Re: [Libguestfs] [nbdkit RFC PATCH 4/4] exportname: New filter
On 8/7/20 6:59 AM, Richard W.M. Jones wrote:
On Thu, Aug 06, 2020 at 09:23:48PM -0500, Eric Blake wrote:
> Add a new filter to make it easier to add exports to a plugin that
> does advertise them, to avoid advertising where a plugin's list might
does *not* advertise them(?)
Yep.
> be an information leak, and to alter which export name is used in
> place of "".
> +=item B<exportname-list=false>
> +
> +This parameter defaults to true to advertise the modified export list,
> +although in some cases this can be viewed as an information leak.
> +Setting this parameter to false tells nbdkit to refuse to answer
> +C<NBD_OPT_LIST> queries, so that exports are no longer advertised.
> +This does not prevent a client from connecting to an export name that
> +it learns through other means.
There's a slight difference between advertising a zero-length list and
failing NBD_OPT_LIST altogether (either way, the client can't learn
which exports are available, but some clients hang up if they don't get
the NBD_REP_ACK). I may want to make this be an enum,
export-name-lisit=inherit|replace|error, rather than a bool (inherit
takes the plugin's list, and exportname= adds to it; replace advertises
only exportname= values, which may be empty; error refuses to advertise)
> +
> +=item B<exportname-strict=true>
> +
> +Normally, a client can pass whatever export name it wants, regardless
> +of whether that name is advertised. But setting this parameter to
> +true will cause the connection to fail if a client requests an export
> +name that was not included via an B<exportname> parameter. (At this
> +time, it is not possible to restrict a client to exports advertised by
> +the plugin without repeating that list via B<exportname>; this
> +technical limitation may be lifted in the future.)
> +
> +=item B<exportname=>NAME
> +
> +This parameter adds C<NAME> to the list of advertised exports; it may
> +be set multiple times.
This can either add to the names that the plugin also advertises, or
replace those names (again, a reason why I may want exportname-list to
be an enum instead of a bool).
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3226
Virtualization: qemu.org | libvirt.org