2009-08-14 19:48:55 +00:00
|
|
|
|
/*
|
|
|
|
|
|
* secret_driver.c: local driver for secret manipulation API
|
|
|
|
|
|
*
|
2012-09-18 10:01:46 +00:00
|
|
|
|
* Copyright (C) 2009-2012 Red Hat, Inc.
|
2009-08-14 19:48:55 +00:00
|
|
|
|
*
|
|
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
|
|
*
|
|
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
|
|
*
|
|
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
2012-09-20 22:30:55 +00:00
|
|
|
|
* License along with this library. If not, see
|
2012-07-21 10:06:23 +00:00
|
|
|
|
* <http://www.gnu.org/licenses/>.
|
2009-08-14 19:48:55 +00:00
|
|
|
|
*
|
|
|
|
|
|
* Red Hat Author: Miloslav Trmač <mitr@redhat.com>
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
|
|
|
|
|
|
|
|
#include <dirent.h>
|
|
|
|
|
|
#include <fcntl.h>
|
|
|
|
|
|
#include <string.h>
|
|
|
|
|
|
#include <sys/stat.h>
|
|
|
|
|
|
#include <unistd.h>
|
|
|
|
|
|
|
|
|
|
|
|
#include "internal.h"
|
|
|
|
|
|
#include "base64.h"
|
|
|
|
|
|
#include "datatypes.h"
|
|
|
|
|
|
#include "driver.h"
|
2012-12-12 17:59:27 +00:00
|
|
|
|
#include "virlog.h"
|
2012-12-12 18:06:53 +00:00
|
|
|
|
#include "viralloc.h"
|
2009-08-14 19:48:55 +00:00
|
|
|
|
#include "secret_conf.h"
|
|
|
|
|
|
#include "secret_driver.h"
|
2012-12-13 15:49:48 +00:00
|
|
|
|
#include "virthread.h"
|
2012-12-13 18:01:25 +00:00
|
|
|
|
#include "viruuid.h"
|
2012-12-13 18:21:53 +00:00
|
|
|
|
#include "virerror.h"
|
2011-07-19 18:32:58 +00:00
|
|
|
|
#include "virfile.h"
|
2010-11-16 14:54:17 +00:00
|
|
|
|
#include "configmake.h"
|
2013-04-03 10:36:23 +00:00
|
|
|
|
#include "virstring.h"
|
2013-04-23 10:56:22 +00:00
|
|
|
|
#include "viraccessapicheck.h"
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
|
|
|
|
|
#define VIR_FROM_THIS VIR_FROM_SECRET
|
|
|
|
|
|
|
|
|
|
|
|
enum { SECRET_MAX_XML_FILE = 10*1024*1024 };
|
|
|
|
|
|
|
|
|
|
|
|
� /* Internal driver state */
|
|
|
|
|
|
|
|
|
|
|
|
typedef struct _virSecretEntry virSecretEntry;
|
|
|
|
|
|
typedef virSecretEntry *virSecretEntryPtr;
|
|
|
|
|
|
struct _virSecretEntry {
|
|
|
|
|
|
virSecretEntryPtr next;
|
|
|
|
|
|
virSecretDefPtr def;
|
|
|
|
|
|
unsigned char *value; /* May be NULL */
|
|
|
|
|
|
size_t value_size;
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
typedef struct _virSecretDriverState virSecretDriverState;
|
|
|
|
|
|
typedef virSecretDriverState *virSecretDriverStatePtr;
|
|
|
|
|
|
struct _virSecretDriverState {
|
|
|
|
|
|
virMutex lock;
|
|
|
|
|
|
virSecretEntry *secrets;
|
|
|
|
|
|
char *directory;
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
static virSecretDriverStatePtr driverState;
|
|
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
|
secretDriverLock(virSecretDriverStatePtr driver)
|
|
|
|
|
|
{
|
|
|
|
|
|
virMutexLock(&driver->lock);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
|
secretDriverUnlock(virSecretDriverStatePtr driver)
|
|
|
|
|
|
{
|
|
|
|
|
|
virMutexUnlock(&driver->lock);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static virSecretEntryPtr
|
|
|
|
|
|
listUnlink(virSecretEntryPtr *pptr)
|
|
|
|
|
|
{
|
|
|
|
|
|
virSecretEntryPtr secret;
|
|
|
|
|
|
|
|
|
|
|
|
secret = *pptr;
|
|
|
|
|
|
*pptr = secret->next;
|
|
|
|
|
|
return secret;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
|
listInsert(virSecretEntryPtr *pptr, virSecretEntryPtr secret)
|
|
|
|
|
|
{
|
|
|
|
|
|
secret->next = *pptr;
|
|
|
|
|
|
*pptr = secret;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
|
secretFree(virSecretEntryPtr secret)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (secret == NULL)
|
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
|
|
virSecretDefFree(secret->def);
|
|
|
|
|
|
if (secret->value != NULL) {
|
|
|
|
|
|
memset(secret->value, 0, secret->value_size);
|
|
|
|
|
|
VIR_FREE(secret->value);
|
|
|
|
|
|
}
|
|
|
|
|
|
VIR_FREE(secret);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
static virSecretEntryPtr
|
|
|
|
|
|
secretFindByUUID(virSecretDriverStatePtr driver, const unsigned char *uuid)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
{
|
|
|
|
|
|
virSecretEntryPtr *pptr, s;
|
|
|
|
|
|
|
|
|
|
|
|
for (pptr = &driver->secrets; *pptr != NULL; pptr = &s->next) {
|
|
|
|
|
|
s = *pptr;
|
Fix UUID handling in secrets/storage encryption APIs
Convert all the secret/storage encryption APIs / wire format to
handle UUIDs in raw format instead of non-canonical printable
format. Guarentees data format correctness.
* docs/schemas/storageencryption.rng: Make UUID mandatory for a secret
and validate fully
* docs/schemas/secret.rng: Fully validate UUID
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in, Add
virSecretLookupByUUID and virSecretGetUUID. Make
virSecretGetUUIDString follow normal API design pattern
* python/generator.py: Skip generation of virSecretGetUUID,
virSecretGetUUIDString and virSecretLookupByUUID
* python/libvir.c, python/libvirt-python-api.xml: Manual impl
of virSecretGetUUID,virSecretGetUUIDString and virSecretLookupByUUID
* qemud/remote.c: s/virSecretLookupByUUIDString/virSecretLookupByUUID/
Fix get_nonnull_secret/make_nonnull_secret to use unsigned char
* qemud/remote_protocol.x: Fix remote_nonnull_secret to use a
remote_uuid instead of remote_nonnull_string for UUID field.
