1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
=head1 NAME
nbd_set_uri_allow_tls_priority - set if 'tls-priority' is allowed in
NBD URIs
=head1 SYNOPSIS
#include <libnbd.h>
int nbd_set_uri_allow_tls_priority (
struct nbd_handle *h, bool allow
);
=head1 DESCRIPTION
Allow NBD URIs to override the TLS priority
using C<?tls-priority=PRIORITY> in the query string.
This is I<disabled> by default because it is probably not
safe. The TLS priority string is quite powerful, allowing
you to read some local configuration files, and possibly to
downgrade TLS security.
=head1 RETURN VALUE
If the call is successful the function returns C<0>.
=head1 ERRORS
On error C<-1> is returned.
Refer to L<libnbd(3)/ERROR HANDLING>
for how to get further details of the error.
The following parameters must not be NULL: C<h>.
For more information see L<libnbd(3)/Non-NULL parameters>.
=head1 HANDLE STATE
nbd_set_uri_allow_tls_priority
can be called when the handle is in the following state:
┌─────────────────────────────────────┬─────────────────────────┐
│ Handle created, before connecting │ ✅ allowed │
│ Connecting │ ❌ error │
│ Connecting & handshaking (opt_mode) │ ❌ error │
│ Connected to the server │ ❌ error │
│ Connection shut down │ ❌ error │
│ Handle dead │ ❌ error │
└─────────────────────────────────────┴─────────────────────────┘
=head1 VERSION
This function first appeared in libnbd 1.24.
If you need to test if this function is available at compile time
check if the following macro is defined:
#define LIBNBD_HAVE_NBD_SET_URI_ALLOW_TLS_PRIORITY 1
=head1 SEE ALSO
L<nbd_connect_uri(3)>,
L<nbd_create(3)>,
L<libnbd(3)>,
L<https://gnutls.org/manual/html_node/Priority-Strings.html>.
=head1 AUTHORS
Eric Blake
Richard W.M. Jones
=head1 COPYRIGHT
Copyright Red Hat
|
