[Libguestfs] [PATCH libnbd] api: Allow NBD URIs to be restricted.

Previous discussion: https://www.redhat.com/archives/libguestfs/2019-August/msg00102.html Last night I experimentally added support for URIs that contain the query parameter tls-psk-file, as part of rewriting the tests to cover more of the URI code. So you can now have a URI like: nbds://alice@localhost/?tls-psk-file=keys.psk However there's an obvious security problem here because now any libnbd program which takes URIs from less trusted sources will open a local file under the user's control. So it's time to restrict what can appear in URIs. I've added three new APIs for this purpose, see generator/generator in this patch for documentation. The defaults are fairly liberal, except we do prevent opening local files (except socket) by default. Rich.