Compare commits
5 Commits
Author | SHA1 | Date |
---|---|---|
Richard W.M. Jones | ab35bd208f | |
Richard W.M. Jones | 19fec5b941 | |
Richard W.M. Jones | 8651382d3e | |
Richard W.M. Jones | cdfa595f38 | |
Richard W.M. Jones | 4b95b33cb8 |
|
@ -0,0 +1,83 @@
|
|||
From d2d3940a65dab60a2caeaf824eaff12fcc85e1f0 Mon Sep 17 00:00:00 2001
|
||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||
Date: Thu, 12 Sep 2019 10:28:19 +0100
|
||||
Subject: [PATCH 2/3] nbd_connect_tcp: Try to return errno from underlying
|
||||
connect(2) call.
|
||||
|
||||
When we make a TCP connection we have to make multiple underlying
|
||||
connect(2) calls, once for each address returned by getaddrinfo.
|
||||
Unfortunately this meant that we lost the errno from any of these
|
||||
calls:
|
||||
|
||||
$ nbdsh -c 'h.connect_tcp ("localhost", "nbd")'
|
||||
nbd.Error: nbd_connect_tcp: connect: localhost:nbd: could not connect to remote host
|
||||
|
||||
This commit saves the errno from the first failed connect(2):
|
||||
|
||||
$ ./run nbdsh -c 'h.connect_tcp ("localhost", "nbd")'
|
||||
nbd.Error: nbd_connect_tcp: connect: localhost:nbd: could not connect to remote host: Connection refused (ECONNREFUSED)
|
||||
---
|
||||
generator/states-connect.c | 12 ++++++++++--
|
||||
lib/internal.h | 1 +
|
||||
2 files changed, 11 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/generator/states-connect.c b/generator/states-connect.c
|
||||
index 9e2e1d4..e9b3582 100644
|
||||
--- a/generator/states-connect.c
|
||||
+++ b/generator/states-connect.c
|
||||
@@ -128,6 +128,8 @@ disable_nagle (int sock)
|
||||
h->result = NULL;
|
||||
}
|
||||
|
||||
+ h->connect_errno = 0;
|
||||
+
|
||||
memset (&h->hints, 0, sizeof h->hints);
|
||||
h->hints.ai_family = AF_UNSPEC;
|
||||
h->hints.ai_socktype = SOCK_STREAM;
|
||||
@@ -160,7 +162,8 @@ disable_nagle (int sock)
|
||||
* Save errno from most recent connect(2) call. XXX
|
||||
*/
|
||||
SET_NEXT_STATE (%^START);
|
||||
- set_error (0, "connect: %s:%s: could not connect to remote host",
|
||||
+ set_error (h->connect_errno,
|
||||
+ "connect: %s:%s: could not connect to remote host",
|
||||
h->hostname, h->port);
|
||||
return -1;
|
||||
}
|
||||
@@ -182,6 +185,8 @@ disable_nagle (int sock)
|
||||
|
||||
if (connect (fd, h->rp->ai_addr, h->rp->ai_addrlen) == -1) {
|
||||
if (errno != EINPROGRESS) {
|
||||
+ if (h->connect_errno == 0)
|
||||
+ h->connect_errno = errno;
|
||||
SET_NEXT_STATE (%NEXT_ADDRESS);
|
||||
return 0;
|
||||
}
|
||||
@@ -203,8 +208,11 @@ disable_nagle (int sock)
|
||||
/* This checks the status of the original connect call. */
|
||||
if (status == 0)
|
||||
SET_NEXT_STATE (%^MAGIC.START);
|
||||
- else
|
||||
+ else {
|
||||
+ if (h->connect_errno == 0)
|
||||
+ h->connect_errno = status;
|
||||
SET_NEXT_STATE (%NEXT_ADDRESS);
|
||||
+ }
|
||||
return 0;
|
||||
|
||||
CONNECT_TCP.NEXT_ADDRESS:
|
||||
diff --git a/lib/internal.h b/lib/internal.h
|
||||
index a48edff..ccaca32 100644
|
||||
--- a/lib/internal.h
|
||||
+++ b/lib/internal.h
|
||||
@@ -188,6 +188,7 @@ struct nbd_handle {
|
||||
char *hostname, *port;
|
||||
struct addrinfo hints;
|
||||
struct addrinfo *result, *rp;
|
||||
+ int connect_errno;
|
||||
|
||||
/* When sending metadata contexts, this is used. */
|
||||
size_t querynum;
|
||||
--
|
||||
2.23.0
|
||||
|
|
@ -0,0 +1,71 @@
|
|||
From b23b5b32250e5a03e4cc38ccf973e25e63ccc6d9 Mon Sep 17 00:00:00 2001
|
||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||
Date: Thu, 12 Sep 2019 10:38:48 +0100
|
||||
Subject: [PATCH 3/3] interop: Retry TCP connections to qemu-nbd.
