commit 045881397f745a12efc159fd0b2fe590228016c3
Author: Wouter Verhelst <w@uter.be>
Date:   Mon Dec 19 23:41:52 2016 +0100

    Add the NBD_FLAG_CAN_MULTI_CONN flag, unless copyonwrite was selected
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit fdc3df5d5cdcc6770aac3da318a2317c47ec5dda
Author: Wouter Verhelst <w@uter.be>
Date:   Mon Dec 19 23:19:14 2016 +0100

    Don't use relative paths for certdir

commit 5c479091bfc0f378fa15e89e9430641dbcf3aae6
Author: Wouter Verhelst <w@uter.be>
Date:   Mon Dec 19 23:09:35 2016 +0100

    Ship the self-signed key and certificate, too
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 6886c00df68996b436512d27afaa4c7bb547cc82
Author: Wouter Verhelst <w@uter.be>
Date:   Mon Dec 19 23:09:00 2016 +0100

    Define certdir in a VPATH-compatible way
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit c6586bf58f6f1cb5161dadae0eda795b1f96ddeb
Author: Wouter Verhelst <w@uter.be>
Date:   Mon Dec 19 19:27:17 2016 +0100

    Add initial implementation of client certificate verification
    
    There are still a few things we should really be checking, but those are
    less critical and can be done later.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit dad33cc151273fe518447b8461fc880f22c14c31
Author: Eric Blake <eblake@redhat.com>
Date:   Mon Dec 19 22:45:24 2016 +0100

    Fix -d behaviour
    
    Since -d stops all sort of forking, we don't have a parent process to
    talk to, so don't even try.
    
    Fixes: 7e901617
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit fcf2df42f62a3ab639e5336f8116ee68b57a2562
Author: Wouter Verhelst <w@uter.be>
Date:   Mon Dec 19 18:55:44 2016 +0100

    Add self-signed (i.e., intentionally invalid) certificate for the tlswrongcert test

commit 9759456c58009a4e88981eea354d01cb3c678c76
Author: Wouter Verhelst <w@uter.be>
Date:   Mon Dec 19 18:41:45 2016 +0100

    Add missing -t option

commit 36bf76f7a6f8a4a4c060b416cb8d9a3708e90c8c
Author: Alex Bligh <alex@alex.org.uk>
Date:   Sat Dec 17 12:19:59 2016 +0000

    WRITE_ZEROES is no longer an extension
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>

commit cd344bd4f45c820926bc1e131ad8e15cfcee5cad
Author: Alex Bligh <alex@alex.org.uk>
Date:   Sat Dec 17 12:04:45 2016 +0000

    INFO extension does not define NBD_OPT_BLOCKSIZE
    
    (it uses NBD_INFO_BLOCKSIZE)
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>

commit 21476f1553c2fadb36bbc29f14d1ffda56478c82
Author: Alex Bligh <alex@alex.org.uk>
Date:   Thu Dec 15 17:37:31 2016 +0000

    nbd-server: Kill dead mainloop()
    
    Unused since commit 6c2d8511.  Be the chainsaw mentioned in the comment :)
    
    Signed-off-by: Eric Blake <eblake@redhat.com>
    Signed-off-by: Alex Bligh <alex@alex.org.uk>

commit b7ffc95bd05a139aeeee470a33b962fd9a9e1721
Author: Alex Bligh <alex@alex.org.uk>
Date:   Thu Dec 15 16:35:51 2016 +0000

    write-zeroes: Fix doc typo prior to mainline merge
    
    Signed-off-by: Eric Blake <eblake@redhat.com>
    Signed-off-by: Alex Bligh <alex@alex.org.uk>

commit 24be8b7c9fdaece02b2e76c4a7c006b1e2a4a7bf
Merge: a9c0af9 b9029eb
Author: Alex Bligh <alex@alex.org.uk>
Date:   Thu Dec 15 09:40:33 2016 +0000

    Merge branch 'master' into extension-write-zeroes
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>

commit b9029ebff1a75c1c0dea8c2e53f871f02ed1b00b
Author: Alex Bligh <alex@alex.org.uk>
Date:   Thu Dec 15 08:18:26 2016 +0000

    Remove second include of unistd.h
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>

commit 62dbc8f69ef10d3d779b9ec4f60e13b0766ea570
Author: Alex Bligh <alex@alex.org.uk>
Date:   Thu Dec 15 08:13:00 2016 +0000

    Fix warning that would SEGV
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>

commit 53a90021bcd9a2be2b121935839e1016de6f29c7
Author: Wouter Verhelst <w@uter.be>
Date:   Sun Nov 27 20:28:04 2016 +0100

    Add BLOCK_STATUS flag
    
    Used by the extension of the same name.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit e8e730c2292c574d876256f7d3c211f6205d3351
Author: Wouter Verhelst <w@uter.be>
Date:   Sun Nov 27 20:24:47 2016 +0100

    Refer to the project rather than the user
    
    Since the canonical location is now in the NetworkBlockDevice
    organisation rather than the yoe user, update URLs that we link to.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit eb9e7946d35eb3572365251263906ff5b24bb838
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Nov 22 18:23:53 2016 +0100

    Make note about NBD_FLAG_CAN_MULTI_CONN
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit e02ca86cc7414cbbb85a1a73cece47e7573c7975
Author: Wouter Verhelst <w@uter.be>
Date:   Mon Nov 21 09:14:21 2016 +0100

    Request (but do not require) a certificate
    
    If the client has a certificate, at least we can send it to them then,
    that way.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit b22c01d3d889b2f0eee4b3ec10edeb4cabf6b6bc
Author: Wouter Verhelst <w@uter.be>
Date:   Mon Nov 21 09:13:33 2016 +0100

    Add a "wrong certificate used" test
    
    We want to fail authentication when the certificate in use is one not
    signed by the correct CA, so ensure that that happens.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit be8fd20a2af8f9f9021537029d974859ac959181
Author: Wouter Verhelst <w@uter.be>
Date:   Sun Nov 20 21:21:50 2016 +0100