Rename REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING to
REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING and make it take an
remote_uuid value
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.h, src/datatypes.c: Store UUID in raw format instead
of printable. Change virGetSecret to use raw format UUID
* src/driver.h: Rename virDrvSecretLookupByUUIDString to
virDrvSecretLookupByUUID and use raw format UUID
* src/libvirt.c: Add virSecretLookupByUUID and virSecretGetUUID
and re-implement virSecretLookupByUUIDString and
virSecretGetUUIDString in terms of those
* src/libvirt_public.syms: Add virSecretLookupByUUID and
virSecretGetUUID
* src/remote_internal.c: Rename remoteSecretLookupByUUIDString
to remoteSecretLookupByUUID. Fix typo in args for
remoteSecretDefineXML impl. Use raw UUID format for
get_nonnull_secret and make_nonnull_secret
* src/storage_encryption_conf.c, src/storage_encryption_conf.h:
Storage UUID in raw format, and require it to be present in
XML. Use UUID parser to validate.
* secret_conf.h, secret_conf.c: Generate a UUID if none is provided.
Storage UUID in raw format.
* src/secret_driver.c: Adjust to deal with raw UUIDs. Save secrets
in a filed with printable UUID, instead of base64 UUID.
* src/virsh.c: Adjust for changed public API contract of
virSecretGetUUIDString.
* src/storage_Backend.c: DOn't undefine secret we just generated
upon successful volume creation. Fix to handle raw UUIDs. Generate
a non-clashing UUID
* src/qemu_driver.c: Change to use lookupByUUID instead of
lookupByUUIDString
2009-09-10 16:44:12 +00:00
|
|
|
|
if (memcmp(s->def->uuid, uuid, VIR_UUID_BUFLEN) == 0)
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
return s;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
}
|
|
|
|
|
|
return NULL;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static virSecretEntryPtr
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
secretFindByUsage(virSecretDriverStatePtr driver, int usageType, const char *usageID)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
{
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
virSecretEntryPtr *pptr, s;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
for (pptr = &driver->secrets; *pptr != NULL; pptr = &s->next) {
|
|
|
|
|
|
s = *pptr;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
if (s->def->usage_type != usageType)
|
|
|
|
|
|
continue;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
switch (usageType) {
|
|
|
|
|
|
case VIR_SECRET_USAGE_TYPE_NONE:
|
|
|
|
|
|
/* never match this */
|
|
|
|
|
|
break;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
case VIR_SECRET_USAGE_TYPE_VOLUME:
|
|
|
|
|
|
if (STREQ(s->def->usage.volume, usageID))
|
|
|
|
|
|
return s;
|
|
|
|
|
|
break;
|
2011-10-28 17:30:45 +00:00
|
|
|
|
|
|
|
|
|
|
case VIR_SECRET_USAGE_TYPE_CEPH:
|
|
|
|
|
|
if (STREQ(s->def->usage.ceph, usageID))
|
|
|
|
|
|
return s;
|
|
|
|
|
|
break;
|
2013-03-21 11:53:52 +00:00
|
|
|
|
|
|
|
|
|
|
case VIR_SECRET_USAGE_TYPE_ISCSI:
|
|
|
|
|
|
if (STREQ(s->def->usage.target, usageID))
|
|
|
|
|
|
return s;
|
|
|
|
|
|
break;
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
}
|
2009-08-14 19:48:55 +00:00
|
|
|
|
}
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
return NULL;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
/* Permament secret storage */
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
|
|
|
|
|
/* Secrets are stored in virSecretDriverStatePtr->directory. Each secret
|
|
|
|
|
|
has virSecretDef stored as XML in "$basename.xml". If a value of the
|
|
|
|
|
|
secret is defined, it is stored as base64 (with no formatting) in
|
|
|
|
|
|
"$basename.base64". "$basename" is in both cases the base64-encoded UUID. */
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2010-02-04 20:02:58 +00:00
|
|
|
|
replaceFile(const char *filename, void *data, size_t size)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
{
|
|
|
|
|
|
char *tmp_path = NULL;
|
|
|
|
|
|
int fd = -1, ret = -1;
|
|
|
|
|
|
|
2013-07-04 10:15:29 +00:00
|
|
|
|
if (virAsprintf(&tmp_path, "%sXXXXXX", filename) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
2012-10-31 14:13:47 +00:00
|
|
|
|
fd = mkostemp(tmp_path, O_CLOEXEC);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
if (fd == -1) {
|
2012-10-31 14:13:47 +00:00
|
|
|
|
virReportSystemError(errno, _("mkostemp('%s') failed"), tmp_path);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
if (fchmod(fd, S_IRUSR | S_IWUSR) != 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
|
virReportSystemError(errno, _("fchmod('%s') failed"), tmp_path);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
ret = safewrite(fd, data, size);
|
|
|
|
|
|
if (ret < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
|
virReportSystemError(errno, _("error writing to '%s'"),
|
2009-08-14 19:48:55 +00:00
|
|
|
|
tmp_path);
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
2010-11-09 20:48:48 +00:00
|
|
|
|
if (VIR_CLOSE(fd) < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
|
virReportSystemError(errno, _("error closing '%s'"), tmp_path);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
fd = -1;
|
|
|
|
|
|
|
|
|
|
|
|
if (rename(tmp_path, filename) < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
|
virReportSystemError(errno, _("rename(%s, %s) failed"), tmp_path,
|
2009-08-14 19:48:55 +00:00
|
|
|
|
filename);
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
VIR_FREE(tmp_path);
|
|
|
|
|
|
ret = 0;
|
|
|
|
|
|
|
|
|
|
|
|
cleanup:
|
2010-11-09 20:48:48 +00:00
|
|
|
|
VIR_FORCE_CLOSE(fd);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
if (tmp_path != NULL) {
|
|
|
|
|
|
unlink(tmp_path);
|
|
|
|
|
|
VIR_FREE(tmp_path);
|
|
|
|
|
|
}
|
|
|
|
|
|
return ret;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static char *
|
2010-02-04 18:19:08 +00:00
|
|
|
|
secretComputePath(virSecretDriverStatePtr driver,
|
2009-08-14 19:48:55 +00:00
|
|
|
|
const virSecretEntry *secret, const char *suffix)
|
|
|
|
|
|
{
|
Fix UUID handling in secrets/storage encryption APIs
Convert all the secret/storage encryption APIs / wire format to
handle UUIDs in raw format instead of non-canonical printable
format. Guarentees data format correctness.
* docs/schemas/storageencryption.rng: Make UUID mandatory for a secret
and validate fully
* docs/schemas/secret.rng: Fully validate UUID
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in, Add
virSecretLookupByUUID and virSecretGetUUID. Make
virSecretGetUUIDString follow normal API design pattern
* python/generator.py: Skip generation of virSecretGetUUID,
virSecretGetUUIDString and virSecretLookupByUUID
* python/libvir.c, python/libvirt-python-api.xml: Manual impl
of virSecretGetUUID,virSecretGetUUIDString and virSecretLookupByUUID
* qemud/remote.c: s/virSecretLookupByUUIDString/virSecretLookupByUUID/
Fix get_nonnull_secret/make_nonnull_secret to use unsigned char
* qemud/remote_protocol.x: Fix remote_nonnull_secret to use a
remote_uuid instead of remote_nonnull_string for UUID field.
