nbdkit-release-notes-1.34 - release notes for nbdkit 1.34
These are the release notes for nbdkit stable release 1.34. This describes the major changes since 1.32.
nbdkit 1.34.0 was released on 14 April 2023.
Various sanity checks were added to nbdkit-luks-filter(1) so it can handle untrusted disk images.
TLS support was hardened against a Man-in-the-Middle attacker injecting unknown NBD options before STARTTLS (Eric Blake).
Fix rare assertion failure (denial of service) which can be triggered by clients hanging up early (Eric Blake).
All past security issues and information about how to report new ones can be found in nbdkit-security(1).
New nbdkit-blkio-plugin(1) allows you to easily consume and automate the libblkio high performance storage library. This allows you to (amongst other things) access local vhost-user and VFIO devices (thanks Alberto Faria and Stefan Hajnoczi).
nbdkit-file-plugin(1) has new fd
and dirfd
parameters allowing a file or directory to be passed from a parent process through a file descriptor.
Several enhancements were made to nbdkit-curl-plugin(1), concentrating on improved performance and functionality:
Multi-conn is now enabled for read-only connections (thanks Eric Blake).
Instead of using one libcurl handle per NBD client, we now use a common pool of handles, which improves performance.
Fix the tls13-ciphers
parameter (Michal Orzel).
We now use the new CURLOPT_PROTOCOLS_STR(3) feature of libcurl (if available) instead of hard-coding the list of protocols into the plugin.
Support was added for forcing ssl-version
, http-version
nbdkit-vddk-plugin(1) now supports VDDK 8 (thanks Ming Xie, Alice Frosi).
nbdkit-torrent-plugin(1) was ported to macOS (Eric Blake).
nbdkit-blocksize-policy-filter(1) has a new blocksize-write-disconnect
to force a disconnection if a client attempts a write larger than a certain threshold (Eric Blake).
nbdkit-retry-filter(1) can now retry plugin open (Eric Blake).
nbdkit-python-plugin(3) now rejects extra parameters to export_name
and shutdown
functions (Eric Blake).
Tracebacks from Python plugins should now include the full method name (Eric Blake).
nbdkit-sh-plugin(3) status codes have changed in this release, although in a way that will normally be backwards compatible with older plugins. Two new status codes are reserved for shutdown server and disconnect client. Check the manual page for details. (Eric Blake)
nbdkit --dump-config
now reports exit_with_parent=yes|no
so you can tell if the optional exit with parent functionality is enabled on the platform.
Debug messages from filters and plugins are now picked out in bold, making them easier to read amongst other nbdkit debug messages.
New nbdkit_disconnect
API which allows a plugin or filter to drop the connection to the current client (Eric Blake).
Fix a deadlock in nbdkit-exitwhen-filter(1) (Piotr Dobrowolski).
Fix the error message in nbdkit-ssh-plugin(1) when the known_hosts file is not readable (thanks Jonathon Jongsma).
The --help output of plugins is now consistent with the manual pages, and extra tests were added to ensure it stays this way.
Multiple CI improvements, particularly for Alpine Linux and macOS (Eric Blake).
Most ./configure
-time features can now be both enabled and disabled using --with-feature and --without-feature (Arsen Arsenović).
Multiple VPATH build problems fixed (Eric Blake).
Use Subject Alternative Name instead of commonName in test certificates and suggest its use in documentation (thanks Daniel Berrangé).
Source files reformatted to use ≤ 80 columns (Laszlo Ersek).
Authors of nbdkit 1.34:
Copyright Red Hat
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
Neither the name of Red Hat nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY RED HAT AND CONTRIBUTORS ''AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL RED HAT OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.