|
||||
|
||||
The test interop-qemu-nbd-tls-certs frequently fails on slow (32 bit)
|
||||
machines in Fedora Koji. (Is crypto slow on these already overloaded
|
||||
machines?)
|
||||
|
||||
As we cannot wait for a signal when qemu-nbd is ready start serving,
|
||||
we have to use a sleep. The current sleep is 5 seconds, which is not
|
||||
long enough. Making the sleep longer would work but is inconsiderate
|
||||
for people using faster machines. Therefore replace this with a retry
|
||||
loop with exponential backoff.
|
||||
|
||||
I tested this with a simple wrapper around qemu-nbd which did:
|
||||
|
||||
sleep 5; exec /usr/bin/qemu-nbd "$@"
|
||||
---
|
||||
interop/interop.c | 19 +++++++++++++------
|
||||
1 file changed, 13 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/interop/interop.c b/interop/interop.c
|
||||
index 662d871..a3ab39b 100644
|
||||
--- a/interop/interop.c
|
||||
+++ b/interop/interop.c
|
||||
@@ -28,6 +28,7 @@
|
||||
#include <fcntl.h>
|
||||
#include <time.h>
|
||||
#include <signal.h>
|
||||
+#include <errno.h>
|
||||
#include <sys/types.h>
|
||||
|
||||
#include <libnbd.h>
|
||||
@@ -44,6 +45,7 @@ main (int argc, char *argv[])
|
||||
int port;
|
||||
char port_str[16];
|
||||
pid_t pid = -1;
|
||||
+ int retry;
|
||||
#endif
|
||||
int64_t actual_size;
|
||||
char buf[512];
|
||||
@@ -114,14 +116,19 @@ main (int argc, char *argv[])
|
||||
}
|
||||
|
||||
/* Unfortunately there's no good way to wait for qemu-nbd to start
|
||||
- * serving, so ...
|
||||
+ * serving, so we need to retry here.
|
||||
*/
|
||||
- sleep (5);
|
||||
-
|
||||
- if (nbd_connect_tcp (nbd, "localhost", port_str) == -1) {
|
||||
- fprintf (stderr, "%s\n", nbd_get_error ());
|
||||
- goto out;
|
||||
+ for (retry = 0; retry < 5; ++retry) {
|
||||
+ sleep (1 << retry);
|
||||
+ if (nbd_connect_tcp (nbd, "localhost", port_str) == -1) {
|
||||
+ fprintf (stderr, "%s\n", nbd_get_error ());
|
||||
+ if (nbd_get_errno () != ECONNREFUSED)
|
||||
+ goto out;
|
||||
+ }
|
||||
+ else break;
|
||||
}
|
||||
+ if (retry == 5)
|
||||
+ goto out;