    Re-add the SERVER_PRECEDENCE flag
    
    That's still a good idea, even if we require TLS1.2
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 12c9dd2486a8cda46b75ce4aff6d7755f7062ab2
Author: Wouter Verhelst <w@uter.be>
Date:   Sun Nov 20 21:19:03 2016 +0100

    Swap hostname and tlshostname
    
    The "tlshostname" argument must match the CN attribute on the server's
    certificate if we want SNI to work. Since that is set to "localhost", we
    should make sure that the -H argument actually matches that, or this
    test may fail (depending on GnuTLS version)
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 771b90365cdb66150ec23c97c5bbb592f9d756af
Author: Wouter Verhelst <w@uter.be>
Date:   Sun Nov 20 20:54:17 2016 +0100

    Reorder tls initialization
    
    If we're going to check whether tlshostname != NULL, then make sure we
    don't just always set it to !NULL the line before.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit a57790cf49bcac165ecc1d7d28e9d91647b378d4
Author: Wouter Verhelst <w@uter.be>
Date:   Sun Nov 20 20:46:39 2016 +0100

    Update priority string
    
    We want to disallow TLS <1.2, as per spec, so update the priority string
    to do so.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 6ea2da41c6cf703266db988ed3b74b8766660f81
Author: Wouter Verhelst <w@uter.be>
Date:   Sun Nov 20 20:44:42 2016 +0100

    Move DH initialization into the start of the program
    
    Initializing DH parameters takes a while (~1s on a 2.3GHz Intel Haswell
    core i7). Rather than doing it once per connection, do it once per
    nbd-server run.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 563f453e215eca0b24e05c46648d166d1e06e100
Author: Wouter Verhelst <w@uter.be>
Date:   Thu Nov 10 00:09:12 2016 +0100

    Update HAVE_GNUTLS checks in nbd-tester-client, too
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit d4c38c958191d3db8f88024f24427974c1077eb4
Author: Wouter Verhelst <w@uter.be>
Date:   Thu Nov 10 00:07:53 2016 +0100

    Improve TLS-related help output
    
    - Make it fit without 80 columns
    - Add note about -x parameter, too
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 5787482079e230f2f98639c803d8a49664dd1836
Author: Wouter Verhelst <w@uter.be>
Date:   Thu Nov 10 00:03:20 2016 +0100

    Sigh
    
    Add the missing "x"
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit f5b6ab1efdcc7b5628d449c4a3ff928ce70e4ac0
Author: Wouter Verhelst <w@uter.be>
Date:   Wed Nov 9 23:57:47 2016 +0100

    Fix check for HAVE_GNUTLS
    
    If we always define a variable (but simply set it to 0 sometimes), we
    cannot use #ifdef but must use #if instead.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 88d33c6f5663f24e5d8e2577f0a12364036074e5
Author: Wouter Verhelst <w@uter.be>
Date:   Wed Nov 9 23:50:57 2016 +0100

    Fix shell syntaxis
    
    The "test" command takes one or more arguments, which are then evaluated
    in the shell before processing. An assignment results in an exit state,
    which as far as test is concerned, is fine enough.
    
    Since we wrote "x$HAVE_GNUTLS=1", that would get expanded to "x0=1",
    meaning, we were assigning the value 1 to the variable "x0", which meant
    that "test" was seeing one argument rather than the three that we wanted
    to give it, and so it was happy.
    
    Fix by adding the required spaces to make test see the equals sign and
    perform the comparison.
    
    Shell is a horrible language.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 9cc03b4f046112a798c831834d3b14e56701d2c9
Author: Wouter Verhelst <w@uter.be>
Date:   Wed Nov 9 23:10:48 2016 +0100

    Remove last reference to tls_dir option
    
    This option no longer exists, so we shouldn't reference it anymore.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit ed1147c62b7e24bcc38225eeacedef86158d8b62
Author: Alex Bligh <alex@alex.org.uk>
Date:   Wed Nov 9 12:25:17 2016 +0000

    Set GnuTLS 2.12.0 as the minimum version
    
    We now compile against GnuTLS 2.12.0 (probably an earlier version would work
    too, but I don't have one right here to test against).
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>

commit ad7a3cca8d6b5f3311cd195c133237aabafe1898
Author: Alex Bligh <alex@alex.org.uk>
Date:   Wed Nov 9 12:17:47 2016 +0000

    gnutls_transport_set_int is only available for gnutls 3.1.9 or later
    
    gnutls_transport_set_int is only available for gnutls 3.1.9 or later so
    on earlier versions use gnutls_transport_set_ptr with a cast, or more
    accurately two casts (ugly), as that eliminates a warning about a cast
    from an integer to a pointer of a different size.
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>

commit f503c4ebd14f57f16f8107136b17a991cf955d32
Author: Alex Bligh <alex@alex.org.uk>
Date:   Wed Nov 9 12:06:38 2016 +0000

    GNUTLS_SEC_PARAM_MEDIUM was previously called GNUTLS_SEC_PARAM_NORMAL
    
    Fix one compilation error on early GnuTLS thanks to their non-backwards
    compatible API change.
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>

commit b5342f66b4d36f2fca3492eb6b966207c6f8eba2
Author: Alex Bligh <alex@alex.org.uk>
Date:   Wed Nov 9 11:47:58 2016 +0000

    Update crypto-gnutls.c to upstream
    
    Update crypto-gnutls.c to upstream to fix bug when GNU_TLS_E_AGAIN
    is returned. See:
       https://github.com/abligh/tlsproxy/issues/1
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>

commit 2b2756b048b0e11b8378ddbb449fcc7c82b32c99
Author: Wouter Verhelst <w@uter.be>
Date:   Wed Nov 9 00:36:21 2016 +0100

    Fix defines again
    
    s/WITH_GNUTLS/HAVE_GNUTLS/g
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit a15507f5e914855205d7eab370e1bc853d7360bd
Author: Wouter Verhelst <w@uter.be>
Date:   Wed Nov 9 00:27:25 2016 +0100

