diff --git a/0001-ssh-Remove-left-over-comment.patch b/0001-ssh-Remove-left-over-comment.patch deleted file mode 100644 index 70ca28d..0000000 --- a/0001-ssh-Remove-left-over-comment.patch +++ /dev/null @@ -1,31 +0,0 @@ -From e0e592775911ebe2178b04b4b20f95fea2f2fe9c Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Thu, 5 Jan 2023 16:05:33 +0000 -Subject: [PATCH] ssh: Remove left over comment - -This comment was left over from when I copied the libssh example code. -It adds no value so remove it. - -(cherry picked from commit c93a8957efcc26652b31f5bc359dfd3c4019b4f8) ---- - plugins/ssh/ssh.c | 4 ---- - 1 file changed, 4 deletions(-) - -diff --git a/plugins/ssh/ssh.c b/plugins/ssh/ssh.c -index 6cf40c26..aaa7c2b9 100644 ---- a/plugins/ssh/ssh.c -+++ b/plugins/ssh/ssh.c -@@ -356,10 +356,6 @@ authenticate (struct ssh_handle *h) - if (rc == SSH_AUTH_SUCCESS) return 0; - } - -- /* Example code tries keyboard-interactive here, but we cannot use -- * that method from a server. -- */ -- - if (password != NULL && (method & SSH_AUTH_METHOD_PASSWORD)) { - rc = authenticate_password (h->session, password); - if (rc == SSH_AUTH_SUCCESS) return 0; --- -2.31.1 - diff --git a/0002-ssh-Improve-the-error-message-when-all-authenticatio.patch b/0002-ssh-Improve-the-error-message-when-all-authenticatio.patch deleted file mode 100644 index 71ccb6a..0000000 --- a/0002-ssh-Improve-the-error-message-when-all-authenticatio.patch +++ /dev/null @@ -1,68 +0,0 @@ -From 916f90972af60576591dea4a4f1d07e4dae6d9cf Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Thu, 5 Jan 2023 11:29:32 +0000 -Subject: [PATCH] ssh: Improve the error message when all authentication - methods fail - -The current error message: - - nbdkit: ssh[1]: error: all possible authentication methods failed - -is confusing and non-actionable. It's hard even for experts to -understand the relationship between the authentication methods offered -by a server and what we require. - -Try to improve the error message in some common situations, especially -where password authentication on the server side is disabled but the -client supplied a password=... parameter. After this change, you will -see an actionable error: - - nbdkit: ssh[1]: error: the server does not offer password - authentication but you tried to use a password; if you have root - access to the server, try editing 'sshd_config' and setting - 'PasswordAuthentication yes'; otherwise try setting up public key - authentication - -Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2158300 -Reviewed-by: Laszlo Ersek -(cherry picked from commit bea88cff5ac9c42f1a068ad24d43d5ed0506edaa) ---- - plugins/ssh/ssh.c | 22 ++++++++++++++++++++++ - 1 file changed, 22 insertions(+) - -diff --git a/plugins/ssh/ssh.c b/plugins/ssh/ssh.c -index aaa7c2b9..5a132d8f 100644 ---- a/plugins/ssh/ssh.c -+++ b/plugins/ssh/ssh.c -@@ -361,6 +361,28 @@ authenticate (struct ssh_handle *h) - if (rc == SSH_AUTH_SUCCESS) return 0; - } - -+ /* All compatible methods were tried and none worked. Come up with -+ * an actionable diagnostic message if we recognise the problem. -+ */ -+ if (!(method & SSH_AUTH_METHOD_PUBLICKEY) && password == NULL) { -+ nbdkit_error ("the server does not offer public key authentication; " -+ "try using the password=... parameter"); -+ return -1; -+ } -+ if ((method & SSH_AUTH_METHOD_PASSWORD) && password != NULL) { -+ nbdkit_error ("password authentication failed, " -+ "is the username and password correct?"); -+ return -1; -+ } -+ if (!