diff --git a/src/Makefile.am b/src/Makefile.am
index a14cb3f83ff3a61f397717543cf143e007f98aaf..214580e5f66ee884d52ee4aad311b0e5bc88dbe0 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -161,6 +161,7 @@ UTIL_SOURCES = \
util/virrotatingfile.h util/virrotatingfile.c \
util/virscsi.c util/virscsi.h \
util/virseclabel.c util/virseclabel.h \
+ util/virsecret.c util/virsecret.h \
util/virsexpr.c util/virsexpr.h \
util/virsocketaddr.h util/virsocketaddr.c \
util/virstats.c util/virstats.h \
diff --git a/src/conf/secret_conf.h b/src/conf/secret_conf.h
index ca1afec1964e08a36f5b357fb7cbcbec8ba52920..4584403dcb47f50c5f4bb1ac8f504ef6f5105089 100644
--- a/src/conf/secret_conf.h
+++ b/src/conf/secret_conf.h
@@ -35,7 +35,7 @@ struct _virSecretDef {
bool isprivate;
unsigned char uuid[VIR_UUID_BUFLEN];
char *description; /* May be NULL */
- int usage_type;
+ int usage_type; /* virSecretUsageType */
union {
char *volume; /* May be NULL */
char *ceph;
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 501c23e67f9b9913a261a9bedb511acad4d3e73b..21223a80d6b684275a391a86ae1f5a94c95ef3fa 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -2218,6 +2218,11 @@ virSecurityLabelDefFree;
virSecurityLabelDefNew;
+# util/virsecret.h
+virSecretLookupDefClear;
+virSecretLookupDefCopy;
+
+
# util/virsexpr.h
sexpr2string;
sexpr_append;
diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c
index 59898193777c764267f82e63388990ed19f30675..5a3e3a0b6bcdb5dcc8597c9790c644e26707f30c 100644
--- a/src/libxl/libxl_conf.c
+++ b/src/libxl/libxl_conf.c
@@ -656,7 +656,7 @@ libxlMakeNetworkDiskSrc(virStorageSourcePtr src, char **srcstr)
if (!(conn = virConnectOpen("xen:///system")))
goto cleanup;
- if (virSecretGetSecretString(conn, src->auth,
+ if (virSecretGetSecretString(conn, &src->auth->seclookupdef,
VIR_SECRET_USAGE_TYPE_CEPH,
&secret, &secretlen) < 0)
goto cleanup;
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 1f99baa34c0762cae19df7bfaad709071cb251b4..b1c951fb2f0b48c390c0491a372b09f5416ea7cc 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -835,7 +835,7 @@ qemuDomainSecretPlainSetup(virConnectPtr conn,
if (protocol == VIR_STORAGE_NET_PROTOCOL_RBD)
secretType = VIR_SECRET_USAGE_TYPE_CEPH;
- return virSecretGetSecretString(conn, authdef, secretType,
+ return virSecretGetSecretString(conn, &authdef->seclookupdef, secretType,
&secinfo->s.plain.secret,
&secinfo->s.plain.secretlen);
}
@@ -908,7 +908,7 @@ qemuDomainSecretAESSetup(virConnectPtr conn,
goto cleanup;
/* Grab the unencoded secret */
- if (virSecretGetSecretString(conn, authdef, secretType,
+ if (virSecretGetSecretString(conn, &authdef->seclookupdef, secretType,
&secret, &secretlen) < 0)
goto cleanup;
diff --git a/src/secret/secret_util.c b/src/secret/secret_util.c
index 560240164d54a9e059ffd1b8b1c1a635c457b97b..16e43ab2cc9a6965ca58e0bb77d97cecbe86eec5 100644
--- a/src/secret/secret_util.c
+++ b/src/secret/secret_util.c
@@ -36,12 +36,12 @@ VIR_LOG_INIT("secret.secret_util");
/* virSecretGetSecretString:
* @conn: Pointer to the connection driver to make secret driver call
- * @authdef: Pointer to the disk storage authentication
- * @secretUsageType: Type of secret usage for authdef lookup
+ * @seclookupdef: Secret lookup def
+ * @secretUsageType: Type of secret usage for usage lookup
* @secret: returned secret as a sized stream of unsigned chars
* @secret_size: Return size of the secret - either raw text or base64
*
- * Lookup the secret for the authdef usage type and return it as raw text.
+ * Lookup the secret for the usage type and return it as raw text.
* It is up to the caller to encode the secret further.