    Allow anonymous TLS, too
    
    Certificate authentication is nice, but we shouldn't require it.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 2ac4a4979d2e875e494efa4055a671e83cd25018
Author: Wouter Verhelst <w@uter.be>
Date:   Wed Nov 9 00:27:02 2016 +0100

    Document nbd-client options
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 4b2555fbb897864afd43c3cc064f0e558d90c6ae
Author: Wouter Verhelst <w@uter.be>
Date:   Wed Nov 9 00:24:54 2016 +0100

    Remove hostname confusion
    
    Currently, there is a "hostname" argument (which specifies the server to
    connect to, and which is not an option argument) and a '-hostname'
    argument (which takes the hostname for SNI connectivity in the TLS
    context). The two are only tangentially related, and it could be
    confusing to have two "hostname" arguments.
    
    Rename the TLS-related one to tlshostname to clarify.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 1b8615852b623005e35aa4e50bc98b0572439497
Author: Alex Bligh <alex@alex.org.uk>
Date:   Tue Apr 12 14:18:27 2016 +0100

    Add TLS support to NBD client
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>
    (cherry picked from commit ad3ddfe14bce1c7fca8ab7205d210ab2e312aaac)
    [wouter: fix conflict with multiple connections changes]
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 18ceafed9bf4d2070848711d4d9a90327ad88094
Author: Alex Bligh <alex@alex.org.uk>
Date:   Tue Apr 12 13:07:26 2016 +0100

    Add options to nbd-client for TLS support
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>
    (cherry picked from commit 40426ea76ab4c2c37ddda96e56f9145f53c531aa)
    [wouter: make --certfile be -F rather than -C, which was already taken by --connections]
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 7317e855f5377e37be94ce2c6cc962e4ee229af5
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Nov 8 21:01:46 2016 +0100

    Reorder code
    
    No need to #endif out of the TLS code block if we're going to #ifdef it again
    half a screen further down
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 251866769312fd5fc9e4d5210e6e115d0ee1d603
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Nov 8 20:34:56 2016 +0100

    send_export_info(): use socket_write()
    
    This function was still using plain write() calls rather than socket_write()
    ones. Fix.
    
    This makes nbd-server survive the TLS test suite.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 1816ba896bbe0201cb11d081f9527bafe3c9e88b
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Nov 8 19:50:01 2016 +0100

    Fix logic error
    
    The combined check for tls-only exports with "is this the right export"
    was failing. Additionally, it was complicated code. Rather than trying
    to fix it, separate the two checks and use "continue" to move on to the
    next export if the tls check fails.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit b689690786569ad2ddcf3d1240dfc24142b75769
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Nov 8 19:39:54 2016 +0100

    Don't forget to read and check length of STARTTLS
    
    We forgot to read the "length" field of the STARTTLS command.
    Additionally, we need to check that the length is in fact zero
    (otherwise the STARTTLS command is invalid)
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit f33f5d2390ef07e5a4e582d05d1de21de1a1346c
Author: Wouter Verhelst <w@uter.be>
Date:   Sat Nov 5 14:36:29 2016 +0100

    Be a bit clearer on failure
    
    Saying "it wasn't NBD_REP_ACK isn't as useful as "I received foo while I
    expected NBD_REP_ACK" for debugging.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 8bcf04543a39269a5f5d8aad0a02629ea204013e
Author: Wouter Verhelst <w@uter.be>
Date:   Sat Nov 5 14:35:33 2016 +0100

    Show some more information on why we failed
    
    When the handshake fails, it's useful to know why exactly it fails, so
    produce an error message in that case.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit fbebdc16f7c0ea753c2e0c9a115c2858fbd20ff1
Author: Wouter Verhelst <w@uter.be>
Date:   Sat Nov 5 14:34:42 2016 +0100

    Don't dereference pointers that may be NULL
    
    There's a test for !client, but that is done after we try to dereference
    it. That can't be right.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit c0362143d27ed455a3bc4c330c676a3b4a24dde4
Author: Wouter Verhelst <w@uter.be>
Date:   Thu Nov 3 19:52:23 2016 +0100

    Dereference the correct variable
    
    tlsdir no longer exists, so stop trying to read from it.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 7011116b2deddc5003da0a909bca26fc44397e15
Author: Wouter Verhelst <w@uter.be>
Date:   Thu Nov 3 19:50:14 2016 +0100

    Update comment to sync with reality
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit aac312d425e5fd97391f75e7a1c247841bcf91aa
Author: Wouter Verhelst <w@uter.be>
Date:   Thu Nov 3 19:49:31 2016 +0100

    Fix AC_DEFINE usage
    
    Apparently AC_DEFINE does not expand shell variables, so we need to
    place it inside an if structure.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 10fb1a964fb81cb479f10f1378f41dacfc8f297b
Author: Wouter Verhelst <w@uter.be>
Date:   Sat Nov 5 14:41:25 2016 +0100

    Log something on address family mismatch
    
    Currently, when we refuse to match an authorized_file entry for address
    family mismatches, we don't say anything and instead just exit. That
    works, but makes debugging harder.
    
    Add a log message, so that users can at least figure out why things
    fail.
    
    Should help for github issue #35, although it's not a full fix.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 2152174451123ab12e00fc8511264a5b5f259ca0
Author: Wouter Verhelst <w@uter.be>
Date:   Thu Nov 3 19:28:58 2016 +0100

    Add the set_nonblocking function
    
    Commit be34514f857d60b453bb12a8dca626ace1dc79a5 (which we don't want)
    added the set_nonblocking() function to cliserv.c, which
    2a5a4f2058827279247641d2db326079b026ca15 added to nbd-tester-client.
    
    Add this now.
    
