From 1eca5f6581c60de6798ca9b4896335aafdebaae4 Mon Sep 17 00:00:00 2001 From: John Ferlan Date: Sat, 28 May 2016 08:43:23 -0400 Subject: [PATCH] secret: Move virStorageSecretType and rename Move the enum into a new src/util/virsecret.h, rename it to be virSecretLookupType. Add a src/util/virsecret.h in order to perform a couple of simple operations on the secret XML and virSecretLookupTypeDef for clearing and copying. This includes quite a bit of collateral damage, but the goal is to remove the "virStorage*" and replace with the virSecretLookupType so that it's easier to to add new lookups that aren't necessarily storage pool related. Signed-off-by: John Ferlan --- src/Makefile.am | 1 + src/conf/secret_conf.h | 2 +- src/libvirt_private.syms | 5 +++ src/libxl/libxl_conf.c | 2 +- src/qemu/qemu_domain.c | 4 +- src/secret/secret_util.c | 18 ++++----- src/secret/secret_util.h | 10 ++--- src/storage/storage_backend_iscsi.c | 7 ++-- src/storage/storage_backend_rbd.c | 3 +- src/util/virsecret.c | 57 +++++++++++++++++++++++++++++ src/util/virsecret.h | 50 +++++++++++++++++++++++++ src/util/virstoragefile.c | 32 +++++++--------- src/util/virstoragefile.h | 17 ++------- tests/qemuargv2xmltest.c | 4 +- 14 files changed, 156 insertions(+), 56 deletions(-) create mode 100644 src/util/virsecret.c create mode 100644 src/util/virsecret.h diff --git a/src/Makefile.am b/src/Makefile.am index a14cb3f83f..214580e5f6 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -161,6 +161,7 @@ UTIL_SOURCES = \ util/virrotatingfile.h util/virrotatingfile.c \ util/virscsi.c util/virscsi.h \ util/virseclabel.c util/virseclabel.h \ + util/virsecret.c util/virsecret.h \ util/virsexpr.c util/virsexpr.h \ util/virsocketaddr.h util/virsocketaddr.c \ util/virstats.c util/virstats.h \ diff --git a/src/conf/secret_conf.h b/src/conf/secret_conf.h index ca1afec196..4584403dcb 100644 --- a/src/conf/secret_conf.h +++ b/src/conf/secret_conf.h @@ -35,7 +35,7 @@ struct _virSecretDef { bool isprivate; unsigned char uuid[VIR_UUID_BUFLEN]; char *description; /* May be NULL */ - int usage_type; + int usage_type; /* virSecretUsageType */ union { char *volume; /* May be NULL */ char *ceph; diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 501c23e67f..21223a80d6 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -2218,6 +2218,11 @@ virSecurityLabelDefFree; virSecurityLabelDefNew; +# util/virsecret.h +virSecretLookupDefClear; +virSecretLookupDefCopy; + + # util/virsexpr.h sexpr2string; sexpr_append; diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c index 5989819377..5a3e3a0b6b 100644 --- a/src/libxl/libxl_conf.c +++ b/src/libxl/libxl_conf.c @@ -656,7 +656,7 @@ libxlMakeNetworkDiskSrc(virStorageSourcePtr src, char **srcstr) if (!(conn = virConnectOpen("xen:///system"))) goto cleanup; - if (virSecretGetSecretString(conn, src->auth, + if (virSecretGetSecretString(conn, &src->auth->seclookupdef, VIR_SECRET_USAGE_TYPE_CEPH, &secret, &secretlen) < 0) goto cleanup; diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 1f99baa34c..b1c951fb2f 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -835,7 +835,7 @@ qemuDomainSecretPlainSetup(virConnectPtr conn, if (protocol == VIR_STORAGE_NET_PROTOCOL_RBD) secretType = VIR_SECRET_USAGE_TYPE_CEPH; - return virSecretGetSecretString(conn, authdef, secretType, + return virSecretGetSecretString(conn, &authdef->seclookupdef, secretType, &secinfo->s.plain.secret, &secinfo->s.plain.secretlen); } @@ -908,7 +908,7 @@ qemuDomainSecretAESSetup(virConnectPtr conn, goto cleanup; /* Grab