*
* Returns 0 on success, -1 on failure. On success the memory in secret
@@ -49,7 +49,7 @@ VIR_LOG_INIT("secret.secret_util");
*/
int
virSecretGetSecretString(virConnectPtr conn,
- virStorageAuthDefPtr authdef,
+ virSecretLookupTypeDefPtr seclookupdef,
virSecretUsageType secretUsageType,
uint8_t **secret,
size_t *secret_size)
@@ -57,14 +57,14 @@ virSecretGetSecretString(virConnectPtr conn,
virSecretPtr sec = NULL;
int ret = -1;
- switch (authdef->secretType) {
- case VIR_STORAGE_SECRET_TYPE_UUID:
- sec = conn->secretDriver->secretLookupByUUID(conn, authdef->secret.uuid);
+ switch (seclookupdef->type) {
+ case VIR_SECRET_LOOKUP_TYPE_UUID:
+ sec = conn->secretDriver->secretLookupByUUID(conn, seclookupdef->u.uuid);
break;
- case VIR_STORAGE_SECRET_TYPE_USAGE:
+ case VIR_SECRET_LOOKUP_TYPE_USAGE:
sec = conn->secretDriver->secretLookupByUsage(conn, secretUsageType,
- authdef->secret.usage);
+ seclookupdef->u.usage);
break;
}
diff --git a/src/secret/secret_util.h b/src/secret/secret_util.h
index a03966298c5e5b97c2d53474bc6f9976e17143e2..12b51b1aa2957ea8c2528f90376366ce45ce91d1 100644
--- a/src/secret/secret_util.h
+++ b/src/secret/secret_util.h
@@ -19,17 +19,17 @@
*
*/
-#ifndef __VIR_SECRET_H__
-# define __VIR_SECRET_H__
+#ifndef __VIR_SECRET_UTIL_H__
+# define __VIR_SECRET_UTIL_H__
# include "internal.h"
-# include "virstoragefile.h"
+# include "virsecret.h"
int virSecretGetSecretString(virConnectPtr conn,
- virStorageAuthDefPtr authdef,
+ virSecretLookupTypeDefPtr seclookupdef,
virSecretUsageType secretUsageType,
uint8_t **ret_secret,
size_t *ret_secret_size)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(4)
ATTRIBUTE_NONNULL(5) ATTRIBUTE_RETURN_CHECK;
-#endif /* __VIR_SECRET_H__ */
+#endif /* __VIR_SECRET_UTIL_H__ */
diff --git a/src/storage/storage_backend_iscsi.c b/src/storage/storage_backend_iscsi.c
index 6cefd500b24ecf66bb31188b77829318f03b1bce..e3a41b62a30f5a77254667ff15941ea433f91e89 100644
--- a/src/storage/storage_backend_iscsi.c
+++ b/src/storage/storage_backend_iscsi.c
@@ -286,8 +286,8 @@ virStorageBackendISCSISetAuth(const char *portal,
if (!authdef || authdef->authType == VIR_STORAGE_AUTH_TYPE_NONE)
return 0;
- VIR_DEBUG("username='%s' authType=%d secretType=%d",
- authdef->username, authdef->authType, authdef->secretType);
+ VIR_DEBUG("username='%s' authType=%d seclookupdef.type=%d",
+ authdef->username, authdef->authType, authdef->seclookupdef.type);
if (authdef->authType != VIR_STORAGE_AUTH_TYPE_CHAP) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("iscsi pool only supports 'chap' auth type"));
@@ -301,7 +301,8 @@ virStorageBackendISCSISetAuth(const char *portal,
return -1;
}
- if (virSecretGetSecretString(conn, authdef, VIR_SECRET_USAGE_TYPE_ISCSI,
+ if (virSecretGetSecretString(conn, &authdef->seclookupdef,
+ VIR_SECRET_USAGE_TYPE_ISCSI,
&secret_value, &secret_size) < 0)
goto cleanup;
diff --git a/src/storage/storage_backend_rbd.c b/src/storage/storage_backend_rbd.c
index 64ec54517cfadf57c309b0cf78729667f925fa98..9665fbca3a18fbfc7e4caec3ee8e991e13513275 100644
--- a/src/storage/storage_backend_rbd.c
+++ b/src/storage/storage_backend_rbd.c
@@ -85,7 +85,8 @@ virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDStatePtr ptr,
return -1;
}
- if (virSecretGetSecretString(conn, authdef, VIR_SECRET_USAGE_TYPE_CEPH,
+ if (virSecretGetSecretString(conn, &authdef->seclookupdef,
+ VIR_SECRET_USAGE_TYPE_CEPH,
&secret_value, &secret_value_size) < 0)
goto cleanup;
diff --git a/src/util/virsecret.c b/src/util/virsecret.c
new file mode 100644
index 0000000000000000000000000000000000000000..45ad996f54fe17483f18886741bcec436827caf6
--- /dev/null
+++ b/src/util/virsecret.c
@@ -0,0 +1,57 @@
+/*
+ * virsecret.c: secret utility functions
+ *
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see
+ * .