|
||||
|
||||
#else /* !SERVE_OVER_TCP */
|
||||
|
||||
--
|
||||
2.23.0
|
||||
|
28
libnbd.spec
28
libnbd.spec
|
@ -5,10 +5,10 @@
|
|||
%global patches_touch_autotools %{nil}
|
||||
|
||||
# The source directory.
|
||||
%global source_directory 0.x-unstable-api
|
||||
%global source_directory 1.0-stable
|
||||
|
||||
Name: libnbd
|
||||
Version: 1.0.0
|
||||
Version: 1.0.3
|
||||
Release: 1%{?dist}
|
||||
Summary: NBD client library in userspace
|
||||
|
||||
|
@ -22,6 +22,11 @@ Source1: http://libguestfs.org/download/libnbd/%{source_directory}/%{name
|
|||
# https://pgp.key-server.io/pks/lookup?search=rjones%40redhat.com&fingerprint=on&op=vindex
|
||||
Source2: libguestfs.keyring
|
||||
|
||||
# These patches are upstream in the master branch but not in the
|
||||
# stable-1.0 branch. They make the tests more stable.
|
||||
Patch0002: 0002-nbd_connect_tcp-Try-to-return-errno-from-underlying-.patch
|
||||
Patch0003: 0003-interop-Retry-TCP-connections-to-qemu-nbd.patch
|
||||
|
||||
%if 0%{patches_touch_autotools}
|
||||
BuildRequires: autoconf, automake, libtool
|
||||
%endif
|
||||
|
@ -186,6 +191,7 @@ make %{?_smp_mflags} check || {
|
|||
%{_libdir}/libnbd.so
|
||||
%{_libdir}/pkgconfig/libnbd.pc
|
||||
%{_mandir}/man3/libnbd.3*
|
||||
%{_mandir}/man3/libnbd-security.3*
|
||||
%{_mandir}/man3/nbd_*.3*
|
||||
|
||||
|
||||
|
@ -219,6 +225,24 @@ make %{?_smp_mflags} check || {
|
|||
|
||||
|
||||
%changelog
|
||||
* Wed Oct 9 2019 Richard W.M. Jones <rjones@redhat.com> - 1.0.3-1
|
||||
- New upstream version 1.0.3.
|
||||
- Contains fix for remote code execution vulnerability.
|
||||
- Add new libnbd-security(3) man page.
|
||||
|
||||
* Tue Sep 17 2019 Richard W.M. Jones <rjones@redhat.com> - 1.0.2-1
|
||||
- New upstream version 1.0.2.
|
||||
- Remove patches which are upstream.
|
||||
- Contains fix for NBD Protocol Downgrade Attack (CVE-2019-14842).
|
||||
- Fix previous commit message.
|
||||
|
||||
* Thu Sep 12 2019 Richard W.M. Jones <rjones@redhat.com> - 1.0.1-2
|
||||
- Add upstream patch to fix nbdsh (for nbdkit tests).
|
||||
- Fix interop tests on slow machines.
|
||||
|
||||
* Sun Sep 08 2019 Richard W.M. Jones <rjones@redhat.com> - 1.0.1-1
|
||||
- New stable version 1.0.1.
|
||||
|
||||
* Wed Aug 28 2019 Richard W.M. Jones <rjones@redhat.com> - 1.0.0-1
|
||||
- New upstream version 1.0.0.
|
||||
|
||||
|
|
4
sources
4
sources
|
@ -1,2 +1,2 @@
|
|||
SHA512 (libnbd-1.0.0.tar.gz) = 9d9a60d172b9a0dff0d882db72be7243b6fccceb76d240bc385a55ea2358e317a6792288d443ee068d6c894dc0d80f1a900c8ac7f681babcde98c1b7caf9e61a
|
||||
SHA512 (libnbd-1.0.0.tar.gz.sig) = 982f723233951bac6f24b0c3a9a2a60379ff1a35bb37058259164666a4e9511634653c2c8f5bed32fc8d4c23083144a9ed73cae159e948e66f52a43734246f8d
|
||||
SHA512 (libnbd-1.0.3.tar.gz) = 47980c6b323046e983ee3c717b832e7cf29ba89e7c2f001a27ecb17ed55a2259ece78d71d661ddec3af45d316a198d80f253d13a265f60ae5a28c30ef84477a1
|
||||
SHA512 (libnbd-1.0.3.tar.gz.sig) = 07637d69abea513dfb03982776292a5e8cf5bc2962a3dd6ed36f9ed32e58d52795fa4eb3ba7ca7eee916a7271dba37bb3c2ee57f04a585070e0ba986da3f5cfc
|
||||
|
|
Loading…
Reference in New Issue