the unencoded secret */ - if (virSecretGetSecretString(conn, authdef, secretType, + if (virSecretGetSecretString(conn, &authdef->seclookupdef, secretType, &secret, &secretlen) < 0) goto cleanup; diff --git a/src/secret/secret_util.c b/src/secret/secret_util.c index 560240164d..16e43ab2cc 100644 --- a/src/secret/secret_util.c +++ b/src/secret/secret_util.c @@ -36,12 +36,12 @@ VIR_LOG_INIT("secret.secret_util"); /* virSecretGetSecretString: * @conn: Pointer to the connection driver to make secret driver call - * @authdef: Pointer to the disk storage authentication - * @secretUsageType: Type of secret usage for authdef lookup + * @seclookupdef: Secret lookup def + * @secretUsageType: Type of secret usage for usage lookup * @secret: returned secret as a sized stream of unsigned chars * @secret_size: Return size of the secret - either raw text or base64 * - * Lookup the secret for the authdef usage type and return it as raw text. + * Lookup the secret for the usage type and return it as raw text. * It is up to the caller to encode the secret further. * * Returns 0 on success, -1 on failure. On success the memory in secret @@ -49,7 +49,7 @@ VIR_LOG_INIT("secret.secret_util"); */ int virSecretGetSecretString(virConnectPtr conn, - virStorageAuthDefPtr authdef, + virSecretLookupTypeDefPtr seclookupdef, virSecretUsageType secretUsageType, uint8_t **secret, size_t *secret_size) @@ -57,14 +57,14 @@ virSecretGetSecretString(virConnectPtr conn, virSecretPtr sec = NULL; int ret = -1; - switch (authdef->secretType) { - case VIR_STORAGE_SECRET_TYPE_UUID: - sec = conn->secretDriver->secretLookupByUUID(conn, authdef->secret.uuid); + switch (seclookupdef->type) { + case VIR_SECRET_LOOKUP_TYPE_UUID: + sec = conn->secretDriver->secretLookupByUUID(conn, seclookupdef->u.uuid); break; - case VIR_STORAGE_SECRET_TYPE_USAGE: + case VIR_SECRET_LOOKUP_TYPE_USAGE: sec = conn->secretDriver->secretLookupByUsage(conn, secretUsageType, - authdef->secret.usage); + seclookupdef->u.usage); break; } diff --git a/src/secret/secret_util.h b/src/secret/secret_util.h index a03966298c..12b51b1aa2 100644 --- a/src/secret/secret_util.h +++ b/src/secret/secret_util.h @@ -19,17 +19,17 @@ * */ -#ifndef __VIR_SECRET_H__ -# define __VIR_SECRET_H__ +#ifndef __VIR_SECRET_UTIL_H__ +# define __VIR_SECRET_UTIL_H__ # include "internal.h" -# include "virstoragefile.h" +# include "virsecret.h" int virSecretGetSecretString(virConnectPtr conn, - virStorageAuthDefPtr authdef, + virSecretLookupTypeDefPtr seclookupdef, virSecretUsageType secretUsageType, uint8_t **ret_secret, size_t *ret_secret_size) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(4) ATTRIBUTE_NONNULL(5) ATTRIBUTE_RETURN_CHECK; -#endif /* __VIR_SECRET_H__ */ +#endif /* __VIR_SECRET_UTIL_H__ */ diff --git a/src/storage/storage_backend_iscsi.c b/src/storage/storage_backend_iscsi.c index 6cefd500b2..e3a41b62a3 100644 --- a/src/storage/storage_backend_iscsi.c +++ b/src/storage/storage_backend_iscsi.c @@ -286,8 +286,8 @@ virStorageBackendISCSISetAuth(const char *portal, if (!authdef || authdef->authType == VIR_STORAGE_AUTH_TYPE_NONE) return 0; - VIR_DEBUG("username='%s' authType=%d secretType=%d", - authdef->username, authdef->authType, authdef->secretType); + VIR_DEBUG("username='%s' authType=%d seclookupdef.type=%d", + authdef->username, authdef->authType, authdef->seclookupdef.type); if (authdef->authType != VIR_STORAGE_AUTH_TYPE_CHAP) { virReportError(VIR_ERR_XML_ERROR, "%s", _("iscsi pool only supports 'chap' auth type")); @@ -301,7 +301,8 @@ virStorageBackendISCSISetAuth(const char *portal, return -1; } - if (virSecretGetSecretString(conn, authdef, VIR_SECRET_USAGE_TYPE_ISCSI, + if (virSecretGetSecretString(conn, &authdef->seclookupdef, + VIR_SECRET_USAGE_TYPE_ISCSI, &secret_value, &secret_size) < 0) goto cleanup; diff --git a/src/storage/storage_backend_rbd.c b/src/storage/storage_backend_rbd.c index 64ec54517c..9665fbca3a 100644 --- a/src/storage/storage_backend_rbd.c +++ b/src/storage/storage_backend_rbd.c @@ -85,7 +85,8 @@ virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDStatePtr ptr, return -1; } - if (virSecretGetSecretString(conn, authdef, VIR_SECRET_USAGE_TYPE_CEPH, + if (virSecretGetSecretString(conn, &authdef->seclookupdef, + VIR_SECRET_USAGE_TYPE_CEPH, &secret_value, &secret_value_size) < 0) goto cleanup; diff --git a/src/util/virsecret.c b/src/util/virsecret.c new file mode 100644 index 0000000000..45ad996f54 --- /dev/null +++ b/src/util/virsecret.c @@ -0,0 +1,57 @@ +/* + * virsecret.c: secret utility functions + * + * Copyright (C) 2016 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * . + * + */ + +#include + +#include "viralloc.h" +#include "virerror.h" +#include "virlog.h" +#include "virsecret.h" +#include "virstring.h" + +#define VIR_FROM_THIS VIR_FROM_NONE + +VIR_LOG_INIT("util.secret"); + + +void +virSecretLookupDefClear(virSecretLookupTypeDefPtr def) +{ + if (def->type == VIR_SECRET_LOOKUP_TYPE_USAGE) + VIR_FREE(def->u.usage); + else if (def->type == VIR_SECRET_LOOKUP_TYPE_UUID) + memset(&def->u.uuid, 0, VIR_UUID_BUFLEN); +} + + +int +virSecretLookupDefCopy(virSecretLookupTypeDefPtr dst, + const virSecretLookupTypeDef *src) +{ + dst->type = src->type; + if (dst->type == VIR_SECRET_LOOKUP_TYPE_UUID) { + memcpy(dst->u.uuid, src->u.uuid, VIR_UUID_BUFLEN); + } else if (dst->type == VIR_SECRET_LOOKUP_TYPE_USAGE) { + if (VIR_STRDUP(dst->u.usage, src->u.usage) < 0) + return -1; + } + return 0; +} diff --git a/src/util/virsecret.h b/src/util/virsecret.h new file mode 100644 index 0000000000..fb3adb3aab --- /dev/null +++ b/src/util/virsecret.h @@ -0,0 +1,50 @@ +/* + * virsecret.h: secret utility functions + * + * Copyright (C) 2016 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * . + * + */ + +#ifndef __VIR_SECRET_H__ +# define __VIR_SECRET_H__ + +# include "internal.h" + +typedef enum { + VIR_SECRET_LOOKUP_TYPE_NONE, + VIR_SECRET_LOOKUP_TYPE_UUID, + VIR_SECRET_LOOKUP_TYPE_USAGE, + + VIR_SECRET_LOOKUP_TYPE_LAST +} virSecretLookupType; + +typedef struct _virSecretLookupTypeDef virSecretLookupTypeDef; +typedef virSecretLookupTypeDef *virSecretLookupTypeDefPtr; +struct _virSecretLookupTypeDef { + int type; /* virSecretLookupType */ + union { + unsigned char uuid[VIR_UUID_BUFLEN]; + char *usage; + } u; + +}; + +void virSecretLookupDefClear(virSecretLookupTypeDefPtr def); +int virSecretLookupDefCopy(virSecretLookupTypeDefPtr dst, + const virSecretLookupTypeDef *src); + +#endif /* __VIR_SECRET_H__ */ diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c index d2da9e712f..27b54a257e 100644 --- a/src/util/virstoragefile.c +++ b/src/util/virstoragefile.c @@ -1506,8 +1506,7 @@ virStorageAuthDefFree(virStorageAuthDefPtr authdef) VIR_FREE(authdef->username); VIR_FREE(authdef->secrettype); - if (authdef->secretType == VIR_STORAGE_SECRET_TYPE_USAGE) - VIR_FREE(authdef->secret.usage); + virSecretLookupDefClear(&authdef->seclookupdef); VIR_FREE(authdef); } @@ -1526,13 +1525,10 @@ virStorageAuthDefCopy(const virStorageAuthDef *src) if (VIR_STRDUP(ret->secrettype, src->secrettype) < 0) goto error; ret->authType = src->authType; - ret->secretType = src->secretType; - if (ret->secretType == VIR_STORAGE_SECRET_TYPE_UUID) { - memcpy(ret->secret.uuid, src->secret.uuid, sizeof(ret->secret.uuid)); - } else if (ret->secretType == VIR_STORAGE_SECRET_TYPE_USAGE) { - if (VIR_STRDUP(ret->secret.usage, src->secret.usage) < 0) - goto error; - } + + if (virSecretLookupDefCopy(&ret->seclookupdef, &src->seclookupdef) < 0) + goto error; + return ret; error: @@ -1573,16 +1569,16 @@ virStorageAuthDefParseSecret(xmlXPathContextPtr ctxt, } if (uuid) { - if (virUUIDParse(uuid, authdef->secret.uuid) < 0) { + if (virUUIDParse(uuid, authdef->seclookupdef.u.uuid) < 0) { virReportError(VIR_ERR_XML_ERROR, "%s", _("invalid auth secret uuid")); goto cleanup; } - authdef->secretType = VIR_STORAGE_SECRET_TYPE_UUID; + authdef->seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_UUID; } else { - authdef->secret.usage = usage; + authdef->seclookupdef.u.usage = usage; usage = NULL; - authdef->secretType = VIR_STORAGE_SECRET_TYPE_USAGE; + authdef->seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_USAGE; } ret = 0; @@ -1625,7 +1621,7 @@ virStorageAuthDefParseXML(xmlXPathContextPtr ctxt) VIR_FREE(authtype); } - authdef->secretType = VIR_STORAGE_SECRET_TYPE_NONE; + authdef->seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_NONE; if (virStorageAuthDefParseSecret(ctxt, authdef) < 0) goto error; @@ -1680,12 +1676,12 @@ virStorageAuthDefFormat(virBufferPtr buf, else virBufferAddLit(buf, "secretType == VIR_STORAGE_SECRET_TYPE_UUID) { - virUUIDFormat(authdef->secret.uuid, uuidstr); + if (authdef->seclookupdef.type == VIR_SECRET_LOOKUP_TYPE_UUID) { + virUUIDFormat(authdef->seclookupdef.u.uuid, uuidstr); virBufferAsprintf(buf, " uuid='%s'/>\n", uuidstr); - } else if (authdef->secretType == VIR_STORAGE_SECRET_TYPE_USAGE) { + } else if (authdef->seclookupdef.type == VIR_SECRET_LOOKUP_TYPE_USAGE) { virBufferEscapeString(buf, " usage='%s'/>\n", - authdef->secret.usage); + authdef->seclookupdef.u.usage); } else { virBufferAddLit(buf, "/>\n"); } diff --git a/src/util/virstoragefile.h b/src/util/virstoragefile.h index b88e71564a..71a8b3a9b7 100644 --- a/src/util/virstoragefile.h +++ b/src/util/virstoragefile.h @@ -1,7 +1,7 @@ /* * virstoragefile.h: file utility functions for FS storage backend * - * Copyright (C) 2007-2009, 2012-2014 Red Hat, Inc. + * Copyright (C) 2007-2009, 2012-2016 Red Hat, Inc. * Copyright (C) 2007-2008 Daniel P. Berrange * * This library is free software; you can redistribute it and/or @@ -28,6 +28,7 @@ # include "virseclabel.h" # include "virstorageencryption.h" # include "virutil.h" +# include "virsecret.h" /* Minimum header size required to probe all known formats with * virStorageFileProbeFormat, or obtain metadata from a known format. @@ -201,25 +202,13 @@ typedef enum { } virStorageAuthType; VIR_ENUM_DECL(virStorageAuth) -typedef enum { - VIR_STORAGE_SECRET_TYPE_NONE, - VIR_STORAGE_SECRET_TYPE_UUID, - VIR_STORAGE_SECRET_TYPE_USAGE, - - VIR_STORAGE_SECRET_TYPE_LAST -} virStorageSecretType; - typedef struct _virStorageAuthDef virStorageAuthDef; typedef virStorageAuthDef *virStorageAuthDefPtr; struct _virStorageAuthDef { char *username; char *secrettype; /* disks[i]; if (disk->src->auth) { - disk->src->auth->secretType = VIR_STORAGE_SECRET_TYPE_USAGE; - if (VIR_STRDUP(disk->src->auth->secret.usage, + disk->src->auth->seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_USAGE; + if (VIR_STRDUP(disk->src->auth->seclookupdef.u.usage, "qemuargv2xml_usage") < 0) goto fail; } -- GitLab