1. 18 9月, 2013 1 次提交
    • D
      Add support for using 3-arg pkcheck syntax for process (CVE-2013-4311) · 922b7fda
      Daniel P. Berrange 提交于
      With the existing pkcheck (pid, start time) tuple for identifying
      the process, there is a race condition, where a process can make
      a libvirt RPC call and in another thread exec a setuid application,
      causing it to change to effective UID 0. This in turn causes polkit
      to do its permission check based on the wrong UID.
      
      To address this, libvirt must get the UID the caller had at time
      of connect() (from SO_PEERCRED) and pass a (pid, start time, uid)
      triple to the pkcheck program.
      
      This fix requires that libvirt is re-built against a version of
      polkit that has the fix for its CVE-2013-4288, so that libvirt
      can see 'pkg-config --variable pkcheck_supports_uid polkit-gobject-1'
      Signed-off-by: NColin Walters <walters@redhat.com>
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      922b7fda
  2. 04 9月, 2013 1 次提交
  3. 29 8月, 2013 11 次提交
  4. 18 7月, 2013 2 次提交
  5. 10 7月, 2013 2 次提交
  6. 25 6月, 2013 1 次提交
  7. 31 5月, 2013 1 次提交
    • E
      build: cast [ug]id_t when printing · f43bb1dc
      Eric Blake 提交于
      This is a recurring problem for cygwin :)
      For example, see commit 23a4df88.
      
      qemu/qemu_driver.c: In function 'qemuStateInitialize':
      qemu/qemu_driver.c:691:13: error: format '%d' expects type 'int', but argument 8 has type 'uid_t' [-Wformat]
      
      * src/qemu/qemu_driver.c (qemuStateInitialize): Add casts.
      * daemon/remote.c (remoteDispatchAuthList): Likewise.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      f43bb1dc
  8. 21 5月, 2013 1 次提交
  9. 16 5月, 2013 1 次提交
    • J
      daemon: fix leak after listing all volumes · ca697e90
      Ján Tomko 提交于
      CVE-2013-1962
      
      remoteDispatchStoragePoolListAllVolumes wasn't freeing the pool.
      The pool also held a reference to the connection, preventing it from
      getting freed and closing the netcf interface driver, which held two
      sockets open.
      ca697e90
  10. 09 5月, 2013 1 次提交
  11. 08 5月, 2013 1 次提交
  12. 05 5月, 2013 1 次提交
  13. 03 5月, 2013 1 次提交
  14. 02 5月, 2013 1 次提交
    • M
      virutil: Move string related functions to virstring.c · 7c9a2d88
      Michal Privoznik 提交于
      The source code base needs to be adapted as well. Some files
      include virutil.h just for the string related functions (here,
      the include is substituted to match the new file), some include
      virutil.h without any need (here, the include is removed), and
      some require both.
      7c9a2d88
  15. 24 4月, 2013 2 次提交
  16. 18 4月, 2013 1 次提交
  17. 13 3月, 2013 1 次提交
    • D
      Remove hack using existance of an 'identity' string to disable auth · be27de6e
      Daniel P. Berrange 提交于
      Currently the server determines whether authentication of clients
      is complete, by checking whether an identity is set. This patch
      removes that lame hack and replaces it with an explicit method
      for changing the client auth code
      
      * daemon/remote.c: Update for new APis
      * src/libvirt_private.syms, src/rpc/virnetserverclient.c,
        src/rpc/virnetserverclient.h: Remove virNetServerClientGetIdentity
        and virNetServerClientSetIdentity, adding a new method
        virNetServerClientSetAuth.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      be27de6e
  18. 23 2月, 2013 1 次提交
  19. 18 1月, 2013 1 次提交
  20. 16 1月, 2013 1 次提交
  21. 14 1月, 2013 3 次提交
    • D
      Introduce an LXC specific public API & library · 3d1596b0
      Daniel P. Berrange 提交于
      This patch introduces support for LXC specific public APIs. In
      common with what was done for QEMU, this creates a libvirt_lxc.so
      library and libvirt/libvirt-lxc.h header file.
      
      The actual APIs are
      
        int virDomainLxcOpenNamespace(virDomainPtr domain,
                                      int **fdlist,
                                      unsigned int flags);
      
        int virDomainLxcEnterNamespace(virDomainPtr domain,
                                       unsigned int nfdlist,
                                       int *fdlist,
                                       unsigned int *noldfdlist,
                                       int **oldfdlist,
                                       unsigned int flags);
      
      which provide a way to use the setns() system call to move the
      calling process into the container's namespace. It is not
      practical to write in a generically applicable manner. The
      nearest that we could get to such an API would be an API which
      allows to pass a command + argv to be executed inside a
      container. Even if we had such a generic API, this LXC specific
      API is still useful, because it allows the caller to maintain
      the current process context, in particular any I/O streams they
      have open.
      
      NB the virDomainLxcEnterNamespace() API is special in that it
      runs client side, so does not involve the internal driver API.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      3d1596b0
    • D
      Rename HAVE_POLKIT to WITH_POLKIT · cf7ac00e
      Daniel P. Berrange 提交于
      cf7ac00e
    • D
      Rename HAVE_GNUTLS to WITH_GNUTLS · bccd4a8c
      Daniel P. Berrange 提交于
      bccd4a8c
  22. 11 1月, 2013 1 次提交
  23. 09 1月, 2013 1 次提交
  24. 21 12月, 2012 2 次提交