+ *
+ */
+
+#include
+
+#include "viralloc.h"
+#include "virerror.h"
+#include "virlog.h"
+#include "virsecret.h"
+#include "virstring.h"
+
+#define VIR_FROM_THIS VIR_FROM_NONE
+
+VIR_LOG_INIT("util.secret");
+
+
+void
+virSecretLookupDefClear(virSecretLookupTypeDefPtr def)
+{
+ if (def->type == VIR_SECRET_LOOKUP_TYPE_USAGE)
+ VIR_FREE(def->u.usage);
+ else if (def->type == VIR_SECRET_LOOKUP_TYPE_UUID)
+ memset(&def->u.uuid, 0, VIR_UUID_BUFLEN);
+}
+
+
+int
+virSecretLookupDefCopy(virSecretLookupTypeDefPtr dst,
+ const virSecretLookupTypeDef *src)
+{
+ dst->type = src->type;
+ if (dst->type == VIR_SECRET_LOOKUP_TYPE_UUID) {
+ memcpy(dst->u.uuid, src->u.uuid, VIR_UUID_BUFLEN);
+ } else if (dst->type == VIR_SECRET_LOOKUP_TYPE_USAGE) {
+ if (VIR_STRDUP(dst->u.usage, src->u.usage) < 0)
+ return -1;
+ }
+ return 0;
+}
diff --git a/src/util/virsecret.h b/src/util/virsecret.h
new file mode 100644
index 0000000000000000000000000000000000000000..fb3adb3aabdb5ad2dcc756a2b90de7d95216881c
--- /dev/null
+++ b/src/util/virsecret.h
@@ -0,0 +1,50 @@
+/*
+ * virsecret.h: secret utility functions
+ *
+ * Copyright (C) 2016 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see
+ * .
+ *
+ */
+
+#ifndef __VIR_SECRET_H__
+# define __VIR_SECRET_H__
+
+# include "internal.h"
+
+typedef enum {
+ VIR_SECRET_LOOKUP_TYPE_NONE,
+ VIR_SECRET_LOOKUP_TYPE_UUID,
+ VIR_SECRET_LOOKUP_TYPE_USAGE,
+
+ VIR_SECRET_LOOKUP_TYPE_LAST
+} virSecretLookupType;
+
+typedef struct _virSecretLookupTypeDef virSecretLookupTypeDef;
+typedef virSecretLookupTypeDef *virSecretLookupTypeDefPtr;
+struct _virSecretLookupTypeDef {
+ int type; /* virSecretLookupType */
+ union {
+ unsigned char uuid[VIR_UUID_BUFLEN];
+ char *usage;
+ } u;
+
+};
+
+void virSecretLookupDefClear(virSecretLookupTypeDefPtr def);
+int virSecretLookupDefCopy(virSecretLookupTypeDefPtr dst,
+ const virSecretLookupTypeDef *src);
+
+#endif /* __VIR_SECRET_H__ */
diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c
index d2da9e712fe7e7aab134d1b25e5d36c5a4c97b27..27b54a257ef8681cb6300c8956d28dfa08b7324c 100644
--- a/src/util/virstoragefile.c
+++ b/src/util/virstoragefile.c
@@ -1506,8 +1506,7 @@ virStorageAuthDefFree(virStorageAuthDefPtr authdef)
VIR_FREE(authdef->username);
VIR_FREE(authdef->secrettype);
- if (authdef->secretType == VIR_STORAGE_SECRET_TYPE_USAGE)
- VIR_FREE(authdef->secret.usage);
+ virSecretLookupDefClear(&authdef->seclookupdef);
VIR_FREE(authdef);
}
@@ -1526,13 +1525,10 @@ virStorageAuthDefCopy(const virStorageAuthDef *src)
if (VIR_STRDUP(ret->secrettype, src->secrettype) < 0)
goto error;
ret->authType = src->authType;
- ret->secretType = src->secretType;
- if (ret->secretType == VIR_STORAGE_SECRET_TYPE_UUID) {
- memcpy(ret->secret.uuid, src->secret.uuid, sizeof(ret->secret.uuid));
- } else if (ret->secretType == VIR_STORAGE_SECRET_TYPE_USAGE) {
- if (VIR_STRDUP(ret->secret.usage, src->secret.usage) < 0)
- goto error;
- }
+
+ if (virSecretLookupDefCopy(&ret->seclookupdef, &src->seclookupdef) < 0)
+ goto error;
+
return ret;
error:
@@ -1573,16 +1569,16 @@ virStorageAuthDefParseSecret(xmlXPathContextPtr ctxt,