Rename REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING to
REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING and make it take an
remote_uuid value
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.h, src/datatypes.c: Store UUID in raw format instead
of printable. Change virGetSecret to use raw format UUID
* src/driver.h: Rename virDrvSecretLookupByUUIDString to
virDrvSecretLookupByUUID and use raw format UUID
* src/libvirt.c: Add virSecretLookupByUUID and virSecretGetUUID
and re-implement virSecretLookupByUUIDString and
virSecretGetUUIDString in terms of those
* src/libvirt_public.syms: Add virSecretLookupByUUID and
virSecretGetUUID
* src/remote_internal.c: Rename remoteSecretLookupByUUIDString
to remoteSecretLookupByUUID. Fix typo in args for
remoteSecretDefineXML impl. Use raw UUID format for
get_nonnull_secret and make_nonnull_secret
* src/storage_encryption_conf.c, src/storage_encryption_conf.h:
Storage UUID in raw format, and require it to be present in
XML. Use UUID parser to validate.
* secret_conf.h, secret_conf.c: Generate a UUID if none is provided.
Storage UUID in raw format.
* src/secret_driver.c: Adjust to deal with raw UUIDs. Save secrets
in a filed with printable UUID, instead of base64 UUID.
* src/virsh.c: Adjust for changed public API contract of
virSecretGetUUIDString.
* src/storage_Backend.c: DOn't undefine secret we just generated
upon successful volume creation. Fix to handle raw UUIDs. Generate
a non-clashing UUID
* src/qemu_driver.c: Change to use lookupByUUID instead of
lookupByUUIDString
2009-09-10 16:44:12 +00:00
|
|
|
|
char *ret;
|
|
|
|
|
|
char uuidstr[VIR_UUID_STRING_BUFLEN];
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
Fix UUID handling in secrets/storage encryption APIs
Convert all the secret/storage encryption APIs / wire format to
handle UUIDs in raw format instead of non-canonical printable
format. Guarentees data format correctness.
* docs/schemas/storageencryption.rng: Make UUID mandatory for a secret
and validate fully
* docs/schemas/secret.rng: Fully validate UUID
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in, Add
virSecretLookupByUUID and virSecretGetUUID. Make
virSecretGetUUIDString follow normal API design pattern
* python/generator.py: Skip generation of virSecretGetUUID,
virSecretGetUUIDString and virSecretLookupByUUID
* python/libvir.c, python/libvirt-python-api.xml: Manual impl
of virSecretGetUUID,virSecretGetUUIDString and virSecretLookupByUUID
* qemud/remote.c: s/virSecretLookupByUUIDString/virSecretLookupByUUID/
Fix get_nonnull_secret/make_nonnull_secret to use unsigned char
* qemud/remote_protocol.x: Fix remote_nonnull_secret to use a
remote_uuid instead of remote_nonnull_string for UUID field.
Rename REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING to
REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING and make it take an
remote_uuid value
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.h, src/datatypes.c: Store UUID in raw format instead
of printable. Change virGetSecret to use raw format UUID
* src/driver.h: Rename virDrvSecretLookupByUUIDString to
virDrvSecretLookupByUUID and use raw format UUID
* src/libvirt.c: Add virSecretLookupByUUID and virSecretGetUUID
and re-implement virSecretLookupByUUIDString and
virSecretGetUUIDString in terms of those
* src/libvirt_public.syms: Add virSecretLookupByUUID and
virSecretGetUUID
* src/remote_internal.c: Rename remoteSecretLookupByUUIDString
to remoteSecretLookupByUUID. Fix typo in args for
remoteSecretDefineXML impl. Use raw UUID format for
get_nonnull_secret and make_nonnull_secret
* src/storage_encryption_conf.c, src/storage_encryption_conf.h:
Storage UUID in raw format, and require it to be present in
XML. Use UUID parser to validate.
* secret_conf.h, secret_conf.c: Generate a UUID if none is provided.
Storage UUID in raw format.
* src/secret_driver.c: Adjust to deal with raw UUIDs. Save secrets
in a filed with printable UUID, instead of base64 UUID.
* src/virsh.c: Adjust for changed public API contract of
virSecretGetUUIDString.
* src/storage_Backend.c: DOn't undefine secret we just generated
upon successful volume creation. Fix to handle raw UUIDs. Generate
a non-clashing UUID
* src/qemu_driver.c: Change to use lookupByUUID instead of
lookupByUUIDString
2009-09-10 16:44:12 +00:00
|
|
|
|
virUUIDFormat(secret->def->uuid, uuidstr);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
2013-07-04 10:15:29 +00:00
|
|
|
|
ignore_value(virAsprintf(&ret, "%s/%s%s", driver->directory, uuidstr, suffix));
|
2009-08-14 19:48:55 +00:00
|
|
|
|
return ret;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static char *
|
2010-02-10 12:33:34 +00:00
|
|
|
|
secretXMLPath(virSecretDriverStatePtr driver,
|
2009-08-14 19:48:55 +00:00
|
|
|
|
const virSecretEntry *secret)
|
|
|
|
|
|
{
|
2010-02-04 18:19:08 +00:00
|
|
|
|
return secretComputePath(driver, secret, ".xml");
|
2009-08-14 19:48:55 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static char *
|
2010-02-10 12:33:34 +00:00
|
|
|
|
secretBase64Path(virSecretDriverStatePtr driver,
|
2009-08-14 19:48:55 +00:00
|
|
|
|
const virSecretEntry *secret)
|
|
|
|
|
|
{
|
2010-02-04 18:19:08 +00:00
|
|
|
|
return secretComputePath(driver, secret, ".base64");
|
2009-08-14 19:48:55 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2010-02-04 20:02:58 +00:00
|
|
|
|
secretEnsureDirectory(virSecretDriverStatePtr driver)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
{
|
|
|
|
|
|
if (mkdir(driver->directory, S_IRWXU) < 0 && errno != EEXIST) {
|
2010-02-04 20:02:58 +00:00
|
|
|
|
virReportSystemError(errno, _("cannot create '%s'"),
|
2009-08-14 19:48:55 +00:00
|
|
|
|
driver->directory);
|
|
|
|
|
|
return -1;
|
|
|
|
|
|
}
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2010-02-10 12:33:34 +00:00
|
|
|
|
secretSaveDef(virSecretDriverStatePtr driver,
|
2009-08-14 19:48:55 +00:00
|
|
|
|
const virSecretEntry *secret)
|
|
|
|
|
|
{
|
|
|
|
|
|
char *filename = NULL, *xml = NULL;
|
|
|
|
|
|
int ret = -1;
|
|
|
|
|
|
|
2010-02-04 20:02:58 +00:00
|
|
|
|
if (secretEnsureDirectory(driver) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
2010-02-10 12:33:34 +00:00
|
|
|
|
filename = secretXMLPath(driver, secret);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
if (filename == NULL)
|
|
|
|
|
|
goto cleanup;
|
2010-02-10 12:33:34 +00:00
|
|
|
|
xml = virSecretDefFormat(secret->def);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
if (xml == NULL)
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
2010-02-04 20:02:58 +00:00
|
|
|
|
