Re: [Libguestfs] [PATCH libnbd] api: Allow NBD URIs to be restricted.

New APIs are added which let you enable or disable features of NBD URIs, mainly for security reasons. tls-psk-file is *disabled* by default for obvious security reasons. All other features are enabled by default. ---

@@ -1445,6 +1453,75 @@ C<\"qemu:dirty-bitmap:...\"> for qemu-nbd see_also = ["L<nbd_block_status(3)>"]; }; + "set_uri_allow_transports", { + default_call with + args = [ Flags ("mask", allow_transport_flags) ]; ret = RErr; + permitted_states = [ Created ]; + shortdesc = "set the allowed transports in NBD URIs"; + longdesc = "\ +Set which transports are allowed to appear in NBD URIs. The +default is to allow any transports.

+ +The C<mask> parameter may contain any of the following flags +ORed together: + +=over 4 + +=item C<LIBNBD_ALLOW_TRANSPORT_TCP> + +=item C<LIBNBD_ALLOW_TRANSPORT_UNIX> + +=item C<LIBNBD_ALLOW_TRANSPORT_VSOCK> + +=back"; + see_also = ["L<nbd_connect_uri(3)>"; "L<nbd_set_uri_allow_tls(3)>"]; + };

+ + "set_uri_allow_tls", { + default_call with + args = [ Enum ("tls", tls_enum) ]; ret = RErr; + permitted_states = [ Created ]; + shortdesc = "set the allowed TLS settings in NBD URIs"; + longdesc = "\ +Set which TLS settings are allowed to appear in NBD URIs. The +default is to allow either non-TLS or TLS URIs. + +The C<tls> parameter can be: + +=over 4 + +=item C<LIBNBD_TLS_DISABLE> + +TLS URIs are not permitted, ie. a URI such as C<nbds://...> +will be rejected. + +=item C<LIBNBD_TLS_ALLOW> + +This is the default. TLS may be used or not, depending on +whether the URI uses C<nbds> or C<nbd>. + +=item C<LIBNBD_TLS_REQUIRE> + +TLS URIs are required. All URIs must use C<nbs>.

+=item Connect to Unix domain socket in the local filesystem + +Default: allowed + +To prevent this you must disable the C<+unix> transport