}
if (uuid) {
- if (virUUIDParse(uuid, authdef->secret.uuid) < 0) {
+ if (virUUIDParse(uuid, authdef->seclookupdef.u.uuid) < 0) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("invalid auth secret uuid"));
goto cleanup;
}
- authdef->secretType = VIR_STORAGE_SECRET_TYPE_UUID;
+ authdef->seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_UUID;
} else {
- authdef->secret.usage = usage;
+ authdef->seclookupdef.u.usage = usage;
usage = NULL;
- authdef->secretType = VIR_STORAGE_SECRET_TYPE_USAGE;
+ authdef->seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_USAGE;
}
ret = 0;
@@ -1625,7 +1621,7 @@ virStorageAuthDefParseXML(xmlXPathContextPtr ctxt)
VIR_FREE(authtype);
}
- authdef->secretType = VIR_STORAGE_SECRET_TYPE_NONE;
+ authdef->seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_NONE;
if (virStorageAuthDefParseSecret(ctxt, authdef) < 0)
goto error;
@@ -1680,12 +1676,12 @@ virStorageAuthDefFormat(virBufferPtr buf,
else
virBufferAddLit(buf, "secretType == VIR_STORAGE_SECRET_TYPE_UUID) {
- virUUIDFormat(authdef->secret.uuid, uuidstr);
+ if (authdef->seclookupdef.type == VIR_SECRET_LOOKUP_TYPE_UUID) {
+ virUUIDFormat(authdef->seclookupdef.u.uuid, uuidstr);
virBufferAsprintf(buf, " uuid='%s'/>\n", uuidstr);
- } else if (authdef->secretType == VIR_STORAGE_SECRET_TYPE_USAGE) {
+ } else if (authdef->seclookupdef.type == VIR_SECRET_LOOKUP_TYPE_USAGE) {
virBufferEscapeString(buf, " usage='%s'/>\n",
- authdef->secret.usage);
+ authdef->seclookupdef.u.usage);
} else {
virBufferAddLit(buf, "/>\n");
}
diff --git a/src/util/virstoragefile.h b/src/util/virstoragefile.h
index b88e71564a23df9ef1e75d7b4cd6b6d9dc5f85b7..71a8b3a9b75c3a126a45b37ac8caf784d3801139 100644
--- a/src/util/virstoragefile.h
+++ b/src/util/virstoragefile.h
@@ -1,7 +1,7 @@
/*
* virstoragefile.h: file utility functions for FS storage backend
*
- * Copyright (C) 2007-2009, 2012-2014 Red Hat, Inc.
+ * Copyright (C) 2007-2009, 2012-2016 Red Hat, Inc.
* Copyright (C) 2007-2008 Daniel P. Berrange
*
* This library is free software; you can redistribute it and/or
@@ -28,6 +28,7 @@
# include "virseclabel.h"
# include "virstorageencryption.h"
# include "virutil.h"
+# include "virsecret.h"
/* Minimum header size required to probe all known formats with
* virStorageFileProbeFormat, or obtain metadata from a known format.
@@ -201,25 +202,13 @@ typedef enum {
} virStorageAuthType;
VIR_ENUM_DECL(virStorageAuth)
-typedef enum {
- VIR_STORAGE_SECRET_TYPE_NONE,
- VIR_STORAGE_SECRET_TYPE_UUID,
- VIR_STORAGE_SECRET_TYPE_USAGE,
-
- VIR_STORAGE_SECRET_TYPE_LAST
-} virStorageSecretType;
-
typedef struct _virStorageAuthDef virStorageAuthDef;
typedef virStorageAuthDef *virStorageAuthDefPtr;
struct _virStorageAuthDef {
char *username;
char *secrettype; /* disks[i];
if (disk->src->auth) {
- disk->src->auth->secretType = VIR_STORAGE_SECRET_TYPE_USAGE;
- if (VIR_STRDUP(disk->src->auth->secret.usage,
+ disk->src->auth->seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_USAGE;
+ if (VIR_STRDUP(disk->src->auth->seclookupdef.u.usage,
"qemuargv2xml_usage") < 0)
goto fail;
}