    Fixes: 2a5a4f2058827279247641d2db326079b026ca15
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 02470c40d2f01c2eed8da4a17df2d1729678b53a
Author: Wouter Verhelst <w@uter.be>
Date:   Thu Nov 3 19:24:55 2016 +0100

    Use correct #ifdefs
    
    I forgot to update nbd-tester-client.c to check the correct #ifdefs
    (HAVE_GNUTLS rather than WITH_GNUTLS). Fix.
    
    Fixes: 2a5a4f2058827279247641d2db326079b026ca15
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 184fd13f6b3624a35adde1f4573519c8ffac2deb
Author: Wouter Verhelst <w@uter.be>
Date:   Thu Nov 3 19:22:57 2016 +0100

    Improve upon build system even further
    
    We botched the build system changes a bit, so fix them properly now.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 8dff595904b0f45c3667c23cf9f42fd94f35a83e
Author: Wouter Verhelst <w@uter.be>
Date:   Thu Nov 3 19:20:07 2016 +0100

    Make nbd-client -l work again
    
    We don't need to open an nbd device if all we're going to ask for is the
    list of exports.
    
    Also, nbd-client -l is a valid thing to run even if you don't have
    access to /dev/nbd* (which the test suite does, for instance), so don't
    even try to open the device node unless we really need to.
    
    Fixes: 4e08f11ab9996d0c4a8c52d5acecf8b33890825f
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 2a5a4f2058827279247641d2db326079b026ca15
Author: Alex Bligh <alex@alex.org.uk>
Date:   Mon Apr 11 17:46:35 2016 +0100

    Add TLS testing to nbd-tester-client.c
    
    This commit adds TLS testing to nbd-tester-client and 'make check'.
    If TLS is not compiled in, then the test is skipped.
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>
    (cherry picked from commit 48065afaa8dee3eda6221660200ac473becf5c0e)
    [wouter: update to make it apply in the face of handshake test]
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 3123cbe4c32336520b53672c25be8bb68e246c2a
Author: Wouter Verhelst <w@uter.be>
Date:   Thu Nov 3 19:02:41 2016 +0100

    Clarify which group
    
    We specify the name of the group in an extra parameter, without actually
    using it, which causes a compiler warning. While removing that extra
    parameter would have fixed this, stating which group we're failing on is
    actually useful information, so add that to the output.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 779e43a680e6ca80c177565bb38c293ff291973f
Author: Wouter Verhelst <w@uter.be>
Date:   Thu Nov 3 19:02:08 2016 +0100

    Use correct function
    
    strcmp doesn't take a length, but strncmp does
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 896435c7676efd93646f24587dd0eb033c5bd9ad
Author: Wouter Verhelst <w@uter.be>
Date:   Thu Nov 3 19:00:26 2016 +0100

    Fix tls options
    
    Rather than specifying a single directory that contains all files,
    specify the three options which we need by individual files.
    
    Based on commit e851a027fe889779c091233849797718a7ae3792, originally by
    Alex Bligh <alex@alex.org.uk>, but significantly altered to make it also
    remove my older stuff.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 91cbdfa8f16050494795299bab597593c7baedeb
Author: Alex Bligh <alex@alex.org.uk>
Date:   Sun Apr 10 14:33:56 2016 +0100

    Add GnuTLS infrastructure
    
    Add configure.ac section to detect GnuTLS
    
    Add buffer.[ch] and crypto-gnutls.[ch] from
      https://github.com/abligh/tlsproxy
    
    Add Makefile.am changes to link these new files in
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>
    (cherry picked from commit aac8f6afbaf982431b4b97c978c3d0156badbbe5)
    [wouter: updated to cooperate with server-side GnuTLS support that already exists]
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 6a73e15efca75d30965e14a9e352d27fefce6f52
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Nov 1 10:28:51 2016 +0100

    doc: Allow NBD_OPT_ABORT in FORCEDTLS
    
    It does not make sense to disallow a soft disconnect when the client
    cannot do TLS, so make that explicitly legal as well in the FORCEDTLS
    situation.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 7bdccfe8f5430ea71677b3d040e4ab711889f049
Author: Wouter Verhelst <w@uter.be>
Date:   Mon Oct 31 03:03:28 2016 +0100

    Allow setting the number of connections from the nbdtab file, too
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 8773ea7f71babba6ab2a66ddbacd42cf692e08d0
Author: Wouter Verhelst <w@uter.be>
Date:   Mon Oct 31 02:54:36 2016 +0100

    Document new options
    
    The last two patches introduced new command-line options for nbd-client
    and new config file options for nbd-server, but did not document them.
    Fix.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 4e08f11ab9996d0c4a8c52d5acecf8b33890825f
Author: Josef Bacik <jbacik@fb.com>
Date:   Thu Sep 8 12:30:27 2016 -0700

    nbd-client: add support for multiple client connections
    
    Now that the kernel provides the ability to have multiple connections per NBD
    device, provide an option for the user to specify how many connections to open
    up.
    
    Signed-off-by: Josef Bacik <jbacik@fb.com>
    (cherry picked from commit 4eec891cd6cd25a420f3fe10b32cd9d561058572)
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 95df23896e42730563c26d703bc19ed92d2f2f78
Author: Josef Bacik <jbacik@fb.com>
Date:   Tue Jul 5 14:53:20 2016 -0400

    Add splice support
    
    Using splice can net a pretty big performance improvement.  Add a per export
    option to enable splice.  Using splice will create a pipe for every write to
    buffer our write buffer into, and will create a temporary pipe for reads to read
    our data into and splice into our socket.
    
    Splice has a few limitations.  We are limited to the in kernel pipe size for our
    requests, so if any request exceeds those limits we'll fall back to normal
    read/writes.  Copyonwrite would add to the complexity by having multiple pipes
    to deal with any diff files, so to avoid that we simply do not allow copyonwrite
    coupled with splice.
    