(method & SSH_AUTH_METHOD_PASSWORD) && password != NULL) { -+ nbdkit_error ("the server does not offer password authentication " -+ "but you tried to use a password; if you have root access " -+ "to the server, try editing 'sshd_config' and setting " -+ "'PasswordAuthentication yes'; otherwise try setting up " -+ "public key authentication"); -+ return -1; -+ } -+ - nbdkit_error ("all possible authentication methods failed"); - return -1; - } --- -2.31.1 - diff --git a/0003-luks-Avoid-crash-when-image-does-not-contain-a-LUKS-.patch b/0003-luks-Avoid-crash-when-image-does-not-contain-a-LUKS-.patch deleted file mode 100644 index 9838b2d..0000000 --- a/0003-luks-Avoid-crash-when-image-does-not-contain-a-LUKS-.patch +++ /dev/null @@ -1,44 +0,0 @@ -From dc86950fff020688a17b6ff0dbfea7bdb0d8f1b9 Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Tue, 10 Jan 2023 08:39:11 +0000 -Subject: [PATCH] luks: Avoid crash when image does not contain a LUKS header - -We attempt to load the LUKS header in the prepare() callback. If this -fails, h->h will be NULL and we'll crash in close() when we attempt to -access and free h->h->masterkey. - -This crash could have been triggered another way: if open() followed -by close() was called, without prepare() or other callbacks. - -Reported-by: Ming Xie -Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2159581 -(cherry picked from commit cad4b96b17ed4ad7882100efa0d9073ac9d8b11c) ---- - filters/luks/luks-encryption.c | 10 ++++++---- - 1 file changed, 6 insertions(+), 4 deletions(-) - -diff --git a/filters/luks/luks-encryption.c b/filters/luks/luks-encryption.c -index 26f81e7b..6f33e76e 100644 ---- a/filters/luks/luks-encryption.c -+++ b/filters/luks/luks-encryption.c -@@ -856,11 +856,13 @@ load_header (nbdkit_next *next, const char *passphrase) - void - free_luks_data (struct luks_data *h) - { -- if (h->masterkey) { -- memset (h->masterkey, 0, h->phdr.master_key_len); -- free (h->masterkey); -+ if (h) { -+ if (h->masterkey) { -+ memset (h->masterkey, 0, h->phdr.master_key_len); -+ free (h->masterkey); -+ } -+ free (h); - } -- free (h); - } - - uint64_t --- -2.31.1 - diff --git a/0004-curl-Enable-multi-conn-for-read-only-connections.patch b/0004-curl-Enable-multi-conn-for-read-only-connections.patch deleted file mode 100644 index f4fe94d..0000000 --- a/0004-curl-Enable-multi-conn-for-read-only-connections.patch +++ /dev/null @@ -1,95 +0,0 @@ -From 3f74004478d3590840d7eba97a590b7ec954957f Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Thu, 2 Feb 2023 13:59:32 +0000 -Subject: [PATCH] curl: Enable multi-conn for read-only connections -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Comparing before and after this commit shows approximately double the -performance. In other tests this allowed us to download files from -web servers at line speed. - - Benchmark 1: nbdkit -r curl file:/var/tmp/jammy-server-cloudimg-amd64.raw --run "nbdcopy -p \$uri null:" - Time (mean ± σ): 943.8 ms ± 18.8 ms [User: 316.2 ms, System: 1029.7 ms] - Range (min … max): 923.7 ms … 989.2 ms 10 runs - - Benchmark 2: ~/d/nbdkit/nbdkit -r curl file:/var/tmp/jammy-server-cloudimg-amd64.raw --run "nbdcopy -p \$uri null:" - Time (mean ± σ): 455.0 ms ± 6.2 ms [User: 542.2 ms, System: 1824.7 ms] - Range (min … max): 449.1 ms … 471.6 ms 10 runs - - Summary - ' ~/d/nbdkit/nbdkit -r curl file:/var/tmp/jammy-server-cloudimg-amd64.raw --run "nbdcopy -p \$uri null:" ' ran - 2.07 ± 0.05 times faster than ' nbdkit -r curl file:/var/tmp/jammy-server-cloudimg-amd64.raw --run "nbdcopy -p \$uri null:" ' - -Multi-conn is enabled only when we know the connection is read-only: - - $ ./nbdkit -r curl file:/var/tmp/jammy-server-cloudimg-amd64.raw --run ' nbdinfo $uri ' | grep can_multi_conn - can_multi_conn: true - $ ./nbdkit curl file:/var/tmp/jammy-server-cloudimg-amd64.raw --run ' nbdinfo $uri ' | grep can_multi_conn - can_multi_conn: false - -See also: -https://listman.redhat.com/archives/libguestfs/2023-February/030581.html - -Reviewed-by: Eric Blake -(cherry picked from commit bb0f93ad7b9de451874d0c54188bf69cd37c5409) ---- - plugins/curl/curl.c | 14 ++++++++++++++ - plugins/curl/curldefs.h | 1 + - 2 files changed, 15 insertions(+) - -diff --git a/plugins/curl/curl.c b/plugins/curl/curl.c -index e89bea99..eeba5aa4 100644 ---- a/plugins/curl/curl.c -+++ b/plugins/curl/curl.c -@@ -455,6 +455,7 @@ curl_open (int readonly) - nbdkit_error ("calloc: %m"); - return NULL; - } -+ h->readonly = readonly; - - h->c = curl_easy_init (); - if (h->c == NULL) { -@@ -764,6 +765,18 @@ curl_get_size (void *handle) - return h->exportsize; - } - -+/* Multi-conn is safe for read-only connections, but HTTP does not -+ * have any concept of flushing so we cannot use it for read-write -+ * connections. -+ */ -+static int -+curl_can_multi_conn (void *handle) -+{ -+ struct curl_handle *h = handle; -+ -+ return !! h->readonly; -+} -+ - /* NB: The terminology used by libcurl is confusing! - * - * WRITEFUNCTION / write_cb is used when reading from the remote server -@@ -907,6 +920,7 @@ static struct nbdkit_plugin plugin = { - .open = curl_open, - .close = curl_close, - .get_size = curl_get_size, -+ .can_multi_conn = curl_can_multi_conn, - .pread = curl_pread, - .pwrite = curl_pwrite, - }; -diff --git a/plugins/curl/curldefs.h b/plugins/curl/curldefs.h -index f3095f92..9d4949f3 100644 ---- a/plugins/curl/curldefs.h -+++ b/plugins/curl/curldefs.h -@@ -64,6 +64,7 @@ extern const char *user_agent; - /* The per-connection handle. */ - struct curl_handle { - CURL *c; -+ int readonly; - bool accept_range; - int64_t exportsize; - char errbuf[CURL_ERROR_SIZE]; --- -2.31.1 - diff --git a/copy-patches.sh b/copy-patches.sh index 01f5f6f..a9540ba 100755 --- a/copy-patches.sh +++ b/copy-patches.sh @@ -6,7 +6,7 @@ set -e # directory. Use it like this: # ./copy-patches.sh -rhel_version=9.2 +rhel_version=9.3 # Check we're in the right directory. if [ ! -f nbdkit.spec ]; then diff --git a/nbdkit.spec b/nbdkit.spec index 46daee2..b82b9b8 100644 --- a/nbdkit.spec +++ b/nbdkit.spec @@ -49,11 +49,11 @@ ExclusiveArch: x86_64 %global patches_touch_autotools %{nil} # The source directory. -%global source_directory 1.32-stable +%global source_directory 1.33-development Name: nbdkit -Version: 1.32.5 -Release: 4%{?dist} +Version: 1.33.11 +Release: 1%{?dist} Summary: NBD server License: BSD @@ -75,13 +75,10 @@ Source2: libguestfs.keyring Source3: copy-patches.sh # Patches come from the upstream repository: -# https://gitlab.com/nbdkit/nbdkit/-/commits/rhel-9.2/ +# https://gitlab.com/nbdkit/nbdkit/-/commits/rhel-9.3/ # Patches. -Patch0001: 0001-ssh-Remove-left-over-comment.patch -Patch0002: 0002-ssh-Improve-the-error-message-when-all-authenticatio.patch -Patch0003: 0003-luks-Avoid-crash-when-image-does-not-contain-a-LUKS-.patch -Patch0004: 0004-curl-Enable-multi-conn-for-read-only-connections.patch +# (nothing) # For automatic RPM Provides generation. # See: https://rpm-software-management.github.io/rpm/manual/dependency_generators.html @@ -111,6 +108,7 @@ BuildRequires: e2fsprogs, e2fsprogs-devel %if !0%{?rhel} BuildRequires: xorriso BuildRequires: rb_libtorrent-devel +BuildRequires: libblkio-devel %endif BuildRequires: bash-completion BuildRequires: perl-devel @@ -269,6 +267,18 @@ This package contains example plugins for %{name}. # The plugins below have non-trivial dependencies are so are # packaged separately. +%if !0%{?rhel} +%package blkio-plugin +Summary: libblkio NVMe, vhost-user, vDPA, VFIO plugin for %{name} +License: BSD +Requires: %{name}-server%{?