[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-block] [PATCH] nbd/client: Add hint when TLS is missing

From: Eric Blake
Subject: Re: [Qemu-block] [PATCH] nbd/client: Add hint when TLS is missing
Date: Mon, 9 Sep 2019 11:43:20 -0500
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0

On 9/9/19 4:13 AM, Daniel P. Berrangé wrote:
> On Sat, Sep 07, 2019 at 12:20:55PM -0500, Eric Blake wrote:
>> I received an off-list report of failure to connect to an NBD server
>> expecting an x509 certificate, when the client was attempting something
>> similar to this command line:

>> +++ b/nbd/client.c
>> @@ -204,6 +204,7 @@ static int nbd_handle_reply_err(QIOChannel *ioc, 
>> NBDOptionReply *reply,
>>      case NBD_REP_ERR_TLS_REQD:
>>          error_setg(errp, "TLS negotiation required before option %" PRIu32
>>                     " (%s)", reply->option, nbd_opt_lookup(reply->option));
>> +        error_append_hint(errp, "Did you forget a valid tls-creds?\n");
>>          break;
>>      case NBD_REP_ERR_UNKNOWN:
> Reviewed-by: Daniel P. Berrangé <address@hidden>

Thanks. I should really learn to finish my iotest runs before posting,
because I have to squash this in before queuing through my NBD tree.

diff --git i/tests/qemu-iotests/233.out w/tests/qemu-iotests/233.out
index 24321efa113b..c3c344811b2b 100644
--- i/tests/qemu-iotests/233.out
+++ w/tests/qemu-iotests/233.out
@@ -21,8 +21,10 @@ server reported: TLS not configured

 == check plain client to TLS server fails ==
 qemu-img: Could not open 'nbd://localhost:PORT': TLS negotiation
required before option 7 (go)
+Did you forget a valid tls-creds?
 server reported: Option 0x7 not permitted before TLS
 qemu-nbd: TLS negotiation required before option 3 (list)
+Did you forget a valid tls-creds?
 server reported: Option 0x3 not permitted before TLS

 == check TLS works ==

Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3226
Virtualization:  qemu.org | libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]