On 9/9/19 4:13 AM, Daniel P. Berrangé wrote: > On Sat, Sep 07, 2019 at 12:20:55PM -0500, Eric Blake wrote: >> I received an off-list report of failure to connect to an NBD server >> expecting an x509 certificate, when the client was attempting something >> similar to this command line: >>
>> +++ b/nbd/client.c >> @@ -204,6 +204,7 @@ static int nbd_handle_reply_err(QIOChannel *ioc, >> NBDOptionReply *reply, >> case NBD_REP_ERR_TLS_REQD: >> error_setg(errp, "TLS negotiation required before option %" PRIu32 >> " (%s)", reply->option, nbd_opt_lookup(reply->option)); >> + error_append_hint(errp, "Did you forget a valid tls-creds?\n"); >> break; >> >> case NBD_REP_ERR_UNKNOWN: > > Reviewed-by: Daniel P. Berrangé <berra...@redhat.com> Thanks. I should really learn to finish my iotest runs before posting, because I have to squash this in before queuing through my NBD tree. diff --git i/tests/qemu-iotests/233.out w/tests/qemu-iotests/233.out index 24321efa113b..c3c344811b2b 100644 --- i/tests/qemu-iotests/233.out +++ w/tests/qemu-iotests/233.out @@ -21,8 +21,10 @@ server reported: TLS not configured == check plain client to TLS server fails == qemu-img: Could not open 'nbd://localhost:PORT': TLS negotiation required before option 7 (go) +Did you forget a valid tls-creds? server reported: Option 0x7 not permitted before TLS qemu-nbd: TLS negotiation required before option 3 (list) +Did you forget a valid tls-creds? server reported: Option 0x3 not permitted before TLS == check TLS works == -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3226 Virtualization: qemu.org | libvirt.org
signature.asc
Description: OpenPGP digital signature