Security¶

There were no security issues found. All past security issues and information about how to report new ones can be found in nbdkit-security(1).

Plugins¶

nbdkit-ssh-plugin(1) has new "create=(true|false)", "create-size" and "create-mode" parameters to allow remote files to be created.

nbdkit-S3-plugin(1) was largely rewritten and should have better performance and compatibility. It also supports splitting/concatenating multiple S3 objects into one virtual disk. (Nikolaus Rath)

Filters¶

New nbdkit-luks-filter(1) allows you to open, read and write LUKSv1 disk images. It is compatible with qemu and dm-crypt.

New nbdkit-scan-filter(1) which simply scans across the disk issuing prefetches.

nbdkit-readahead-filter(1) has been completely rewritten so now it uses prefetching from a parallel thread. The old readahead filter was deprecated, but if you are using it you should carefully read the new documentation because it may require changes.

nbdkit-stats-filter(1) now summarises block size and alignment of requests (Nikolaus Rath).

nbdkit-blocksize-filter(1) now handles parallel writes without losing writes because of overlapping read-modify-write cycles. If you are using the blocksize filter it is recommended to upgrade. (Eric Blake)

nbdkit-rate-filter(1) has a new "burstiness" parameter allowing the bucket capacity to be adjusted, which helps with smoothing out large, lumpy client requests.

Language bindings¶

Add "nbdkit.parse_size()" binding for Python (Nikolaus Rath).

Compatibility with OCaml 4.14.

Compatibility with Perl 5.36.

Server¶

Add macOS (Darwin) support. See the relevant section in the top level README.md file.

kTLS should now work (transparently) when available in the kernel and GnuTLS. Use of kTLS will be indicated in debug output. (Daiki Ueno, František Krenželok)

Bug fixes¶

nbdkit-sh-plugin(3) now handles inline scripts correctly on non-glibc platforms (Martin Kletzander).

Catch the case where nbdkit ends up linked to OpenSSL (because of a transient dependency through GnuTLS) which broke nbdkit-vddk-plugin(1). For more details see https://bugzilla.redhat.com/2057490.

Fix memory leak in nbdkit-python-plugin(3) which would lead to large amounts of memory being leaked if your plugin implemented "list_exports" or "extents" callbacks (Eric Blake).

The nbdkit-curl-plugin(1) cookie/header scripts feature now generates an error properly if the shell script fails.

Fix further "phone home" messages in nbdkit-vddk-plugin(1) (thanks Ming Xie).

Improve error message from nbdkit-vddk-plugin(1) when the thumbprint parameter is wrong (Laszlo Ersek).

Fix "NBDKIT_CACHE_EMULATE" and "NBDKIT_ZERO_EMULATE" in filters. These could cause assertion failures before. (Eric Blake)

Fix nbdkit-protect-filter(1) test if dependencies are missing (thanks Jim Fehlig).

Fix a bounds error in nbdkit-checkwrite-filter(1).

The server will now fail and exit early if the --tls-verify-peer option is used on platforms which do not support it. Previously it would only fail when a client connected using TLS.

Various bugs found by Coverity were analysed and fixed (Eric Blake).

Documentation¶

Document how to write plugins and filters in C++. This has always been possible, but was never documented before.

Document how to run nbdkit from inetd or xinetd superservers.

Fix how verbatim paragraphs in the documentation are rendered in HTML.

Document how to use nbdkit + TLS with nbd-client(1).

Tests¶

Various enhancements to fuzzing including supporting AFL++, AFL++ clang-LTO. Add "./configure --disable-linker-script" which is needed to use ASAN, and document how to use ASAN when fuzzing.

Improve runtime of linuxdisk test (Eric Blake).

Add interoperability tests with nbd-client(1), the Linux kernel client, including TLS support.

Build¶

Add GitLab continuous integration (CI) at https://gitlab.com/nbdkit/nbdkit/-/pipelines and many miscellaneous build fixes (Martin Kletzander).

There are now "string_vector" and "const_string_vector" defined under common/utils and used consistently throughout the code.

Microsoft Visual Studio Code formatting settings are available (in .vscode/) (Nikolaus Rath).

Remove scripts/vddk-open.sh. It is now available as a separate project: https://gitlab.com/nbdkit/vddk-remote

"ARRAY_SIZE" macro added to simplify static array sizing (thanks Laszlo Ersek).