- 24 9月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
To allow creation of a virNetSocketPtr instance from a pre-opened socketpair FD, add a virNetSocketNewConnectSockFD method. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 12 7月, 2013 1 次提交
-
-
由 Peter Krempa 提交于
This patch enables the password authentication in the libssh2 connection driver. There are a few benefits to this step: 1) Hosts with challenge response authentication will now be supported with the libssh2 connection driver. 2) Credential for hosts can now be stored in the authentication credential config file
-
- 08 5月, 2013 2 次提交
-
-
由 Daniel P. Berrange 提交于
Since PIDs can be reused, polkit prefers to be given a (PID,start time) pair. If given a PID on its own, it will attempt to lookup the start time in /proc/pid/stat, though this is subject to races. It is safer if the client app resolves the PID start time itself, because as long as the app has the client socket open, the client PID won't be reused. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
There are various methods named "virXXXXSecurityContext", which are specific to SELinux. Rename them all to "virXXXXSELinuxContext". They will still raise errors at runtime if SELinux is not compiled in Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 19 3月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
A socket object has various pieces of security data associated with it, such as the SELinux context, the SASL username and the x509 distinguished name. Add new APIs to virNetServerClient and related modules to access this data. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 14 1月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
-
- 11 1月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 09 1月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
Add checks for existence of GNUTLS and automatically disable it if not found. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 21 12月, 2012 2 次提交
-
-
由 Daniel P. Berrange 提交于
-
由 Daniel P. Berrange 提交于
-
- 16 10月, 2012 1 次提交
-
-
由 Daniel P. Berrange 提交于
Add two new APIs virNetSocketNewPostExecRestart and virNetSocketPreExecRestart which allow a virNetSocketPtr object to be created from a JSON object and saved to a JSON object, for the purpose of re-exec'ing a process. As well as saving the state in JSON format, the second method will disable the O_CLOEXEC flag so that the open file descriptors are preserved across the process re-exec() Since it is not possible to serialize SASL or TLS encryption state, an error will be raised if attempting to perform serialization on non-raw sockets Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 21 9月, 2012 1 次提交
-
-
由 Eric Blake 提交于
https://www.gnu.org/licenses/gpl-howto.html recommends that the 'If not, see <url>.' phrase be a separate sentence. * tests/securityselinuxhelper.c: Remove doubled line. * tests/securityselinuxtest.c: Likewise. * globally: s/; If/. If/
-
- 21 8月, 2012 1 次提交
-
-
由 Peter Krempa 提交于
This patch enables virNetSocket to be used as an ssh client when properly configured. This patch adds function virNetSocketNewConnectLibSSH2() that takes all needed parameters and creates a libssh2 session and performs steps needed to open the connection and then create a virNetSocket that seamlesly encapsulates the communication.
-
- 20 8月, 2012 1 次提交
-
-
由 Daniel P. Berrange 提交于
In order to support systemd socket based activation, it needs to be possible to create virNetSocketPtr and virNetServerServicePtr instance from a pre-opened file descriptor
-
- 07 8月, 2012 1 次提交
-
-
由 Daniel P. Berrange 提交于
Make virSocket use the virObject APIs for reference counting Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 23 7月, 2012 1 次提交
-
-
由 Osier Yang 提交于
Per the FSF address could be changed from time to time, and GNU recommends the following now: (http://www.gnu.org/licenses/gpl-howto.html) You should have received a copy of the GNU General Public License along with Foobar. If not, see <http://www.gnu.org/licenses/>. This patch removes the explicit FSF address, and uses above instead (of course, with inserting 'Lesser' before 'General'). Except a bunch of files for security driver, all others are changed automatically, the copyright for securify files are not complete, that's why to do it manually: src/security/security_selinux.h src/security/security_driver.h src/security/security_selinux.c src/security/security_apparmor.h src/security/security_apparmor.c src/security/security_driver.c
-
- 19 1月, 2012 2 次提交
-
-
由 Daniel P. Berrange 提交于
To avoid a namespace clash with forthcoming identity APIs, rename the virNet*GetLocalIdentity() APIs to have the form virNet*GetUNIXIdentity() * daemon/remote.c, src/libvirt_private.syms: Update for renamed APIs * src/rpc/virnetserverclient.c, src/rpc/virnetserverclient.h, src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: s/LocalIdentity/UNIXIdentity/
-
由 Daniel P. Berrange 提交于
* daemon/remote.c, src/rpc/virnetserverclient.c, src/rpc/virnetserverclient.h, src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: Add gid parameter
-
- 16 11月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
Add a new virNetClientSendNonBlock which returns 2 on full send, 1 on partial send, 0 on no send, -1 on error If a partial send occurs, then a subsequent call to any of the virNetClientSend* APIs will finish any outstanding I/O. TODO: the virNetClientEvent event handler could be used to speed up completion of partial sends if an event loop is present. * src/rpc/virnetsocket.h, src/rpc/virnetsocket.c: Add new virNetSocketHasPendingData() API to test for cached data pending send. * src/rpc/virnetclient.c, src/rpc/virnetclient.h: Add new virNetClientSendNonBlock() API to send non-blocking API
-
- 15 11月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