    Signed-off-by: Josef Bacik <jbacik@fb.com>
    (cherry picked from commit 3135b8677efa31069e846d659398abf2e8827c67)
    [wouter: modified to apply after STARTTLS patch, and to not trigger when TLS is active]
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 38d62cf88d89244441cb6ba70e7856e319f3f46e
Author: Wouter Verhelst <w@uter.be>
Date:   Mon Oct 31 00:38:10 2016 +0100

    Provide a success message for the handshake test
    
    All other tests produce a message upon successful completion of the
    test, so make the handshake test follow suit.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit bc66b4b5cd8e3a6ec9d5b05cc9ed153be485f560
Author: Wouter Verhelst <w@uter.be>
Date:   Mon Oct 31 00:37:06 2016 +0100

    Move declaration to the right place
    
    A forward declaration that isn't actually a forward one is less than
    helpful.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 68bce6d6777f8d055118e1be810b41874d8ca3e1
Author: Eric Blake <eblake@redhat.com>
Date:   Wed Oct 19 19:48:15 2016 -0500

    tests: Cover recent bug fixes
    
    Add a new test 'handshake' that intentionally provokes a server error
    during option negotiation, before falling back to NBD_OPT_ABORT to
    end negotiation, to prove that the server is correctly allowing a
    client to fall back to known options; thus covering two recent bug
    fixes for a server sending the wrong length in an error reply, and
    for a server not reading enough data when replying to an unknown
    command.
    
    Signed-off-by: Eric Blake <eblake@redhat.com>
    [reflowed in light of b8852465a]
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 7e901617ece470c26ae0e0159f1a2b466719cdf8
Author: Wouter Verhelst <w@uter.be>
Date:   Mon Oct 31 00:10:03 2016 +0100

    Properly handle maxconnections
    
    The "maxconnections" setting considers connections to all exports,
    rather than "just" the one where the "maxconnections" setting is set.
    This is unexpected and not useful.
    
    Fix by creating a socketpair over which the child asks the parent
    process whether a connection to the given export is allowed, rather than
    doing the check in the client process.
    
    Closes github #35
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit fa8808d75e4726bdf5eac5d47e3cf4790ef5aa3c
Author: Wouter Verhelst <w@uter.be>
Date:   Fri Oct 21 13:51:55 2016 +0200

    Add missing #endif
    
    Commit e8c8cdc removed the non-GnuTLS alternate implementation of
    handle_starttls, but accidentally removed the #endif at the end, causing
    failure to compile.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 500dd1c91a63bc5b89d11f8af2f7100a03a7c0e5
Author: Wouter Verhelst <w@uter.be>
Date:   Fri Oct 21 13:50:17 2016 +0200

    EXTRA_DIST support/genver.sh
    
    Now that we pass '-I support' through ACLOCAL_AMFLAGS, the "support"
    directory needs to actually exist for things to continue working.
    Additionally, support/genver.sh needs to exist in non-git directories
    for autoconf to do its thing.
    
    Ship genver.sh to kill both flies with one stone.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 5c59f15e0ac4a5c55624cf9591e964bf9b8915b9
Author: Wouter Verhelst <w@uter.be>
Date:   Fri Oct 21 10:20:05 2016 +0200

    Don't forget the NBD_REP_ACK
    
    We're not allowed to start TLS negotiation until *after* we've sent an
    ACK to the client. Do so.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit e8c8cdc422162d442e51b6b2b0b2bd7c6bedfe19
Author: Wouter Verhelst <w@uter.be>
Date:   Fri Oct 21 10:18:05 2016 +0200

    Send a proper error if GnuTLS was not compiled in
    
    Currently we just hung up, which is not cool (and not what the spec wants).
    Instead, we should send NBD_REP_ERR_PLATFORM.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit ba2892b290fc7ce748f03c6c96737cb105836dc5
Author: Wouter Verhelst <w@uter.be>
Date:   Fri Oct 21 10:16:44 2016 +0200

    Don't forget the break
    
    After successfully negotiating TLS, we should read the next option, not
    send NBD_REP_ERR_UNSUP (in the encrypted channel!) to the client...
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 2ab3a2db94930b25bb685d6102e6d1435ebd73d4
Author: Eric Blake <eblake@redhat.com>
Date:   Mon Oct 17 15:23:40 2016 -0500

    server: Read client's TLS length data before next option
    
    Any client attempting to probe support for a new option, such as
    NBD_OPT_STARTTLS or NBD_OPT_GO, with plans to do a graceful
    fallback to older methods, will fail in its attempt if the server
    does not consume the length field and potential payload of the
    unrecognized (or rejected) option, because the server will then
    be reading out of sync and not see the client's magic for the
    next option.  While it is true that sane clients are unlikely to
    send more than one NBD_OPT_STARTTLS, and thus never trigger some
    of the paths in this patch, it is still better to be robust for
    all clients.
    
    Furthermore, even if the server requires TLS, and rejects all but
    NBD_OPT_STARTTLS as the first valid option, it should still honor
    NBD_OPT_ABORT.
    
    Signed-off-by: Eric Blake <eblake@redhat.com>
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 381eca11157654de205d4401b157d0283a6231dc
Author: Eric Blake <eblake@redhat.com>
Date:   Mon Oct 17 15:23:38 2016 -0500

    server: Read client's unknown option length before next option
    
    Any client attempting to probe support for a new option, such as
    NBD_OPT_STARTTLS or NBD_OPT_GO, with plans to do a graceful
    fallback to older methods, will fail in its attempt if the server
    does not consume the length field and potential payload of the
    unrecognized (or rejected) option, because the server will then
    be reading out of sync and not see the client's magic for the
    next option.  This bug has been latent in the reference
    server since commit 626c2a3 in 2012, even though it is EXACTLY
    the bug that NBD_FLAG_FIXED_NEWSTYLE was designed to prevent.
    
    The only reason it has been buggy for so long is that it has
    taken us this long to finally want to implement clients that use
    a new option.
    
    This patch fixes only the portion of the server that has been
    previously released, to make backports easier. The new code for
    handling TLS also needs fixing, in the next patch.
    
