NAME
nbdkit-release-notes-1.34 - release notes for nbdkit 1.34
DESCRIPTION
These are the release notes for nbdkit stable release 1.34. This describes the major changes since 1.32.
nbdkit 1.34.0 was released on 14 April 2023.
Security
Various sanity checks were added to
nbdkit-luks-filter(1) so it can handle untrusted disk
images.
TLS support was hardened against a Man-in-the-Middle attacker injecting unknown NBD options before STARTTLS (Eric Blake).
Fix rare assertion failure (denial of service) which can be triggered by clients hanging up early (Eric Blake).
All past security issues and information about how to report new ones can be found in nbdkit-security(1).
Plugins
New nbdkit-blkio-plugin(1) allows you to easily
consume and automate the libblkio high performance storage
library. This allows you to (amongst other things) access
local vhost-user and VFIO devices (thanks Alberto Faria and
Stefan Hajnoczi).
nbdkit-file-plugin(1) has new "fd" and "dirfd" parameters allowing a file or directory to be passed from a parent process through a file descriptor.
Several enhancements were made to nbdkit-curl-plugin(1), concentrating on improved performance and functionality:
|
• |
Multi-conn is now enabled for read-only connections (thanks Eric Blake). | ||
|
• |
Instead of using one libcurl handle per NBD client, we now use a common pool of handles, which improves performance. | ||
|
• |
Fix the "tls13-ciphers" parameter (Michal Orzel). | ||
|
• |
We now use the new CURLOPT_PROTOCOLS_STR(3) feature of libcurl (if available) instead of hard-coding the list of protocols into the plugin. | ||
|
• |
Support was added for forcing "ssl-version", http-version |
nbdkit-vddk-plugin(1) now supports VDDK 8 (thanks Ming Xie, Alice Frosi).
nbdkit-torrent-plugin(1) was ported to macOS (Eric Blake).
Filters
nbdkit-blocksize-policy-filter(1) has a new
"blocksize-write-disconnect" to force a
disconnection if a client attempts a write larger than a
certain threshold (Eric Blake).
nbdkit-retry-filter(1) can now retry plugin open (Eric Blake).
Language
bindings
nbdkit-python-plugin(3) now rejects extra parameters to
"export_name" and "shutdown" functions
(Eric Blake).
Tracebacks from Python plugins should now include the full method name (Eric Blake).
nbdkit-sh-plugin(3) status codes have changed in this release, although in a way that will normally be backwards compatible with older plugins. Two new status codes are reserved for shutdown server and disconnect client. Check the manual page for details. (Eric Blake)
Server
"nbdkit --dump-config" now reports
"exit_with_parent=yes|no" so you can tell if the
optional exit with parent functionality is enabled on the
platform.
Debug messages from filters and plugins are now picked out in bold, making them easier to read amongst other nbdkit debug messages.
API
New "nbdkit_disconnect" API which allows a plugin
or filter to drop the connection to the current client (Eric
Blake).
Bug
fixes
Fix a deadlock in nbdkit-exitwhen-filter(1) (Piotr
Dobrowolski).
Fix the error message in nbdkit-ssh-plugin(1) when the known_hosts file is not readable (thanks Jonathon Jongsma).
Documentation
The --help output of plugins is now consistent with
the manual pages, and extra tests were added to ensure it
stays this way.
Tests
Multiple CI improvements, particularly for Alpine Linux and
macOS (Eric Blake).
Build
Most "./configure"-time features can now be both
enabled and disabled using --with-feature and
--without-feature (Arsen Arsenović).
Multiple VPATH build problems fixed (Eric Blake).
Internals
Use Subject Alternative Name instead of
commonName in test certificates and suggest its use
in documentation (thanks Daniel Berrangé).
Source files reformatted to use ≤ 80 columns (Laszlo Ersek).
SEE ALSO
AUTHORS
Authors of
nbdkit 1.34:
Alan Somers
Arsen Arsenović
Daniel P. Berrangé
Eric Blake
Laszlo Ersek
Michal Orzel
Nikolaus Rath
Nir Soffer
Piotr Dobrowolski
Richard W.M. Jones
Thomas Weißschuh
COPYRIGHT
Copyright Red Hat
LICENSE
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
|
• |
Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. | ||
|
• |
Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. | ||
|
• |
Neither the name of Red Hat nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. |
THIS SOFTWARE IS PROVIDED BY RED HAT AND CONTRIBUTORS ’’AS IS’’ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL RED HAT OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.