doc/proto.md: NBD_OPT_STARTTLS cannot be used twice

Commit Message

Alex Bligh April 6, 2016, 10:50 a.m. UTC

Currently doc/proto.md is silent on use of NBD_OPT_STARTTLS when
TLS has already been negotiated. Make it clear that this is not
permitted.

Signed-off-by: Alex Bligh <alex@alex.org.uk>
---
 doc/proto.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

Comments

Eric Blake April 6, 2016, 12:26 p.m. UTC | #1

On 04/06/2016 04:50 AM, Alex Bligh wrote:
> Currently doc/proto.md is silent on use of NBD_OPT_STARTTLS when
> TLS has already been negotiated. Make it clear that this is not
> permitted.
> 
> Signed-off-by: Alex Bligh <alex@alex.org.uk>
> ---
>  doc/proto.md | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)

Reviewed-by: Eric Blake <eblake@redhat.com>

Patch

diff --git a/doc/proto.md b/doc/proto.md
index 4d63b23..3648fa3 100644
--- a/doc/proto.md
+++ b/doc/proto.md
@@ -399,7 +399,10 @@  of the newstyle negotiation.
     `NBD_REP_ERR_POLICY`. For backwards compatibility, a client should
     also be prepared to handle `NBD_REP_ERR_UNSUP`. If the client sent
     along any data with the request, the server should send back
-    `NBD_REP_ERR_INVALID`.
+    `NBD_REP_ERR_INVALID`. The client MUST NOT send this option if
+    it has already negotiated TLS; if the server receives
+    `NBD_OPT_STARTTLS` when TLS has already been negotiated, the server
+    MUST send back `NBD_REP_ERR_INVALID`.
 
     This functionality has not yet been implemented by the reference
     implementation, but was implemented by qemu so has been moved out of