if (replaceFile(filename, xml, strlen(xml)) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
|
|
ret = 0;
|
|
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
|
VIR_FREE(xml);
|
|
|
|
|
|
VIR_FREE(filename);
|
|
|
|
|
|
return ret;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2010-02-10 12:33:34 +00:00
|
|
|
|
secretSaveValue(virSecretDriverStatePtr driver,
|
2009-08-14 19:48:55 +00:00
|
|
|
|
const virSecretEntry *secret)
|
|
|
|
|
|
{
|
|
|
|
|
|
char *filename = NULL, *base64 = NULL;
|
|
|
|
|
|
int ret = -1;
|
|
|
|
|
|
|
|
|
|
|
|
if (secret->value == NULL)
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
2010-02-04 20:02:58 +00:00
|
|
|
|
if (secretEnsureDirectory(driver) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
2010-02-10 12:33:34 +00:00
|
|
|
|
filename = secretBase64Path(driver, secret);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
if (filename == NULL)
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
base64_encode_alloc((const char *)secret->value, secret->value_size,
|
|
|
|
|
|
&base64);
|
|
|
|
|
|
if (base64 == NULL) {
|
2010-02-04 18:19:08 +00:00
|
|
|
|
virReportOOMError();
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2010-02-04 20:02:58 +00:00
|
|
|
|
if (replaceFile(filename, base64, strlen(base64)) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
|
|
ret = 0;
|
|
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
|
VIR_FREE(base64);
|
|
|
|
|
|
VIR_FREE(filename);
|
|
|
|
|
|
return ret;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2010-02-10 12:33:34 +00:00
|
|
|
|
secretDeleteSaved(virSecretDriverStatePtr driver,
|
2009-08-14 19:48:55 +00:00
|
|
|
|
const virSecretEntry *secret)
|
|
|
|
|
|
{
|
|
|
|
|
|
char *xml_filename = NULL, *value_filename = NULL;
|
|
|
|
|
|
int ret = -1;
|
|
|
|
|
|
|
2010-02-10 12:33:34 +00:00
|
|
|
|
xml_filename = secretXMLPath(driver, secret);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
if (xml_filename == NULL)
|
|
|
|
|
|
goto cleanup;
|
2010-02-10 12:33:34 +00:00
|
|
|
|
value_filename = secretBase64Path(driver, secret);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
if (value_filename == NULL)
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
|
|
if (unlink(xml_filename) < 0 && errno != ENOENT)
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
/* When the XML is missing, the rest may waste disk space, but the secret
|
|
|
|
|
|
won't be loaded again, so we have succeeded already. */
|
|
|
|
|
|
ret = 0;
|
|
|
|
|
|
|
|
|
|
|
|
(void)unlink(value_filename);
|
|
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
|
VIR_FREE(value_filename);
|
|
|
|
|
|
VIR_FREE(xml_filename);
|
|
|
|
|
|
return ret;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2010-02-10 12:33:34 +00:00
|
|
|
|
secretLoadValidateUUID(virSecretDefPtr def,
|
2009-08-14 19:48:55 +00:00
|
|
|
|
const char *xml_basename)
|
|
|
|
|
|
{
|
Fix UUID handling in secrets/storage encryption APIs
Convert all the secret/storage encryption APIs / wire format to
handle UUIDs in raw format instead of non-canonical printable
format. Guarentees data format correctness.
* docs/schemas/storageencryption.rng: Make UUID mandatory for a secret
and validate fully
* docs/schemas/secret.rng: Fully validate UUID
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in, Add
virSecretLookupByUUID and virSecretGetUUID. Make
virSecretGetUUIDString follow normal API design pattern
* python/generator.py: Skip generation of virSecretGetUUID,
virSecretGetUUIDString and virSecretLookupByUUID
* python/libvir.c, python/libvirt-python-api.xml: Manual impl
of virSecretGetUUID,virSecretGetUUIDString and virSecretLookupByUUID
* qemud/remote.c: s/virSecretLookupByUUIDString/virSecretLookupByUUID/
Fix get_nonnull_secret/make_nonnull_secret to use unsigned char
* qemud/remote_protocol.x: Fix remote_nonnull_secret to use a
remote_uuid instead of remote_nonnull_string for UUID field.
Rename REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING to
REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING and make it take an
remote_uuid value
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.h, src/datatypes.c: Store UUID in raw format instead
of printable. Change virGetSecret to use raw format UUID
* src/driver.h: Rename virDrvSecretLookupByUUIDString to
virDrvSecretLookupByUUID and use raw format UUID
* src/libvirt.c: Add virSecretLookupByUUID and virSecretGetUUID
and re-implement virSecretLookupByUUIDString and
virSecretGetUUIDString in terms of those
* src/libvirt_public.syms: Add virSecretLookupByUUID and
virSecretGetUUID
* src/remote_internal.c: Rename remoteSecretLookupByUUIDString
to remoteSecretLookupByUUID. Fix typo in args for
remoteSecretDefineXML impl. Use raw UUID format for
get_nonnull_secret and make_nonnull_secret
* src/storage_encryption_conf.c, src/storage_encryption_conf.h:
Storage UUID in raw format, and require it to be present in
XML. Use UUID parser to validate.
* secret_conf.h, secret_conf.c: Generate a UUID if none is provided.
Storage UUID in raw format.
* src/secret_driver.c: Adjust to deal with raw UUIDs. Save secrets
in a filed with printable UUID, instead of base64 UUID.
* src/virsh.c: Adjust for changed public API contract of
virSecretGetUUIDString.
* src/storage_Backend.c: DOn't undefine secret we just generated
upon successful volume creation. Fix to handle raw UUIDs. Generate
a non-clashing UUID
* src/qemu_driver.c: Change to use lookupByUUID instead of
lookupByUUIDString
2009-09-10 16:44:12 +00:00
|
|
|
|
char uuidstr[VIR_UUID_STRING_BUFLEN];
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
Fix UUID handling in secrets/storage encryption APIs
Convert all the secret/storage encryption APIs / wire format to
handle UUIDs in raw format instead of non-canonical printable
format. Guarentees data format correctness.
* docs/schemas/storageencryption.rng: Make UUID mandatory for a secret
and validate fully
* docs/schemas/secret.rng: Fully validate UUID
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in, Add
virSecretLookupByUUID and virSecretGetUUID. Make
virSecretGetUUIDString follow normal API design pattern
* python/generator.py: Skip generation of virSecretGetUUID,
virSecretGetUUIDString and virSecretLookupByUUID
* python/libvir.c, python/libvirt-python-api.xml: Manual impl
of virSecretGetUUID,virSecretGetUUIDString and virSecretLookupByUUID
* qemud/remote.c: s/virSecretLookupByUUIDString/virSecretLookupByUUID/
Fix get_nonnull_secret/make_nonnull_secret to use unsigned char
* qemud/remote_protocol.x: Fix remote_nonnull_secret to use a
remote_uuid instead of remote_nonnull_string for UUID field.
