While these are per-connection rather than per-export settings, it is
still useful to have a quick-and-silent command-line query rather than
having to parse full info output.
While touching info-can.sh, strengthen it to insist that an
unsupported feature is reported with status 2, rather than any
non-zero status.
---
info/nbdinfo.pod | 34 ++++++++++++++++++++++++----------
info/can.c | 15 ++++++++++++++-
info/info-can-connect.sh | 9 ++++++++-
info/info-can.sh | 35 ++++++++++++++++++++++++++++++++---
info/info-uri-nbds.sh | 5 +++--
5 files changed, 81 insertions(+), 17 deletions(-)
diff --git a/info/nbdinfo.pod b/info/nbdinfo.pod
index a95b64f2..abc56f62 100644
--- a/info/nbdinfo.pod
+++ b/info/nbdinfo.pod
@@ -156,6 +156,15 @@ All NBD servers must support read, so this always exits with success
Test if we can connect to the NBD URI.
+=item nbdinfo --is tls URI
+
+Test if the NBD URI connection is using TLS.
+
+=item nbdinfo --can structured-reply URI
+
+Test if server can respond with structured replies (a prerequisite
+for supporting block status commands).
+
=item nbdinfo --is rotational URI
Test if the server export is backed by something which behaves like a
@@ -313,23 +322,25 @@ Display brief command line help and exit.
=item B<--can read>
+=item B<--can structured-reply>
+
=item B<--can trim>
=item B<--can write>
=item B<--can zero>
-Test properties of the NBD server export. The command does not print
-anything. Instead it exits with success (S<exit code 0>) if true, or
-failure (S<exit code 2>) if false. (Other exit codes indicate an
-error querying the flag).
+Test properties of the NBD server export or the connection itself.
+The command does not print anything. Instead it exits with success
+(S<exit code 0>) if true, or failure (S<exit code 2>) if false.
+(Other exit codes indicate an error querying the flag).
For further information see the L<NBD
protocol|https://github.com/NetworkBlockDevice/nbd/blob/master/doc/proto....
and the following libnbd functions: L<nbd_can_cache(3)>,
L<nbd_can_df(3)>, L<nbd_can_fast_zero(3)>, L<nbd_can_flush(3)>,
L<nbd_can_fua(3)>, L<nbd_can_multi_conn(3)>, L<nbd_can_trim(3)>,
-L<nbd_can_zero(3)>, L<nbd_is_read_only(3)>.
+L<nbd_can_zero(3)>, L<nbd_is_read_only(3)>,
L<nbd_get_tls_negotiated(3)>.
=item B<--color>
@@ -362,15 +373,18 @@ use I<--list --content>.
=item B<--is rotational>
-Test if the NBD server export is read-only and rotational. The
-command does not print anything. Instead it exits with success
-(S<exit code 0>) if true, or failure (S<exit code 2>) if false.
-(Other exit codes indicate an error querying the flag).
+=item B<--is tls>
+
+Test if the NBD server export is read-only and rotational, or whether
+the connection itself is using TLS. The command does not print
+anything. Instead it exits with success (S<exit code 0>) if true, or
+failure (S<exit code 2>) if false. (Other exit codes indicate an
+error querying the flag).
For further information see the L<NBD
protocol|https://github.com/NetworkBlockDevice/nbd/blob/master/doc/proto....
and the following libnbd functions: L<nbd_is_read_only(3)>,
-L<nbd_is_rotational(3)>.
+L<nbd_is_rotational(3)>, L<nbd_get_tls_negotiated(3)>.
=item B<--json>
diff --git a/info/can.c b/info/can.c
index ee8bbb76..08d6bcd5 100644
--- a/info/can.c
+++ b/info/can.c
@@ -1,5 +1,5 @@
/* NBD client library in userspace
- * Copyright (C) 2020-2021 Red Hat Inc.
+ * Copyright (C) 2020-2022 Red Hat Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@@ -37,6 +37,19 @@ do_can (void)
strcasecmp (can, "read") == 0)
feature = 1;
+ else if (strcasecmp (can, "tls") == 0)
+ feature = nbd_get_tls_negotiated (nbd);
+
+ else if (strcasecmp (can, "sr") == 0 ||
+ strcasecmp (can, "structured") == 0 ||
+ strcasecmp (can, "structured reply") == 0 ||
+ strcasecmp (can, "structured-reply") == 0 ||
+ strcasecmp (can, "structured_reply") == 0 ||
+ strcasecmp (can, "structured replies") == 0 ||
+ strcasecmp (can, "structured-replies") == 0 ||
+ strcasecmp (can, "structured_replies") == 0)
+ feature = nbd_get_structured_replies_negotiated (nbd);
+
else if (strcasecmp (can, "readonly") == 0 ||
strcasecmp (can, "read-only") == 0 ||
strcasecmp (can, "read_only") == 0)
diff --git a/info/info-can-connect.sh b/info/info-can-connect.sh
index eecc290a..2520e5ab 100755
--- a/info/info-can-connect.sh
+++ b/info/info-can-connect.sh
@@ -1,6 +1,6 @@
#!/usr/bin/env bash
# nbd client library in userspace
-# Copyright (C) 2020-2021 Red Hat Inc.
