Re: [Nbd] [PATCHv2 5/6] Add TLS support to server

[Alex Bligh <alex@...872...>]

On 12 Apr 2016, at 15:28, Wouter Verhelst <w@...112...> wrote:

> PLATFORM is "this option is not supported on the platform where it was
> compiled". If that platform doesn't have GnuTLS, then you disable
> STARTTLS, so it can't work.
> 
> Maybe the names were wrong, but the plan was:
> 
> INVALID -- client sent something obviously wrong
> POLICY -- server admin did something wrong or disabled the option
> UNSUP -- server does not have code to handle request
> PLATFORM -- server does have code to handle request, but it's not
>  compiled in for whatever reason (e.g., something required on the
>  platform is not available)
> 
> Obviously the last applies here.
> 
> (and just as obviously POLICY doesn't, either -- the "perhaps" line
> above is the wrong way round, sorry)
> 
> The solution to an INVALID error is "fix the damn client"
> The solution to a POLICY error is "fix the damn server config"
> The solution to a PLATFORM error is "recompile the server and/or run it
> on the right system"
> The solution to an UNSUP error is "implement missing functionality"
> 
> There's a clear difference between the latter two.

Well I'm fine with that, but NBD_ERR_PLATFORM is explicitly
not permitted as a reply to NBD_OPT_STARTTLS under either:

a) current docs (from master)

b) any version of my patch to improve TLS documentation

which is why I kept it to the error codes permitted.

So if we're going to change it then fine, but the docs
should change. Could you take a look at v9 and see if there
are any other problems with error codes?

-- 
Alex Bligh