Rename REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING to
REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING and make it take an
remote_uuid value
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.h, src/datatypes.c: Store UUID in raw format instead
of printable. Change virGetSecret to use raw format UUID
* src/driver.h: Rename virDrvSecretLookupByUUIDString to
virDrvSecretLookupByUUID and use raw format UUID
* src/libvirt.c: Add virSecretLookupByUUID and virSecretGetUUID
and re-implement virSecretLookupByUUIDString and
virSecretGetUUIDString in terms of those
* src/libvirt_public.syms: Add virSecretLookupByUUID and
virSecretGetUUID
* src/remote_internal.c: Rename remoteSecretLookupByUUIDString
to remoteSecretLookupByUUID. Fix typo in args for
remoteSecretDefineXML impl. Use raw UUID format for
get_nonnull_secret and make_nonnull_secret
* src/storage_encryption_conf.c, src/storage_encryption_conf.h:
Storage UUID in raw format, and require it to be present in
XML. Use UUID parser to validate.
* secret_conf.h, secret_conf.c: Generate a UUID if none is provided.
Storage UUID in raw format.
* src/secret_driver.c: Adjust to deal with raw UUIDs. Save secrets
in a filed with printable UUID, instead of base64 UUID.
* src/virsh.c: Adjust for changed public API contract of
virSecretGetUUIDString.
* src/storage_Backend.c: DOn't undefine secret we just generated
upon successful volume creation. Fix to handle raw UUIDs. Generate
a non-clashing UUID
* src/qemu_driver.c: Change to use lookupByUUID instead of
lookupByUUIDString
2009-09-10 16:44:12 +00:00
|
|
|
|
virUUIDFormat(def->uuid, uuidstr);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
Fix UUID handling in secrets/storage encryption APIs
Convert all the secret/storage encryption APIs / wire format to
handle UUIDs in raw format instead of non-canonical printable
format. Guarentees data format correctness.
* docs/schemas/storageencryption.rng: Make UUID mandatory for a secret
and validate fully
* docs/schemas/secret.rng: Fully validate UUID
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in, Add
virSecretLookupByUUID and virSecretGetUUID. Make
virSecretGetUUIDString follow normal API design pattern
* python/generator.py: Skip generation of virSecretGetUUID,
virSecretGetUUIDString and virSecretLookupByUUID
* python/libvir.c, python/libvirt-python-api.xml: Manual impl
of virSecretGetUUID,virSecretGetUUIDString and virSecretLookupByUUID
* qemud/remote.c: s/virSecretLookupByUUIDString/virSecretLookupByUUID/
Fix get_nonnull_secret/make_nonnull_secret to use unsigned char
* qemud/remote_protocol.x: Fix remote_nonnull_secret to use a
remote_uuid instead of remote_nonnull_string for UUID field.
Rename REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING to
REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING and make it take an
remote_uuid value
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.h, src/datatypes.c: Store UUID in raw format instead
of printable. Change virGetSecret to use raw format UUID
* src/driver.h: Rename virDrvSecretLookupByUUIDString to
virDrvSecretLookupByUUID and use raw format UUID
* src/libvirt.c: Add virSecretLookupByUUID and virSecretGetUUID
and re-implement virSecretLookupByUUIDString and
virSecretGetUUIDString in terms of those
* src/libvirt_public.syms: Add virSecretLookupByUUID and
virSecretGetUUID
* src/remote_internal.c: Rename remoteSecretLookupByUUIDString
to remoteSecretLookupByUUID. Fix typo in args for
remoteSecretDefineXML impl. Use raw UUID format for
get_nonnull_secret and make_nonnull_secret
* src/storage_encryption_conf.c, src/storage_encryption_conf.h:
Storage UUID in raw format, and require it to be present in
XML. Use UUID parser to validate.
* secret_conf.h, secret_conf.c: Generate a UUID if none is provided.
Storage UUID in raw format.
* src/secret_driver.c: Adjust to deal with raw UUIDs. Save secrets
in a filed with printable UUID, instead of base64 UUID.
* src/virsh.c: Adjust for changed public API contract of
virSecretGetUUIDString.
* src/storage_Backend.c: DOn't undefine secret we just generated
upon successful volume creation. Fix to handle raw UUIDs. Generate
a non-clashing UUID
* src/qemu_driver.c: Change to use lookupByUUID instead of
lookupByUUIDString
2009-09-10 16:44:12 +00:00
|
|
|
|
if (!virFileMatchesNameSuffix(xml_basename, uuidstr, ".xml")) {
|
2012-07-18 11:40:16 +00:00
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
|
_("<uuid> does not match secret file name '%s'"),
|
|
|
|
|
|
xml_basename);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
return -1;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2010-02-10 12:33:34 +00:00
|
|
|
|
secretLoadValue(virSecretDriverStatePtr driver,
|
2009-08-14 19:48:55 +00:00
|
|
|
|
virSecretEntryPtr secret)
|
|
|
|
|
|
{
|
|
|
|
|
|
int ret = -1, fd = -1;
|
|
|
|
|
|
struct stat st;
|
|
|
|
|
|
char *filename = NULL, *contents = NULL, *value = NULL;
|
|
|
|
|
|
size_t value_size;
|
|
|
|
|
|
|
2010-02-10 12:33:34 +00:00
|
|
|
|
filename = secretBase64Path(driver, secret);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
if (filename == NULL)
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
|
|
fd = open(filename, O_RDONLY);
|
|
|
|
|
|
if (fd == -1) {
|
|
|
|
|
|
if (errno == ENOENT) {
|
|
|
|
|
|
ret = 0;
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
2010-02-04 20:02:58 +00:00
|
|
|
|
virReportSystemError(errno, _("cannot open '%s'"), filename);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
if (fstat(fd, &st) < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
|
virReportSystemError(errno, _("cannot stat '%s'"), filename);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
if ((size_t)st.st_size != st.st_size) {
|
2012-07-18 11:40:16 +00:00
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
|
_("'%s' file does not fit in memory"), filename);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2013-07-04 10:15:29 +00:00
|
|
|
|
if (VIR_ALLOC_N(contents, st.st_size) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
if (saferead(fd, contents, st.st_size) != st.st_size) {
|
2010-02-04 20:02:58 +00:00
|
|
|
|
virReportSystemError(errno, _("cannot read '%s'"), filename);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
2010-11-09 20:48:48 +00:00
|
|
|
|
VIR_FORCE_CLOSE(fd);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
|
|
|
|
|
if (!base64_decode_alloc(contents, st.st_size, &value, &value_size)) {
|
2012-07-18 11:40:16 +00:00
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
|
_("invalid base64 in '%s'"), filename);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
2013-07-04 10:15:29 +00:00
|
|
|
|
if (value == NULL)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
|
|
secret->value = (unsigned char *)value;
|
|
|
|
|
|