The src/util/network.c file is a dumping ground for many different APIs. Split it up into 5 pieces, along functional lines - src/util/virnetdevbandwidth.c: virNetDevBandwidth type & helper APIs - src/util/virnetdevvportprofile.c: virNetDevVPortProfile type & helper APIs - src/util/virsocketaddr.c: virSocketAddr and APIs - src/conf/netdev_bandwidth_conf.c: XML parsing / formatting for virNetDevBandwidth - src/conf/netdev_vport_profile_conf.c: XML parsing / formatting for virNetDevVPortProfile * src/util/network.c, src/util/network.h: Split into 5 pieces * src/conf/netdev_bandwidth_conf.c, src/conf/netdev_bandwidth_conf.h, src/conf/netdev_vport_profile_conf.c, src/conf/netdev_vport_profile_conf.h, src/util/virnetdevbandwidth.c, src/util/virnetdevbandwidth.h, src/util/virnetdevvportprofile.c, src/util/virnetdevvportprofile.h, src/util/virsocketaddr.c, src/util/virsocketaddr.h: New pieces * daemon/libvirtd.h, daemon/remote.c, src/conf/domain_conf.c, src/conf/domain_conf.h, src/conf/network_conf.c, src/conf/network_conf.h, src/conf/nwfilter_conf.h, src/esx/esx_util.h, src/network/bridge_driver.c, src/qemu/qemu_conf.c, src/rpc/virnetsocket.c, src/rpc/virnetsocket.h, src/util/dnsmasq.h, src/util/interface.h, src/util/iptables.h, src/util/macvtap.c, src/util/macvtap.h, src/util/virnetdev.h, src/util/virnetdevtap.c, tools/virsh.c: Update include files
-
- 07 11月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
The code calling sendfd/recvfd was mistakenly assuming those calls would never block. They can in fact return EAGAIN and this is causing us to drop the client connection when blocking ocurrs while sending/receiving FDs. Fixing this is a little hairy on the incoming side, since at the point where we see the EAGAIN, we already thought we had finished receiving all data for the packet. So we play a little trick to reset bufferOffset again and go back into polling for more data. * src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: Update virNetSocketSendFD/RecvFD to return 0 on EAGAIN, or 1 on success * src/rpc/virnetclient.c: Move decoding of header & fds out of virNetClientCallDispatch and into virNetClientIOHandleInput. Handling blocking when sending/receiving FDs * src/rpc/virnetmessage.h: Add a 'donefds' field to track how many FDs we've sent / received * src/rpc/virnetserverclient.c: Handling blocking when sending/receiving FDs
-
- 28 10月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
Add APIs to the virNetSocket object, to allow file descriptors to be sent/received over UNIX domain socket connections * src/rpc/virnetsocket.c, src/rpc/virnetsocket.h, src/libvirt_private.syms: Add APIs for FD send/recv
-
- 11 10月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
Instead of directly manipulating sock->refs, add a virSocketRef API * src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: Add virSocketRef
-
- 15 8月, 2011 3 次提交
-
-
由 Jiri Denemark 提交于
This patch allows owner's UID to be changed as well.
-
由 Jiri Denemark 提交于
So that callers can change the default value.
-
由 Daniel P. Berrange 提交于
* src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: Add virNetSocketDupFD() * src/rpc/virnetclient.c, src/rpc/virnetclient.h: Add virNetClientDupFD() and virNetClientGetFD()
-
- 04 8月, 2011 1 次提交
-
-
由 Osier Yang 提交于
This patch introduces a internal RPC API "virNetServerClose", which is standalone with "virNetServerFree". it closes all the socket fds, and unlinks the unix socket paths, regardless of whether the socket is still referenced or not. This is to address regression bug: https://bugzilla.redhat.com/show_bug.cgi?id=725702
-
- 22 7月, 2011 1 次提交
-
-
由 Oskari Saarenmaa 提交于
New optional parameter "keyfile" for ssh transport allows the user to select the private key to be used to authenticate to the remote host.
-
- 19 7月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
When unregistering an I/O callback from a virNetSocket object, there is still a chance that an event may come in on the callback. In this case it is possible that the virNetSocket might have been freed already. Make use of a virFreeCallback when registering the I/O callbacks and hold a reference for the entire time the callback is set. * src/rpc/virnetsocket.c: Register a free function for the file handle watch * src/rpc/virnetsocket.h, src/rpc/virnetserverservice.c, src/rpc/virnetserverclient.c, src/rpc/virnetclient.c: Add a free function for the socket I/O watches
-
- 12 7月, 2011 1 次提交
-
-
由 Oskari Saarenmaa 提交于
Set StrictHostKeyChecking=no to auto-accept new ssh host keys if the no_verify extra parameter was specified. This won't disable host key checking for already known hosts. Includes a test and documentation.
-
- 24 6月, 2011 3 次提交
-
-
由 Daniel P. Berrange 提交于
Allow RPC servers to advertise themselves using MDNS, via Avahi * src/rpc/virnetserver.c, src/rpc/virnetserver.h: Allow registration of MDNS services via avahi * src/rpc/virnetserverservice.c, src/rpc/virnetserverservice.h: Add API to fetch the listen port number * src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: Add API to fetch the local port number * src/rpc/virnetservermdns.c, src/rpc/virnetservermdns.h: Represent an MDNS advertisement
-
由 Daniel P. Berrange 提交于
This extends the basic virNetSocket APIs to allow them to have a handle to the TLS/SASL session objects, once established. This ensures that any data reads/writes are automagically passed through the TLS/SASL encryption layers if required. * src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: Wire up SASL/TLS encryption
-
由 Daniel P. Berrange 提交于
Introduces a simple wrapper around the raw POSIX sockets APIs and name resolution APIs. Allows for easy creation of client and server sockets with correct usage of name resolution APIs for protocol agnostic socket setup. It can listen for UNIX and TCP stream sockets. It can connect to UNIX, TCP streams directly, or indirectly to UNIX sockets via an SSH tunnel or external command * src/Makefile.am: Add to libvirt-net-rpc.la * src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: Generic sockets APIs * tests/Makefile.am: Add socket test * tests/virnetsockettest.c: New test case * tests/testutils.c: Avoid overriding LIBVIRT_DEBUG settings * tests/ssh.c: Dumb helper program for SSH tunnelling tests
-