_isa} = %{version}-%{release} + +%description blkio-plugin +This package contains libblkio (NVMe, vhost-user, vDPA, VFIO) support +for %{name}. +%endif + + %if !0%{?rhel} %package cc-plugin Summary: Write small inline C plugins and scripts for %{name} @@ -689,35 +699,65 @@ autoreconf -i # package into their vendor/ directory. export PYTHON=%{__python3} %configure \ - --with-extra='%{name}-%{version}-%{release}' \ --disable-static \ + --with-extra='%{name}-%{version}-%{release}' \ + --with-tls-priority=@NBDKIT,SYSTEM \ + --with-bash-completions \ + --with-curl \ + --with-gnutls \ + --with-liblzma \ + --with-libnbd \ + --with-manpages \ + --with-selinux \ + --with-ssh \ + --with-zlib \ + --enable-linuxdisk \ + --enable-python \ --disable-golang \ --disable-rust \ + --disable-valgrind \ %if !0%{?rhel} && 0%{?have_ocaml} --enable-ocaml \ %else --disable-ocaml \ %endif -%if 0%{?rhel} +%if !0%{?rhel} + --enable-lua \ + --enable-perl \ + --enable-ruby \ + --enable-tcl \ + --enable-torrent \ + --with-libblkio \ + --with-ext2 \ + --with-iso \ + --with-libvirt \ +%else --disable-lua \ --disable-perl \ --disable-ruby \ --disable-tcl \ + --disable-torrent \ + --without-libblkio \ --without-ext2 \ --without-iso \ --without-libvirt \ %endif +%ifarch x86_64 + --enable-vddk \ +%else + --disable-vddk \ +%endif %if !0%{?rhel} && 0%{?have_libguestfs} --with-libguestfs \ %else --without-libguestfs \ %endif -%ifarch %{complete_test_arches} +%ifarch !0%{?rhel} && 0%{?have_libguestfs} && %{complete_test_arches} --enable-libguestfs-tests \ %else --disable-libguestfs-tests \ %endif - --with-tls-priority=@NBDKIT,SYSTEM + %{nil} # Verify that it picked the correct version of Python # to avoid RHBZ#1404631 happening again silently. @@ -738,7 +778,7 @@ rm -f $RPM_BUILD_ROOT%{_mandir}/man3/nbdkit-rust-plugin.3* %if 0%{?rhel} # In RHEL, remove some plugins we cannot --disable. -for f in cc cdi torrent; do +for f in cc cdi ; do rm -f $RPM_BUILD_ROOT%{_libdir}/%{name}/plugins/nbdkit-$f-plugin.so rm -f $RPM_BUILD_ROOT%{_mandir}/man?/nbdkit-$f-plugin.* done @@ -875,6 +915,15 @@ export LIBGUESTFS_TRACE=1 %{_mandir}/man1/nbdkit-example*-plugin.1* +%if !0%{?rhel} +%files blkio-plugin +%doc README.md +%license LICENSE +%{_libdir}/%{name}/plugins/nbdkit-blkio-plugin.so +%{_mandir}/man1/nbdkit-blkio-plugin.1* +%endif + + %if !0%{?rhel} %files cc-plugin %doc README.md @@ -1200,6 +1249,10 @@ export LIBGUESTFS_TRACE=1 %changelog +* Thu Mar 09 2023 Richard W.M. Jones - 1.33.11-1 +- Rebase to 1.33.11 + resolves: rhbz#2168629 + * Fri Feb 03 2023 Richard W.M. Jones - 1.32.5-4 - Rebase to new stable branch version 1.32.5 resolves: rhbz#2135765 diff --git a/sources b/sources index a909ed5..50fd7b6 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (nbdkit-1.32.5.tar.gz) = 9fe9b2ca52b855f1015eec2d1482f372f4dbc366d8297deccd98be1805fc259b685aec41ca5a1323be451e1602dd9cb0262d47b54226bcebf1f98d358fb245fe -SHA512 (nbdkit-1.32.5.tar.gz.sig) = 48afa42d9d6012886e67595f07fa14e02a5d0bc33aaef11896fb76c03d90788bcf0f143bddf698a26a3f7deaa0a019efd18e0fc9541c22f96cf81a6eed536b4d +SHA512 (nbdkit-1.33.11.tar.gz) = 6101563f7f7e9d60658b19f07a661eec5efe4d60d5c840c651988dc15a6199e0064ffa9f679f2f59cc687a87c203ebc6b2c9fbb0f72274dfd03c5ec34005e544 +SHA512 (nbdkit-1.33.11.tar.gz.sig) = 0f947660d684b024539f8cfb8c42ea0158d005ce972eaf3dc1c94c7c4260fb353d6fbd9ecfaf64f7b2630f726f75e5632bab4c3c6bf0e8eba8059a54ee95cd13