Provided by: nbdkit_1.42.2-1ubuntu1_amd64 
NAME
nbdkit-release-notes-1.40 - release notes for nbdkit 1.40
DESCRIPTION
These are the release notes for nbdkit stable release 1.40. This describes the major changes since 1.38.
nbdkit 1.40.0 was released on 22 July 2024.
Security
The server is now more careful about quoting user-provided filenames before printing them in error
messages (thanks Mykola Ivanets).
Short plugin and filter names ("file" is the short name of nbdkit-file-plugin(1)) are now more
restrictive. This change should not be visible to users, but tightens up corner cases with possible
security implications. See:
https://gitlab.com/nbdkit/nbdkit/-/commit/f4d5e7d39e3d37a498821a87234127d561caa0f5
Previous documentation in nbdkit-tls(1) incorrectly asserted that when using X.509 certificates, nbdkit
checks the client's CN. This is not true. nbdkit only checks that the client presents a certificate
issued by the Certificate Authority specified by the --tls-certificates directory. The documentation has
been corrected. (Thanks Jon Szymaniak, Daniel P. Berrangé).
nbdkit-ip-filter(1) incorrectly parsed "security:" rules, which might subtly change the semantics of
access lists. This has been fixed in this release.
nbdkit-ip-filter(1) previously allowed unknown [not IPv4/v6, Unix or vsock] socket families implicitly,
so having a "deny=all" rule would not necessarily deny every connection. This has been changed in this
release so all unknown socket families are denied.
All past security issues and information about how to report new ones can be found in nbdkit-security(1).
Plugins
nbdkit-file-plugin(1) now exposes minimum and preferred I/O size and the rotational property of block
devices.
nbdkit-curl-plugin(1) prints the version of libcurl and other useful information in --dump-plugin output.
nbdkit-vddk-plugin(1) has been tested with VMware VDDK 8.0.3.
Filters
New nbdkit-bzip2-filter(1) supporting bzip2-compressed images (Georg Pfuetzenreuter).
New nbdkit-rotational-filter(1) which can be used to change the rotational property of a plugin (whether
it advertises that it behaves like a spinning hard disk, or RAM / flash storage).
New nbdkit-spinning-filter(1) can be used to add seek delays to simulate a spinning hard disk.
nbdkit-ip-filter(1) has new rule types for checking the client's X.509 Distinguished Name (DN) and
Issuer's DN.
Language bindings
Ruby language support has been removed. This did not work because of a fundamental problem in Ruby's
garbage collection. See:
https://gitlab.com/nbdkit/nbdkit/-/commit/7364cbaae809b5ffb6b4dd847cbdd0b368a20024
Server
New --print-uri option which prints the URI of the server to help users find the NBD endpoint.
Add a common function to find the size of a file or block device which should work properly across Linux
and all the BSDs, and use this in several places where we need to know the size of a file or block device
(thanks Eric Blake).
When generating an NBD URI with TLS enabled, append "?tls-certificates=DIR" or "?tls-psk-key=FILE"
parameter. For libnbd-based NBD clients this allows the client to find the corresponding TLS
credentials.
API
New nbdkit_parse_delay(3) function which can be used to parse short delays and sleeps, like "100ms" or
"1.2μs". It is used by nbdkit-delay-filter(1), nbdkit-retry-filter(1), nbdkit-retry-request-filter(1)
and nbdkit-spinning-filter(1). There are also bindings in OCaml and Python.
New nbdkit_peer_tls_dn(3) and nbdkit_peer_tls_issuer_dn(3) to read the client's X.509 certificate
Distinguished Name (DN) and Issuer's DN.
Documentation
Each nbdkit API function now has a separate manual page, eg. nbdkit_parse_size(3) and nbdkit_debug(3).
Fix references to external nbd-server(1) and nbd-client(8) man pages (Vera Wu).
Revise the main README.md file in the sources.
Tests
CI updates and fixes (Daniel Berrangé, Eric Blake).
Build
The minimum version of gnutls is now ≥ 3.5.18.
Internals
Make error checking of ioctl(2) calls consistent by always checking if the return value "== -1".
SEE ALSO
nbdkit(1).
AUTHORS
Authors of nbdkit 1.40:
Daniel P. Berrangé
Eric Blake
Georg Pfuetzenreuter
Richard W.M. Jones
COPYRIGHT
Copyright Red Hat
LICENSE
Redistribution and use in source and binary forms, with or without modification, are permitted provided
that the following conditions are met:
• Redistributions of source code must retain the above copyright notice, this list of conditions and
the following disclaimer.
• Redistributions in binary form must reproduce the above copyright notice, this list of conditions and
the following disclaimer in the documentation and/or other materials provided with the distribution.
• Neither the name of Red Hat nor the names of its contributors may be used to endorse or promote
products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY RED HAT AND CONTRIBUTORS ''AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL RED HAT OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
DAMAGE.
nbdkit-1.42.2 2025-04-02 nbdkit-release-notes-1.40(1)