value = NULL;
|
|
|
|
|
|
secret->value_size = value_size;
|
|
|
|
|
|
|
|
|
|
|
|
ret = 0;
|
|
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
|
if (value != NULL) {
|
|
|
|
|
|
memset(value, 0, value_size);
|
|
|
|
|
|
VIR_FREE(value);
|
|
|
|
|
|
}
|
|
|
|
|
|
if (contents != NULL) {
|
|
|
|
|
|
memset(contents, 0, st.st_size);
|
|
|
|
|
|
VIR_FREE(contents);
|
|
|
|
|
|
}
|
2010-11-09 20:48:48 +00:00
|
|
|
|
VIR_FORCE_CLOSE(fd);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
VIR_FREE(filename);
|
|
|
|
|
|
return ret;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static virSecretEntryPtr
|
2010-02-10 12:33:34 +00:00
|
|
|
|
secretLoad(virSecretDriverStatePtr driver,
|
2009-08-14 19:48:55 +00:00
|
|
|
|
const char *xml_basename)
|
|
|
|
|
|
{
|
2009-09-24 10:58:53 +00:00
|
|
|
|
virSecretDefPtr def = NULL;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
virSecretEntryPtr secret = NULL, ret = NULL;
|
|
|
|
|
|
char *xml_filename;
|
|
|
|
|
|
|
|
|
|
|
|
if (virAsprintf(&xml_filename, "%s/%s", driver->directory,
|
2013-07-04 10:15:29 +00:00
|
|
|
|
xml_basename) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
2010-02-10 12:33:34 +00:00
|
|
|
|
def = virSecretDefParseFile(xml_filename);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
if (def == NULL)
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
VIR_FREE(xml_filename);
|
|
|
|
|
|
|
2010-02-10 12:33:34 +00:00
|
|
|
|
if (secretLoadValidateUUID(def, xml_basename) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
2013-07-04 10:15:29 +00:00
|
|
|
|
if (VIR_ALLOC(secret) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
secret->def = def;
|
|
|
|
|
|
def = NULL;
|
|
|
|
|
|
|
2010-02-10 12:33:34 +00:00
|
|
|
|
if (secretLoadValue(driver, secret) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
|
|
ret = secret;
|
|
|
|
|
|
secret = NULL;
|
|
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
|
secretFree(secret);
|
|
|
|
|
|
virSecretDefFree(def);
|
|
|
|
|
|
VIR_FREE(xml_filename);
|
|
|
|
|
|
return ret;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2010-02-10 12:33:34 +00:00
|
|
|
|
loadSecrets(virSecretDriverStatePtr driver,
|
2009-08-14 19:48:55 +00:00
|
|
|
|
virSecretEntryPtr *dest)
|
|
|
|
|
|
{
|
|
|
|
|
|
int ret = -1;
|
|
|
|
|
|
DIR *dir = NULL;
|
|
|
|
|
|
struct dirent *de;
|
|
|
|
|
|
virSecretEntryPtr list = NULL;
|
|
|
|
|
|
|
|
|
|
|
|
dir = opendir(driver->directory);
|
|
|
|
|
|
if (dir == NULL) {
|
|
|
|
|
|
if (errno == ENOENT)
|
|
|
|
|
|
return 0;
|
2010-02-04 20:02:58 +00:00
|
|
|
|
virReportSystemError(errno, _("cannot open '%s'"),
|
2009-08-14 19:48:55 +00:00
|
|
|
|
driver->directory);
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
while ((de = readdir(dir)) != NULL) {
|
|
|
|
|
|
virSecretEntryPtr secret;
|
|
|
|
|
|
|
|
|
|
|
|
if (STREQ(de->d_name, ".") || STREQ(de->d_name, ".."))
|
|
|
|
|
|
continue;
|
|
|
|
|
|
if (!virFileHasSuffix(de->d_name, ".xml"))
|
|
|
|
|
|
continue;
|
|
|
|
|
|
|
2010-02-10 12:33:34 +00:00
|
|
|
|
secret = secretLoad(driver, de->d_name);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
if (secret == NULL) {
|
|
|
|
|
|
virErrorPtr err = virGetLastError();
|
|
|
|
|
|
|
2010-01-19 13:17:20 +00:00
|
|
|
|
VIR_ERROR(_("Error reading secret: %s"),
|
2010-05-20 06:44:27 +00:00
|
|
|
|
err != NULL ? err->message: _("unknown error"));
|
2009-08-14 19:48:55 +00:00
|
|
|
|
virResetError(err);
|
|
|
|
|
|
continue;
|
|
|
|
|
|
}
|
|
|
|
|
|
listInsert(&list, secret);
|
|
|
|
|
|
}
|
|
|
|
|
|
/* Ignore error reported by readdir(), if any. It's better to keep the
|
|
|
|
|
|
secrets we managed to find. */
|
|
|
|
|
|
|
|
|
|
|
|
while (list != NULL) {
|
|
|
|
|
|
virSecretEntryPtr s;
|
|
|
|
|
|
|
|
|
|
|
|
s = listUnlink(&list);
|
|
|
|
|
|
listInsert(dest, s);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
ret = 0;
|
|
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
|
if (dir != NULL)
|
|
|
|
|
|
closedir(dir);
|
|
|
|
|
|
return ret;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
� /* Driver functions */
|
|
|
|
|
|
|
|
|
|
|
|
static virDrvOpenStatus
|
|
|
|
|
|
secretOpen(virConnectPtr conn, virConnectAuthPtr auth ATTRIBUTE_UNUSED,
|
2011-07-06 22:29:02 +00:00
|
|
|
|
unsigned int flags)
|
|
|
|
|
|
{
|
|
|
|
|
|
virCheckFlags(VIR_CONNECT_RO, VIR_DRV_OPEN_ERROR);
|
|
|
|
|
|
|
2009-08-14 19:48:55 +00:00
|
|
|
|
if (driverState == NULL)
|
|
|
|
|
|
return VIR_DRV_OPEN_DECLINED;
|
|
|
|
|
|
|
|
|
|
|
|
conn->secretPrivateData = driverState;
|
|
|
|
|
|
return VIR_DRV_OPEN_SUCCESS;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
|
secretClose(virConnectPtr conn) {
|
|
|
|
|
|
conn->secretPrivateData = NULL;
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2013-04-23 12:50:18 +00:00
|
|
|
|
secretConnectNumOfSecrets(virConnectPtr conn)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
{
|
|
|
|
|
|
virSecretDriverStatePtr driver = conn->secretPrivateData;
|
Convert 'int i' to 'size_t i' in src/secret/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
|
size_t i;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
virSecretEntryPtr secret;
|
|
|
|
|
|
|
2013-04-23 10:56:22 +00:00
|
|
|
|
if (virConnectNumOfSecretsEnsureACL(conn) < 0)
|
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
2009-08-14 19:48:55 +00:00
|
|
|
|
secretDriverLock(driver);
|
|
|
|
|
|
|
|
|
|
|
|
i = 0;
|
2013-06-27 11:12:30 +00:00
|
|
|
|
for (secret = driver->secrets; secret != NULL; secret = secret->next) {
|
|
|
|
|
|
if (virConnectNumOfSecretsCheckACL(conn,
|
|
|
|
|
|
secret->def))
|
|
|
|
|
|
i++;
|
|
|
|
|
|
}
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
|
|
|
|
|
secretDriverUnlock(driver);
|
|
|
|
|
|
return i;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2013-04-23 12:50:18 +00:00
|
|
|
|
secretConnectListSecrets(virConnectPtr conn, char **uuids, int maxuuids)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
{
|
|
|
|
|
|
virSecretDriverStatePtr driver = conn->secretPrivateData;
|
Convert 'int i' to 'size_t i' in src/secret/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
|
size_t i;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
virSecretEntryPtr secret;
|
|
|
|
|
|
|
|
|
|
|
|
memset(uuids, 0, maxuuids * sizeof(*uuids));
|
|
|
|
|
|
|
2013-04-23 10:56:22 +00:00
|
|
|
|
if (virConnectListSecretsEnsureACL(conn) < 0)
|
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
2009-08-14 19:48:55 +00:00
|
|
|
|
secretDriverLock(driver);
|
|
|
|
|
|
|
|
|
|
|
|
i = 0;
|
|
|
|
|
|
for (secret = driver->secrets; secret != NULL; secret = secret->next) {
|
Fix UUID handling in secrets/storage encryption APIs
Convert all the secret/storage encryption APIs / wire format to
handle UUIDs in raw format instead of non-canonical printable
format. Guarentees data format correctness.