    Signed-off-by: Eric Blake <eblake@redhat.com>
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 1a315833ad51636e15a05b930c0318ef36003d25
Author: Eric Blake <eblake@redhat.com>
Date:   Mon Oct 17 15:23:37 2016 -0500

    server: Swap argument order in consume()
    
    The signature of consume() threw me off.  Good design says that if
    you are going to have paired parameters (buf and bufsize), you
    generally want them adjacent, not separated by an unrelated parameter
    (len).  Move len to be first, adjusting all callers.
    
    Signed-off-by: Eric Blake <eblake@redhat.com>
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 6201b7dea00afe226832693b6685e4ad793df2a8
Author: Eric Blake <eblake@redhat.com>
Date:   Mon Oct 17 15:23:36 2016 -0500

    server: Fix botched strlen computation of error message
    
    Commit 3b80382 tried to make it easy for the server to send an
    error message whose length was determined by strlen(), but ended
    up sending a length of UINT32_MAX, causing clients to either
    hang up (reply too large) or wait for nearly 4G of data that was
    never coming.
    
    Signed-off-by: Eric Blake <eblake@redhat.com>
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 5ee6fb6e0fe02a6a3bcb365a80200b01db24d149
Author: Wouter Verhelst <w@uter.be>
Date:   Fri Oct 21 09:55:23 2016 +0200

    Correct comment
    
    NBD_OPT_EXPORT_NAME cannot be issued before NBD_OPT_STARTTLS, period,
    since it needs to be the final option. However, future versions of
    nbd-server will support NBD_OPT_SELECT/NBD_OPT_GO, in which case this
    *will* be necessary.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 8c52d38df45e5acfe9658c3e5a9090910c8f98e6
Author: Wouter Verhelst <w@uter.be>
Date:   Fri Oct 21 09:54:01 2016 +0200

    Conditionally compile in GnuTLS
    
    ... so that we can still compile on platforms that don't have
    GnuTLS >= 3.3
    
    TODO: consider whether allowing an older version of GnuTLS is sensible.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 6a70923ef754a59fec52942d621099c128902233
Author: Wouter Verhelst <w@uter.be>
Date:   Fri Oct 21 09:51:35 2016 +0200

    Set function pointers
    
    The client->socket_read and client->socket_write function pointers need
    to be changed after we negotiated TLS. Forgetting this means we
    negotiate TLS successfully, and then try to continue to communicate in
    cleartext...
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 4e8ae317be5a51d58d8879a99ecf632aa84c552c
Author: Wouter Verhelst <w@uter.be>
Date:   Fri Oct 21 09:50:58 2016 +0200

    Fix memory leak
    
    If we don't need the session, we need to deallocate after deiniting it.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 2a6767ce5805edb9f8ecbbcbe458839aaeb8c575
Author: Eric Blake <eblake@redhat.com>
Date:   Thu Oct 20 14:05:52 2016 -0500

    build: Ignore copied file during in-tree build
    
    Commit b885246 creates a symlink to work around an automake weakness,
    but forgot to ignore the link when doing an in-tree build.
    
    Signed-off-by: Eric Blake <eblake@redhat.com>
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit b8852465a15c928e0000c43c571a22b4a4152906
Author: Eric Blake <eblake@redhat.com>
Date:   Wed Oct 19 14:37:15 2016 -0500

    build: Silence autogen.sh warnings
    
    Starting from a fresh git checkout, running ./autogen.sh gives a
    couple of warnings on my Fedora 24 build tools, one from libtool:
    
    libtoolize: Consider adding '-I support' to ACLOCAL_AMFLAGS in Makefile.am.
    
    and one from automake:
    
    tests/run/Makefile.am:4: warning: source file '$(top_srcdir)/cliserv.c' is in a subdirectory,
    tests/run/Makefile.am:4: but option 'subdir-objects' is disabled
    automake: warning: possible forward-incompatibility.
    automake: At least a source file is in a subdirectory, but the 'subdir-objects'
    automake: automake option hasn't been enabled.  For now, the corresponding output
    automake: object file(s) will be placed in the top-level directory.  However,
    automake: this behaviour will change in future Automake versions: they will
    automake: unconditionally cause object files to be placed in the same subdirectory
    automake: of the corresponding sources.
    automake: You are advised to start using 'subdir-objects' option throughout your
    automake: project, to avoid future incompatibilities.
    
    Following the advice almost works, except that automake 1.15 still
    has a nasty bug (https://debbugs.gnu.org/cgi/bugreport.cgi?bug=13928)
    where use of $(foo) in a _SOURCES variable coupled with subdir-objects
    creates a directory with a literal name $(foo) rather than the intended
    name.  And while open-coding it (using ../../ instead of $(top_srcdir)/)
    works around the problem of bad naming in automake 1.15, it fails for
    automake 1.11 (hello CentOS 6), due to the order in which .deps files
    are erased vs. included in makefiles.  The solution that works across
    all automake versions is to only stick files in _SOURCES that do not
    live outside of the subtree.  Note that we only need to copy cliserv.c
    into the tests/run directory; automakes handling of dependencies will
    still rebuild against .h file changes even without listing the .h files
    or copying them locally.
    
    I also noticed that the build was already leaving behind an untracked
    manpage.log file, in addition to the new .dirstamp witness file created
    by our new use of subdir-objects.
    
    This patch has been tested with 'make distcheck' across multiple
    automake and libtool versions, ranging from CentOS 6 vintage to current
    git toolchains.
    
    Signed-off-by: Eric Blake <eblake@redhat.com>
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit a441594cc330ddba9c2cb79594a2fb3c69c05abb
Author: Eric Blake <eblake@redhat.com>
Date:   Wed Oct 19 14:37:14 2016 -0500

    build: Distribute netdb-compat.h without relying on tests
    
    nbd-server depends on netdb-compat.h; however, we were only
    including it in the tarball as a side effect of it also being
    used by the testsuite.  Make the dependency explicit.
    
