[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] NBD TLS support in QEMU
|
From: |
Wouter Verhelst |
|
Subject: |
Re: [Qemu-devel] NBD TLS support in QEMU |
|
Date: |
Wed, 8 Oct 2014 20:16:10 +0200 |
|
User-agent: |
Mutt/1.5.23 (2014-03-12) |
On Thu, Oct 02, 2014 at 03:50:57PM +0200, Wouter Verhelst wrote:
> On Thu, Oct 02, 2014 at 01:00:04PM +0200, Paolo Bonzini wrote:
> > Il 01/10/2014 22:23, Wouter Verhelst ha scritto:
> > > Hi,
> > >
> > > On Fri, Sep 05, 2014 at 03:26:09PM +0200, Wouter Verhelst wrote:
> > >> Tunneling the entire protocol inside an SSL connection doesn't fix that;
> > >> if an attacker is able to hijack your TCP connections and change flags,
> > >> then this attacker is also able to hijack your TCP connection and
> > >> redirect it to a decrypting/encrypting proxy.
> > >>
> > >> I agree that preventing a possible SSL downgrade attack (and other forms
> > >> of MITM) should be high on the priority list, but "tunnel the whole
> > >> thing in SSL" doesn't do that.
> > >
> > > So, having given this some thought, I wanted to come up with a spec just
> > > so that we had something we could all agree on. As part of that, I had a
> > > look at qemu-nbd, and noticed that it uses the "oldstyle" handshake
> > > protocol (on port 10809 by default -- ew, please don't do that).
> >
> > Can you use new-style handshake with a single unnamed export? Export
> > names are a useless complication for qemu-nbd.
>
> Not currently, but I don't think you need that. You could have a default
> name, which would be used if no name was otherwise specified. It's not
> much of a stretch to make that name part of the protocol spec, either.
So. I think this makes sense, and as such changed the proto.txt file as
follows:
diff --git a/doc/proto.txt b/doc/proto.txt
index e0a4fb1..990d012 100644
--- a/doc/proto.txt
+++ b/doc/proto.txt
@@ -242,10 +242,13 @@ Option types
* NBD_OPT_EXPORT_NAME (1)
Choose the export which the client would like to use, and end option
haggling. Data: name of the export, free-form UTF8 text (subject to
limitations by server implementation). If the chosen export does not
exist, the server closes the connection.
+ A special, "empty", name (i.e., the length field is zero and no name
+ is specified), is reserved for a "default" export, to be used in cases
+ where explicitly specifying an export name makes no sense.
* NBD_OPT_ABORT (2)
Abort negotiation and close the connection. Optional.
* NBD_OPT_LIST (3)
That is, specify an empty name to specify a default.
Thoughts?
--
It is easy to love a country that is famous for chocolate and beer
-- Barack Obama, speaking in Brussels, Belgium, 2014-03-26
- Re: [Qemu-devel] NBD TLS support in QEMU, Wouter Verhelst, 2014/10/01
- Re: [Qemu-devel] NBD TLS support in QEMU, Daniel P. Berrange, 2014/10/02
- Re: [Qemu-devel] NBD TLS support in QEMU, Paolo Bonzini, 2014/10/02
- [Qemu-devel] spec, RFC: TLS support for NBD, Wouter Verhelst, 2014/10/17
- Re: [Qemu-devel] spec, RFC: TLS support for NBD, Richard W.M. Jones, 2014/10/18
- Re: [Qemu-devel] spec, RFC: TLS support for NBD, Daniel P. Berrange, 2014/10/20
- Re: [Qemu-devel] spec, RFC: TLS support for NBD, Stefan Hajnoczi, 2014/10/20
- Re: [Qemu-devel] spec, RFC: TLS support for NBD, Markus Armbruster, 2014/10/20
- Re: [Qemu-devel] spec, RFC: TLS support for NBD, Daniel P. Berrange, 2014/10/20
- Re: [Qemu-devel] spec, RFC: TLS support for NBD, Florian Weimer, 2014/10/20