* docs/schemas/storageencryption.rng: Make UUID mandatory for a secret
and validate fully
* docs/schemas/secret.rng: Fully validate UUID
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in, Add
virSecretLookupByUUID and virSecretGetUUID. Make
virSecretGetUUIDString follow normal API design pattern
* python/generator.py: Skip generation of virSecretGetUUID,
virSecretGetUUIDString and virSecretLookupByUUID
* python/libvir.c, python/libvirt-python-api.xml: Manual impl
of virSecretGetUUID,virSecretGetUUIDString and virSecretLookupByUUID
* qemud/remote.c: s/virSecretLookupByUUIDString/virSecretLookupByUUID/
Fix get_nonnull_secret/make_nonnull_secret to use unsigned char
* qemud/remote_protocol.x: Fix remote_nonnull_secret to use a
remote_uuid instead of remote_nonnull_string for UUID field.
Rename REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING to
REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING and make it take an
remote_uuid value
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.h, src/datatypes.c: Store UUID in raw format instead
of printable. Change virGetSecret to use raw format UUID
* src/driver.h: Rename virDrvSecretLookupByUUIDString to
virDrvSecretLookupByUUID and use raw format UUID
* src/libvirt.c: Add virSecretLookupByUUID and virSecretGetUUID
and re-implement virSecretLookupByUUIDString and
virSecretGetUUIDString in terms of those
* src/libvirt_public.syms: Add virSecretLookupByUUID and
virSecretGetUUID
* src/remote_internal.c: Rename remoteSecretLookupByUUIDString
to remoteSecretLookupByUUID. Fix typo in args for
remoteSecretDefineXML impl. Use raw UUID format for
get_nonnull_secret and make_nonnull_secret
* src/storage_encryption_conf.c, src/storage_encryption_conf.h:
Storage UUID in raw format, and require it to be present in
XML. Use UUID parser to validate.
* secret_conf.h, secret_conf.c: Generate a UUID if none is provided.
Storage UUID in raw format.
* src/secret_driver.c: Adjust to deal with raw UUIDs. Save secrets
in a filed with printable UUID, instead of base64 UUID.
* src/virsh.c: Adjust for changed public API contract of
virSecretGetUUIDString.
* src/storage_Backend.c: DOn't undefine secret we just generated
upon successful volume creation. Fix to handle raw UUIDs. Generate
a non-clashing UUID
* src/qemu_driver.c: Change to use lookupByUUID instead of
lookupByUUIDString
2009-09-10 16:44:12 +00:00
|
|
|
|
char *uuidstr;
|
2013-06-27 11:12:30 +00:00
|
|
|
|
if (!virConnectListSecretsCheckACL(conn,
|
|
|
|
|
|
secret->def))
|
|
|
|
|
|
continue;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
if (i == maxuuids)
|
|
|
|
|
|
break;
|
2013-07-04 10:15:29 +00:00
|
|
|
|
if (VIR_ALLOC_N(uuidstr, VIR_UUID_STRING_BUFLEN) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
Fix UUID handling in secrets/storage encryption APIs
Convert all the secret/storage encryption APIs / wire format to
handle UUIDs in raw format instead of non-canonical printable
format. Guarentees data format correctness.
* docs/schemas/storageencryption.rng: Make UUID mandatory for a secret
and validate fully
* docs/schemas/secret.rng: Fully validate UUID
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in, Add
virSecretLookupByUUID and virSecretGetUUID. Make
virSecretGetUUIDString follow normal API design pattern
* python/generator.py: Skip generation of virSecretGetUUID,
virSecretGetUUIDString and virSecretLookupByUUID
* python/libvir.c, python/libvirt-python-api.xml: Manual impl
of virSecretGetUUID,virSecretGetUUIDString and virSecretLookupByUUID
* qemud/remote.c: s/virSecretLookupByUUIDString/virSecretLookupByUUID/
Fix get_nonnull_secret/make_nonnull_secret to use unsigned char
* qemud/remote_protocol.x: Fix remote_nonnull_secret to use a
remote_uuid instead of remote_nonnull_string for UUID field.
Rename REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING to
REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING and make it take an
remote_uuid value
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.h, src/datatypes.c: Store UUID in raw format instead
of printable. Change virGetSecret to use raw format UUID
* src/driver.h: Rename virDrvSecretLookupByUUIDString to
virDrvSecretLookupByUUID and use raw format UUID
* src/libvirt.c: Add virSecretLookupByUUID and virSecretGetUUID
and re-implement virSecretLookupByUUIDString and
virSecretGetUUIDString in terms of those
* src/libvirt_public.syms: Add virSecretLookupByUUID and
virSecretGetUUID
* src/remote_internal.c: Rename remoteSecretLookupByUUIDString
to remoteSecretLookupByUUID. Fix typo in args for
remoteSecretDefineXML impl. Use raw UUID format for
get_nonnull_secret and make_nonnull_secret
* src/storage_encryption_conf.c, src/storage_encryption_conf.h:
Storage UUID in raw format, and require it to be present in
XML. Use UUID parser to validate.
* secret_conf.h, secret_conf.c: Generate a UUID if none is provided.
Storage UUID in raw format.
* src/secret_driver.c: Adjust to deal with raw UUIDs. Save secrets
in a filed with printable UUID, instead of base64 UUID.
* src/virsh.c: Adjust for changed public API contract of
virSecretGetUUIDString.