    Signed-off-by: Eric Blake <eblake@redhat.com>
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 03b47fe6646a870859b8fbc9903dc9aa64cd1b70
Author: Eric Blake <eblake@redhat.com>
Date:   Thu Oct 20 09:22:06 2016 -0500

    maint: Let emacs know our preferred style
    
    Teach emacs that this entire source tree uses Linux style
    indentation (8-space indents, but with hard TAB character
    instead of spaces).  Without this hint, the default emacs
    C style tries to use 2-space indentation, making it a pain
    to edit correctly when automatic formatting is enabled.
    
    Signed-off-by: Eric Blake <eblake@redhat.com>
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit f89d1c07e2a732bac8481d875f8d0599d0072767
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Oct 11 20:47:29 2016 +0200

    Improve string
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 12773c9c3be249f6374a77f80de86e19de84522a
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Oct 11 20:47:04 2016 +0200

    Rename the goto label to clarify that we're dealing with a hard close here
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 293371004400ed26e0d13820ed3365691a91427f
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Oct 11 20:46:47 2016 +0200

    Don't send an option reply to OPT_EXPORT_NAME
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 052e20dd472dabf867302295a0d62e94633d68f4
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Oct 11 20:39:54 2016 +0200

    Silence compiler warning
    
    size.c: In function ‘main’:
    size.c:12:2: warning: ignoring return value of ‘write’, declared with attribute warn_unused_result [-Wunused-result]
      write(fd, filename, 1);
    
    We don't actually care (if write fails, the size detection will also
    fail, so the test will fail), but it doesn't hurt to be somewhat more
    explicit.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 1bcc54eb5954585e6e136d0f2530c7a8f3887a6a
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Oct 11 02:10:56 2016 +0200

    Whitespace fix
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit cbe48a8bb7f92beb1096e115b11e57482c653d02
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Oct 11 02:08:46 2016 +0200

    Don't change socket options after negotiation
    
    Now that we may negotiate TLS in the negotiation function, manually
    touching the socket after setting up the GnuTLS context is no longer a
    good idea.
    
    Move the functions that change socket options so they are called before
    negotiate().
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit a2b353b51717ee0cf1e179ca7055c18d21fe5f53
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Oct 11 02:07:55 2016 +0200

    Send error messages to the client
    
    When an error occurs during negotiation, make the server send a
    human-readable error message to the client along with the error reply
    message.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 3b803827fce1742c6183706f50340f0cb3e2374a
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Oct 11 02:06:53 2016 +0200

    Allow for easy sending of error messages
    
    While the protocol spec allows it, currently we don't actually send any
    data to the client when we send an error message.
    
    Change the send_reply() function to make that easier.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 0c95d8f45c24e9e94c05a0c63683aef117eab5bc
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Oct 11 01:16:46 2016 +0200

    Implement STARTTLS server side
    
    This adds support for STARTTLS to nbd-server. Still TODO are:
    - Testing
    - client-side
    - Testing
    - Verification that everything works the way it should, also against other
      implementations (e.g., qemu)
    - Testing
    - Add unit tests for STARTTLS implementation, too.
    - Testing
    
    Did I mention this hasn't been tested well, yet?
    
    At least it compiles.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 55cdcbb8675dbcfba55919db27183807b487de87
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Oct 11 00:14:56 2016 +0200

    Resync comment with reality
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 52ab4d199af66cffdc095e1dad63efaa588b7184
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Oct 11 00:10:20 2016 +0200

    Speed up the critical path
    
    These socket_read() and socket_write() functions will now be called
    everywhere in the critical path (especially socket_write(), which will
    be called with a mutex held). Therefore, their performance is critical.
    
    Since a conditional jumps wreak havoc on cache prediction, use function
    pointers to avoid them, thereby not negatively impacting performance
    too much.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit cccef815a56f2da88b41d2e3a01117e6c09033ad
Author: Wouter Verhelst <w@uter.be>
Date:   Tue Oct 11 00:04:17 2016 +0200

    Refactor negotiation a bit.
    
    Currently, we did negotiation by way of direct read() and write() calls.
    This has two problems:
    - The error handling in the implementation is not perfect; it is
      possible to have short reads, which would result in the server
      assuming a buffer has a given size, when in reality it does not.
    - Having direct read() and write() calls makes it impossible to abstract
      away whether we're using TLS or not.
    
    The easy fix is to use the new socket_read() and socket_write() calls,
    but those require a CLIENT* to be available before they can be used.
    Rather than allocating it in handle_export_name(), we now allocate it in
    negotiate(), passing the pointer to the export name handler, and
    removing its allocation.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 234e6748dbc591d51a72997111cfcc9767f60089
Author: Wouter Verhelst <w@uter.be>
Date:   Mon Oct 10 22:54:24 2016 +0200

    Remove bashism
    
    Running an EXIT trap on abnormal termination of the shell is a bashism;
    dash, for instance, does not run them on SIGINT.
    
    Fix by explicitly adding a trap for SIGINT.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 0f50492ed7548876892cf39cc6bf88a0b9175d04
Author: Wouter Verhelst <w@uter.be>
Date:   Fri Oct 7 17:16:07 2016 +0200

    Re-enable integrityhuge test
    
    This used to cause deadlocks due to the fact that both server and tester
    client did single-threaded and blocking I/O. However, this has now been
    fixed, so we really should re-enable the check.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 3fd96ee040cf94dae4095bd84cd245f1a421b462
Author: Wouter Verhelst <w@uter.be>
Date:   Fri Oct 7 17:10:35 2016 +0200

    Prepare for allowing STARTTLS
    
    Replace every use of readit() or writeit() on a socket by an abstracting
    socket_read()/socket_write() function instead.
    
    This socket_read()/socket_write() function will call
    gnutls_record_recv()/gnutls_record_send() if the client is doing TLS,
    which we signal by the non-NULL-ness of the new .tls_session member of
    the CLIENT struct.
    
    After that, once we add STARTTLS negotiation, we should be able to do
    TLS properly.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 2ac59db544d75397cd83646a75eb3a0ac63adf9c
Author: Wouter Verhelst <w@uter.be>
Date:   Fri Oct 7 17:08:22 2016 +0200

    Don't claim we're exiting when we're not.
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 5d914ac71764c54952d7e923a896248bff287838
Author: Wouter Verhelst <w@uter.be>
Date:   Fri Oct 7 17:07:46 2016 +0200

    Search for and compile in GnuTLS
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 610e2e04b3ed458e698065d15fb538536e2442cc
Author: Wouter Verhelst <w@uter.be>
Date:   Fri Oct 7 12:48:12 2016 +0200

    glibc wants _DEFAULT_SOURCE rather than _BSD_SOURCE nowadays
    
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 485cf8404035116b36a18d690d116972767f13c4
Author: Josef Bacik <jbacik@fb.com>
Date:   Wed Jul 6 12:30:15 2016 -0400

    Work with old autotools
    
    m4_esyscmd_s doesn't exist with old autotools, nor does serial_tests.  Fix up
    these to use the old variants and not include serial_tests if our autotools
    don't have support for it.  Also add gthread to the glib check since older glibs
    don't get the proper includes/libs by default without it.
    
    Signed-off-by: Josef Bacik <jbacik@fb.com>
    (cherry picked from commit dc6b6e208f597e7e287a3181f1fcbd923d2bf223)
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit dace3adbe4b4cea8a49c48ba5474140dbb5ae528
Author: Josef Bacik <jbacik@fb.com>
Date:   Wed Jul 6 12:25:08 2016 -0400

    Fix compilation errors on old glib versions
    
    On centos6 the older version of glib needs to have g_thread_init() run before we
    create the threadpool, however this is a deprecated function and we don't need
    it on newer glibs.  So add a configure check to see if our glib is the old one
    and add the appropriate includes and g_thread_init() call.  Tested on centos6
    and Fedora 23 to make sure it did the right thing in both cases.
    
    Signed-off-by: Josef Bacik <jbacik@fb.com>
    (cherry picked from commit 92fc4f11aa6c27aeb7ba28a510b550b550d13b60)
    Signed-off-by: Wouter Verhelst <w@uter.be>

commit 0200418df37bfeb00adae25eed5031eea762c36d
Author: Wouter Verhelst <w@uter.be>
Date:   Thu Oct 6 14:46:16 2016 +0200

    Clarify that clients cannot expect ordering in the face of multiple connections.

commit ac45246b0b350f07dce3f9c8e02559867d370cfb
Author: Wouter Verhelst <w@uter.be>
Date:   Sat Oct 1 13:34:51 2016 +0200

    Clarify that it's not really *all* options
    
    Closes github issue#40

commit d9233191f6e63ca0d5d90c33f80d619a307f8e1c
Author: Alex Bligh <alex@alex.org.uk>
Date:   Mon Sep 26 19:36:10 2016 +0100

    Ensure length of flush command is set to zero
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>

commit c6e9513e4a9de031e793cf3b50a9988b44e834e2
Author: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006@gmx.net>
Date:   Mon Sep 26 03:22:52 2016 +0200

    nbd-tester-client: fix flags usage.
    
    Running nbd-tester-client against nbdkit with oldstyle negotiation was fun.
    I managed to segfault nbdkit and noticed that nbd-tester-client speaks
    the oldstyle protocol incorrectly, ignoring flags sent by the server.
    
    Fix.

commit faa41ab4a4c80e31582f3d69fcc31ce4105feed9
Author: Alex Bligh <alex@alex.org.uk>
Date:   Thu Sep 15 13:25:47 2016 +0100

    Docs: remove reference to 'write barrier' in NBD_CMD_FLUSH
    
    Reference to a 'write barrier' in NBD_CMD_FLUSH is confusing as it might
    appear to be a reference to an old-style linux block layer write barrier
    which actually waits for all writes to complete, rather than just requiring
    writes that have completed (and for which replies have been sent) have
    been persisted.
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>

commit a910d5f8471d00c0a872f50996ce2d61bad7d1ab
Author: Wouter Verhelst <w@uter.be>
Date:   Thu Aug 11 19:25:09 2016 +0200

    Add CII Best Practices badge. No, we're not ready yet.

commit c8a485f17b127eff204871c57a028a35ccb86b81
Author: Wouter Verhelst <w@uter.be>
Date:   Wed Jul 13 17:17:30 2016 +0200

    Don't forget to ship the nbd@.service.tmpl file

commit f9bcc3dfa53dc2bbcd54c5eeafc19fbb7c8fc986
Author: Wouter Verhelst <w@uter.be>
Date:   Wed Jul 13 10:42:57 2016 +0200

    Move statements to their correct section
    
    Before belongs in the [Unit] section, not the [Service] one. Also,
    remove duplicate RequiredBy statement in Service section.

commit a9c0af91032165eec312b31f25d5dc0fdced7338
Merge: 345b3b3 772b264
Author: Alex Bligh <alex@alex.org.uk>
Date:   Fri Apr 22 20:11:00 2016 +0100

    Merge branch 'master' into extension-write-zeroes

commit 345b3b32e80d2aff16500d5b2564623386ebb181
Merge: 523adfa 6b5bd32
Author: Alex Bligh <alex@alex.org.uk>
Date:   Thu Apr 21 13:27:13 2016 +0100

    Merge branch 'master' into extension-write-zeroes

commit 523adfa67ce571b50b08a6ced28caa19cf979fcb
Author: Alex Bligh <alex@alex.org.uk>
Date:   Fri Apr 15 13:02:32 2016 +0100

    Add support for NBD_CMD_WRITE_ZEROES
    
    This is a very basic implementation which could do with optimisation.
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>

commit fc30e1f293b2fa707e6b765a04a6c08ade4f0591
Author: Alex Bligh <alex@alex.org.uk>
Date:   Fri Apr 15 13:52:49 2016 +0100

    Introduce WRITE_ZEROES
    
    This patch introduces the WRITE_ZEROES extension
    
    Signed-off-by: Alex Bligh <alex@alex.org.uk>
