The NBD protocol states that servers may still choose to honor various
NBD_OPT_* from a client that did not reply with
NBD_FLAG_C_FIXED_NEWSTYLE; however, for integration testing purposes,
it's a lot nicer if we reject everything except NBD_OPT_EXPORT_NAME
from such a client (for example, with this in place, we might have
spotted the bug fixed in commit e03b34d6 a bit sooner). Thus, a
client that does not claim to understand fixed newstyle can now no
longer trigger TLS, structured replies, meta contexts, or the nicer
handling of NBD_OPT_GO. All well-known clients listed in
nbdkit-protocol.pod default to requesting fixed newstyle, so this
shouldn't affect normal usage.
Signed-off-by: Eric Blake <ebl...@redhat.com>
---
server/protocol-handshake-newstyle.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/server/protocol-handshake-newstyle.c
b/server/protocol-handshake-newstyle.c
index 9ddc3198..486d416f 100644
--- a/server/protocol-handshake-newstyle.c
+++ b/server/protocol-handshake-newstyle.c
@@ -259,6 +259,16 @@ negotiate_handshake_newstyle_options (struct connection
*conn)
option = be32toh (new_option.option);
optname = name_of_nbd_opt (option);
+ /* If the client lacks fixed newstyle support, it should only send
+ * NBD_OPT_EXPORT_NAME.
+ */
+ if (!(conn->cflags & NBD_FLAG_FIXED_NEWSTYLE) &&
+ option != NBD_OPT_EXPORT_NAME) {
+ if (send_newstyle_option_reply (conn, option, NBD_REP_ERR_INVALID))
+ return -1;
+ continue;
+ }
+
/* In --tls=require / FORCEDTLS mode the only options allowed
* before TLS negotiation are NBD_OPT_ABORT and NBD_OPT_STARTTLS.
*/
--
2.21.0
_______________________________________________
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs
