO_LIST)) {
if(!strncmp(hostname, "nbd", 3) || !strncmp(hostname,
"/dev/nbd", 8)) {
- if(!get_from_config(hostname, &name, &nbddev,
&hostname, &blocksize, &timeout, &cont, &swap, &sdp, &b_unix, &port)) {
+ if(!get_from_config(hostname, &name, &nbddev,
&hostname, &blocksize, &timeout, &cont, &swap, &sdp, &b_unix, &port, &certfile,
&keyfile, &cacertfile, &hostname)) {
usage("no valid configuration for
specified device found", hostname);
exit(EXIT_FAILURE);
}
@@ -720,6 +768,12 @@ int main(int argc, char *argv[]) {
exit(EXIT_FAILURE);
}
+ if (keyfile && !certfile)
+ certfile = strdup(keyfile);
+
+ if (!tlshostname && hostname)
+ tlshostname = strdup(hostname);
+
if(strlen(name)==0 && !(opts & NBDC_DO_LIST)) {
printf("Warning: the oldstyle protocol is no longer
supported.\nThis method now uses the newstyle protocol with a default
export\n");
}
--
1.9.1
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Nbd-general mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nbd-general
