oVirt uses random URLs to expose images temporarily via HTTPS. We would
like to integrated qemu-nbd in the same system, proving a user an easy
and uniform way to access an image - either using HTTPS:
https://server:54322/images/dc72d3cc-b933-45e8-89a2-e028e1c2ef3d
Or using NBD over TLS:
nbd://server:10809/dc72d3cc-b933-45e8-89a2-e028e1c2ef3d
Unfortunatly, qemu-nbd allows listing exports by default. Allowing
anyone to find the secret export using easy to guess port number.
These patches:
- add --nolist option to qemu-nbd, disabling NBD_OPT_LIST command.
- add some infrastructure ot iotests.py
- and use the new infrastructure to add test the new option using
nbd-client.
Adding dependency on nbd-client may be probelematic, but I think
qemu-nbd should have tests ensuring compatibility with other tools.
Nir Soffer (3):
nbd: Add option to disallow listing exports
iotests.py: Add helper for running commands
qemu-iotests: Test new qemu-nbd --nolist option
blockdev-nbd.c | 2 +-
include/block/nbd.h | 1 +
nbd/server.c | 7 +++++++
qemu-nbd.c | 9 ++++++++-
qemu-nbd.texi | 2 ++
tests/qemu-iotests/214 | 46 +++++++++++++++++++++++++++++++++++++++++++
tests/qemu-iotests/214.out | 2 ++
tests/qemu-iotests/group | 1 +
tests/qemu-iotests/iotests.py | 18 +++++++++++++++++
9 files changed, 86 insertions(+), 2 deletions(-)
create mode 100755 tests/qemu-iotests/214
create mode 100644 tests/qemu-iotests/214.out
--
2.14.3