Bug 2111813

Summary: nbd_shutdown fails with: gnutls_record_recv: The TLS connection was non-properly terminated.
Product: Red Hat Enterprise Linux 9 Reporter: Richard W.M. Jones <rjones>
Component: libnbdAssignee: Richard W.M. Jones <rjones>
Status: CLOSED ERRATA QA Contact: Vera <vwu>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 9.1CC: lersek, rjones, tzheng, virt-maint, vwu
Target Milestone: rcKeywords: Triaged
Target Release: ---Flags: pm-rhel: mirror+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: libnbd-1.12.6-1.el9 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-11-15 09:50:16 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Deadline: 2022-08-15   

Description Richard W.M. Jones 2022-07-28 08:51:49 UTC 
Description of problem:

When connecting to an NBD server over TLS, the shutdown of the
connection (nbd_shutdown) fails with:

nbd_shutdown: gnutls_record_recv: The TLS connection was non-properly terminated.

Version-Release number of selected component (if applicable):

libnbd-1.12.5-1.el9

How reproducible:

100%

Steps to Reproduce:

1. Set up a qemu-nbd + TLS server using steps 1.-4. of this bug:
https://bugzilla.redhat.com/show_bug.cgi?id=2111524

2. Run one of these commands against the server:

$ nbdsh -c 'h.set_tls_certificates("/var/tmp/pki")' -c 'h.connect_uri("nbds://foo")' -c 'h.shutdown()'
nbdsh: command line script failed: nbd_shutdown: gnutls_record_recv: The TLS connection was non-properly terminated.

$ nbdcopy nbds://foo?tls-certificates=/var/tmp/pki null:
nbds://foo?tls-certificates=/var/tmp/pki: nbd_shutdown: gnutls_record_recv: The TLS connection was non-properly terminated.
Comment 1 Richard W.M. Jones 2022-07-28 08:52:38 UTC 
Upstream fix:
https://listman.redhat.com/archives/libguestfs/2022-July/029545.html
https://listman.redhat.com/archives/libguestfs/2022-July/029546.html
Comment 4 Vera 2022-08-05 03:05:04 UTC 
Reproduce with 
qemu-img-7.0.0-9.el9.x86_64
libnbd-1.12.5-1.el9.x86_64

Steps to Reproduce:
1. Set up a qemu-nbd + TLS server using steps 1.-4

2. Run one of these commands against the server

# nbdsh -c 'h.set_tls_certificates("/var/tmp/pki")' -c 'h.connect_uri("nbds://10.73.178.63")' -c 'h.shutdown()'
nbdsh: command line script failed: nbd_shutdown: gnutls_record_recv: The TLS connection was non-properly terminated.



Verified with 
qemu-img-7.0.0-9.el9.x86_64
libnbd-1.12.6-1.el9.x86_64

Steps:
1. Set up a qemu-nbd + TLS server using steps 1.-4

2.  Run one of these commands against the server:

# nbdsh -c 'h.set_tls_certificates("/var/tmp/pki")' -c 'h.connect_uri("nbds://10.73.178.63")' -c 'h.shutdown()'
#
# nbdcopy nbds://10.73.178.63?tls-certificates=/var/tmp/pki null:
#


Mark Verified:Tested. Moving to VERIFIED.
Comment 6 errata-xmlrpc 2022-11-15 09:50:16 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (libnbd bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:7944