diff --git a/include/libvirt/libvirt.h.in b/include/libvirt/libvirt.h.in index f4f0eebae15af877f725f82e2a17964846e6cd10..650bd1d3b52c51e71e0eb6acbbdad041a75ba43d 100644 --- a/include/libvirt/libvirt.h.in +++ b/include/libvirt/libvirt.h.in @@ -3249,6 +3249,27 @@ int virConnectNumOfSecrets (virConnectPtr conn); int virConnectListSecrets (virConnectPtr conn, char **uuids, int maxuuids); + +/* + * virConnectListAllSecrets: + * + * Flags used to filter the returned secrets. Flags in each group + * are exclusive attributes of a secret. + */ +typedef enum { + VIR_CONNECT_LIST_SECRETS_EPHEMERAL = 1 << 0, /* kept in memory, never + stored persistently */ + VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL = 1 << 1, + + VIR_CONNECT_LIST_SECRETS_PRIVATE = 1 << 2, /* not revealed to any caller + of libvirt, nor to any other + node */ + VIR_CONNECT_LIST_SECRETS_NO_PRIVATE = 1 << 3, +} virConnectListAllSecretsFlags; + +int virConnectListAllSecrets(virConnectPtr conn, + virSecretPtr **secrets, + unsigned int flags); virSecretPtr virSecretLookupByUUID(virConnectPtr conn, const unsigned char *uuid); virSecretPtr virSecretLookupByUUIDString(virConnectPtr conn, diff --git a/python/generator.py b/python/generator.py index d3163e439b76f4cc2079d919ae47ea6f0d7713dc..955c893dad4a058da3f4d2f4a9735b3f6509d8ac 100755 --- a/python/generator.py +++ b/python/generator.py @@ -466,6 +466,7 @@ skip_function = ( 'virConnectListAllInterfaces', # overridden in virConnect.py 'virConnectListAllNodeDevices', # overridden in virConnect.py 'virConnectListAllNWFilters', # overridden in virConnect.py + 'virConnectListAllSecrets', # overridden in virConnect.py 'virStreamRecvAll', # Pure python libvirt-override-virStream.py 'virStreamSendAll', # Pure python libvirt-override-virStream.py diff --git a/src/driver.h b/src/driver.h index 9984a8524767bc8a070a4347dc11dce4a603c6dc..3e69daeb0646b02eafa7ac1d734a7631cf55e71e 100644 --- a/src/driver.h +++ b/src/driver.h @@ -1567,6 +1567,10 @@ typedef int (*virDrvListSecrets) (virConnectPtr conn, char **uuids, int maxuuids); +typedef int + (*virDrvListAllSecrets) (virConnectPtr conn, + virSecretPtr **secrets, + unsigned int flags); typedef struct _virSecretDriver virSecretDriver; typedef virSecretDriver *virSecretDriverPtr; @@ -1588,6 +1592,7 @@ struct _virSecretDriver { virDrvNumOfSecrets numOfSecrets; virDrvListSecrets listSecrets; + virDrvListAllSecrets listAllSecrets; virDrvSecretLookupByUUID lookupByUUID; virDrvSecretLookupByUsage lookupByUsage; virDrvSecretDefineXML defineXML; diff --git a/src/libvirt.c b/src/libvirt.c index a7b8ae5e3286eb215fb8c0a14675874f6e3f422d..38a745d4cc2dc3d6479d73e14476b97bfce48667 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -14593,6 +14593,73 @@ error: return -1; } +/** + * virConnectListAllSecrets: + * @conn: Pointer to the hypervisor connection. + * @secrets: Pointer to a variable to store the array containing the secret + * objects or NULL if the list is not required (just returns the + * number of secrets). + * @flags: extra flags; not used yet, so callers should always pass 0 + * + * Collect the list of secrets, and allocate an array to store those + * objects. + * + * Normally, all secrets are returned; however, @flags can be used to + * filter the results for a smaller list of targeted secrets. The valid + * flags are divided into groups, where each group contains bits that + * describe mutually exclusive attributes of a secret, and where all bits + * within a group describe all possible secrets. + * + * The first group of @flags is used to filter secrets by its storage + * location. Flag VIR_CONNECT_LIST_SECRETS_EPHEMERAL selects secrets that + * are kept only in memory. Flag VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL + * selects secrets that are kept in persistent storage. + * + * The second group of @flags is used to filter secrets by privacy. Flag + * VIR_CONNECT_LIST_SECRETS_PRIVATE seclets secrets that are never revealed + * to any caller of libvirt nor to any other node. Flag + * VIR_CONNECT_LIST_SECRETS_NO_PRIVATE selects non-private secrets. + * + * Returns the number of secrets found or -1 and sets @secrets to NULL in case + * of error. On success, the array stored into @secrets is guaranteed to + * have an extra allocated element set to NULL but not included in the return count, + * to make iteration easier. The caller is responsible for calling + * virSecretFree() on each array element, then calling free() on @secrets. + */ +int +virConnectListAllSecrets(virConnectPtr conn, + virSecretPtr **secrets, + unsigned int flags) +{ + VIR_DEBUG("conn=%p, secrets=%p, flags=%x", conn, secrets, flags); + + virResetLastError(); + + if (secrets) + *secrets = NULL; + + if (!VIR_IS_CONNECT(conn)) { + virLibConnError(VIR_ERR_INVALID_CONN, __FUNCTION__); + virDispatchError(NULL); + return -1; + } + + if (conn->secretDriver && + conn->secretDriver->listAllSecrets) { + int ret; + ret = conn->secretDriver->listAllSecrets(conn, secrets, flags); + if (ret < 0) + goto error; + return ret; + } + + virLibConnError(VIR_ERR_NO_SUPPORT, __FUNCTION__); + +error: + virDispatchError(conn); + return -1; +} + /** * virConnectListSecrets: * @conn: virConnect connection diff --git a/src/libvirt_public.syms b/src/libvirt_public.syms index a918bc8ae37f1feef01d31912c6c1174506c1ddc..828b31581aad9e0a8272aeec6c2ca5bee2ca07b1 100644 --- a/src/libvirt_public.syms +++ b/src/libvirt_public.syms @@ -560,6 +560,7 @@ LIBVIRT_0.10.2 { virConnectListAllNetworks; virConnectListAllNodeDevices; virConnectListAllNWFilters; + virConnectListAllSecrets; virConnectListAllStoragePools; virStoragePoolListAllVolumes; } LIBVIRT_0.10.0;