+# Copyright (C) 2020-2022 Red Hat Inc.
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@@ -27,3 +27,10 @@ requires nbdkit null --version
nbdkit -v -U - null \
--run '$VG nbdinfo --can connect
"nbd+unix:///?socket=$unixsocket"'
+
+# --is tls is false for unencrypted connections.
+
+st=0
+nbdkit -v -U - null \
+ --run '$VG nbdinfo --is tls "nbd+unix:///?socket=$unixsocket"'
|| st=$?
+test $st = 2
diff --git a/info/info-can.sh b/info/info-can.sh
index 6f13665c..3edc3948 100755
--- a/info/info-can.sh
+++ b/info/info-can.sh
@@ -1,6 +1,6 @@
#!/usr/bin/env bash
# nbd client library in userspace
-# Copyright (C) 2020-2021 Red Hat Inc.
+# Copyright (C) 2020-2022 Red Hat Inc.
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@@ -26,6 +26,8 @@ requires bash -c "nbdkit sh --dump-plugin | grep
has_can_cache=1"
# --is read-only and --can write are tested in info-is-read-only.sh
+# --is tls is tested in info-uri-nbds.sh and info-can-connect.sh
+
# --can connect is tested in info-can-connect.sh
# --can read is tested in info-can-read.sh
@@ -36,6 +38,29 @@ requires bash -c "nbdkit sh --dump-plugin | grep
has_can_cache=1"
# and oldstyle never, but that feels like depending a bit too much on
# the implementation.
+# --can structured-reply is not a per-export setting, but rather
+# something set on the server as a whole.
+
+nbdkit -v -U - sh - \
+ --run '$VG nbdinfo --can structured-reply
"nbd+unix:///?socket=$unixsocket"' <<'EOF'
+case "$1" in
+ get_size) echo 1024 ;;
+ pread) ;;
+ *) exit 2 ;;
+esac
+EOF
+
+st=0
+nbdkit -v -U - --no-sr sh - \
+ --run '$VG nbdinfo --can structured-reply
"nbd+unix:///?socket=$unixsocket"' <<'EOF' || st=$?
+case "$1" in
+ get_size) echo 1024 ;;
+ pread) ;;
+ *) exit 2 ;;
+esac
+EOF
+test $st = 2
+
# --can cache and --can fua require special handling because in
# nbdkit-sh-plugin we must print "native" or "none". Also the
can_fua
# flag is only sent if the export is writable (hence can_write below).
@@ -53,8 +78,9 @@ case "$1" in
esac
EOF
+ st=0
nbdkit -v -U - sh - \
- --run '! $VG nbdinfo --can $flag
"nbd+unix:///?socket=$unixsocket"' <<'EOF'
+ --run '$VG nbdinfo --can $flag
"nbd+unix:///?socket=$unixsocket"' <<'EOF' || st=$?
case "$1" in
get_size) echo 1024 ;;
pread) ;;
@@ -63,6 +89,7 @@ case "$1" in
*) exit 2 ;;
esac
EOF
+ test $st = 2
done
# These ones are normal booleans.
@@ -80,8 +107,9 @@ case "$1" in
esac
EOF
+ st=0
nbdkit -v -U - sh - \
- --run '! $VG nbdinfo --can $flag
"nbd+unix:///?socket=$unixsocket"' <<'EOF'
+ --run '$VG nbdinfo --can $flag
"nbd+unix:///?socket=$unixsocket"' <<'EOF' || st=$?
case "$1" in
get_size) echo 1024 ;;
pread) ;;
@@ -90,4 +118,5 @@ case "$1" in
*) exit 2 ;;
esac
EOF
+ test $st = 2
done
diff --git a/info/info-uri-nbds.sh b/info/info-uri-nbds.sh
index f9637a92..afefe58b 100755
--- a/info/info-uri-nbds.sh
+++ b/info/info-uri-nbds.sh
@@ -1,6 +1,6 @@
#!/usr/bin/env bash
# nbd client library in userspace
-# Copyright (C) 2020-2021 Red Hat Inc.
+# Copyright (C) 2020-2022 Red Hat Inc.
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@@ -47,7 +47,8 @@ cleanup_fn rm -rf $d
export pki
nbdkit -U - --tls=require --tls-verify-peer --tls-certificates=$pki \
null size=1M \
- --run '$VG nbdinfo --json
"nbds+unix:///?socket=$unixsocket&tls-certificates=$pki"' > $out
+ --run '$VG nbdinfo --json
"nbds+unix:///?socket=$unixsocket&tls-certificates=$pki" &&
+ $VG nbdinfo --is tls
"nbds+unix:///?socket=$unixsocket&tls-certificates=$pki"' > $out
cat $out
jq . < $out
--
2.37.3