[Libguestfs] [PATCH nbdkit 0/4] Reflection plugin, peer name.
Richard W.M. Jones
rjones at redhat.com
Sun Sep 15 14:55:41 UTC 2019
This series is based on my blog posting here:
https://rwmj.wordpress.com/2019/09/13/nbdkit-supports-exportnames/
It depends on the fix for realloc:
https://www.redhat.com/archives/libguestfs/2019-September/thread.html#00103
This series adds a fun plugin, and also an semi-related feature I've
long thought to be desirable. You can consider patches 1 & 4, and
patches 2 & 3 as forming standalone patch series (but they do depend
on each other).
The fun plugin is a reflection plugin which "reflects" client
information back to the client. We have a few fun plugins like this
(hello there, nbdkit-full-plugin) and normally I would push these
without review, but in this particular case there's a specific danger
that sending back data under control of the client might lead to a
security problem. I _believe_ I have avoided that pitfall, but my
belief isn't as good as having experts review it :-)
The new feature is nbdkit_peer_name() which returns the sockaddr of
the peer. It's essentially a wrapper around getpeername(2). This
would allow several features to be implemented in future:
- Plugins could accept or reject connections based on IP address.
- Plugins could change content based on client. (The fourth patch in
the series is a PoC of this implemented in the new reflection
plugin.) Be cautious about combining this feature with multi-conn
as it's not obviously always safe to do.
- Some filters could usefully modify their behaviour based on client
address: The TODO file currently notes that the rate filter could
be changed to limit traffic based on client IP.
Rich.
More information about the Libguestfs
mailing list