* src/storage_Backend.c: DOn't undefine secret we just generated
upon successful volume creation. Fix to handle raw UUIDs. Generate
a non-clashing UUID
* src/qemu_driver.c: Change to use lookupByUUID instead of
lookupByUUIDString
2009-09-10 16:44:12 +00:00
|
|
|
|
virUUIDFormat(secret->def->uuid, uuidstr);
|
|
|
|
|
|
uuids[i] = uuidstr;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
i++;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
secretDriverUnlock(driver);
|
|
|
|
|
|
return i;
|
|
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
|
secretDriverUnlock(driver);
|
|
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < maxuuids; i++)
|
|
|
|
|
|
VIR_FREE(uuids[i]);
|
|
|
|
|
|
|
|
|
|
|
|
return -1;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
static const char *
|
|
|
|
|
|
secretUsageIDForDef(virSecretDefPtr def)
|
|
|
|
|
|
{
|
|
|
|
|
|
switch (def->usage_type) {
|
|
|
|
|
|
case VIR_SECRET_USAGE_TYPE_NONE:
|
|
|
|
|
|
return "";
|
|
|
|
|
|
|
|
|
|
|
|
case VIR_SECRET_USAGE_TYPE_VOLUME:
|
|
|
|
|
|
return def->usage.volume;
|
|
|
|
|
|
|
2011-10-28 17:30:45 +00:00
|
|
|
|
case VIR_SECRET_USAGE_TYPE_CEPH:
|
|
|
|
|
|
return def->usage.ceph;
|
|
|
|
|
|
|
2013-03-21 11:53:52 +00:00
|
|
|
|
case VIR_SECRET_USAGE_TYPE_ISCSI:
|
|
|
|
|
|
return def->usage.target;
|
|
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
default:
|
|
|
|
|
|
return NULL;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2012-09-14 08:38:50 +00:00
|
|
|
|
#define MATCH(FLAG) (flags & (FLAG))
|
|
|
|
|
|
static int
|
2013-04-23 12:50:18 +00:00
|
|
|
|
secretConnectListAllSecrets(virConnectPtr conn,
|
|
|
|
|
|
virSecretPtr **secrets,
|
|
|
|
|
|
unsigned int flags) {
|
2012-09-14 08:38:50 +00:00
|
|
|
|
virSecretDriverStatePtr driver = conn->secretPrivateData;
|
|
|
|
|
|
virSecretPtr *tmp_secrets = NULL;
|
|
|
|
|
|
int nsecrets = 0;
|
|
|
|
|
|
int ret_nsecrets = 0;
|
|
|
|
|
|
virSecretPtr secret = NULL;
|
|
|
|
|
|
virSecretEntryPtr entry = NULL;
|
Convert 'int i' to 'size_t i' in src/secret/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-08 14:09:33 +00:00
|
|
|
|
size_t i = 0;
|
2012-09-14 08:38:50 +00:00
|
|
|
|
int ret = -1;
|
|
|
|
|
|
|
|
|
|
|
|
virCheckFlags(VIR_CONNECT_LIST_SECRETS_FILTERS_ALL, -1);
|
|
|
|
|
|
|
2013-04-23 10:56:22 +00:00
|
|
|
|
if (virConnectListAllSecretsEnsureACL(conn) < 0)
|
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
2012-09-14 08:38:50 +00:00
|
|
|
|
secretDriverLock(driver);
|
|
|
|
|
|
|
|
|
|
|
|
for (entry = driver->secrets; entry != NULL; entry = entry->next)
|
|
|
|
|
|
nsecrets++;
|
|
|
|
|
|
|
2013-07-04 10:15:29 +00:00
|
|
|
|
if (secrets && VIR_ALLOC_N(tmp_secrets, nsecrets + 1) < 0)
|
|
|
|
|
|
goto cleanup;
|
2012-09-14 08:38:50 +00:00
|
|
|
|
|
|
|
|
|
|
for (entry = driver->secrets; entry != NULL; entry = entry->next) {
|
2013-06-27 11:12:30 +00:00
|
|
|
|
if (!virConnectListAllSecretsCheckACL(conn,
|
|
|
|
|
|
entry->def))
|
|
|
|
|
|
continue;
|
|
|
|
|
|
|
2012-09-14 08:38:50 +00:00
|
|
|
|
/* filter by whether it's ephemeral */
|
|
|
|
|
|
if (MATCH(VIR_CONNECT_LIST_SECRETS_FILTERS_EPHEMERAL) &&
|
|
|
|
|
|
!((MATCH(VIR_CONNECT_LIST_SECRETS_EPHEMERAL) &&
|
|
|
|
|
|
entry->def->ephemeral) ||
|
|
|
|
|
|
(MATCH(VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL) &&
|
|
|
|
|
|
!entry->def->ephemeral)))
|
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
|
|
/* filter by whether it's private */
|
|
|
|
|
|
if (MATCH(VIR_CONNECT_LIST_SECRETS_FILTERS_PRIVATE) &&
|
|
|
|
|
|
!((MATCH(VIR_CONNECT_LIST_SECRETS_PRIVATE) &&
|
|
|
|
|
|
entry->def->private) ||
|
|
|
|
|
|
(MATCH(VIR_CONNECT_LIST_SECRETS_NO_PRIVATE) &&
|
|
|
|
|
|
!entry->def->private)))
|
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
|
|
if (secrets) {
|
|
|
|
|
|
if (!(secret = virGetSecret(conn,
|
|
|
|
|
|
entry->def->uuid,
|
|
|
|
|
|
entry->def->usage_type,
|
|
|
|
|
|
secretUsageIDForDef(entry->def))))
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
tmp_secrets[ret_nsecrets] = secret;
|
|
|
|
|
|
}
|
|
|
|
|
|
ret_nsecrets++;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (tmp_secrets) {
|
|
|
|
|
|
/* trim the array to the final size */
|
|
|
|
|
|
ignore_value(VIR_REALLOC_N(tmp_secrets, ret_nsecrets + 1));
|
|
|
|
|
|
*secrets = tmp_secrets;
|
|
|
|
|
|
tmp_secrets = NULL;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
ret = ret_nsecrets;
|
|
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
|
secretDriverUnlock(driver);
|
|
|
|
|
|
if (tmp_secrets) {
|
|
|
|
|
|
for (i = 0; i < ret_nsecrets; i ++) {
|
|
|
|
|
|
if (tmp_secrets[i])
|
|
|
|
|
|
virSecretFree(tmp_secrets[i]);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
VIR_FREE(tmp_secrets);
|
|
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
|
}
|
|
|
|
|
|
#undef MATCH
|
|
|
|
|
|
|
|
|
|
|
|
|
2009-08-14 19:48:55 +00:00
|
|
|
|
static virSecretPtr
|
Fix UUID handling in secrets/storage encryption APIs
Convert all the secret/storage encryption APIs / wire format to
handle UUIDs in raw format instead of non-canonical printable
format. Guarentees data format correctness.
* docs/schemas/storageencryption.rng: Make UUID mandatory for a secret
and validate fully
* docs/schemas/secret.rng: Fully validate UUID
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in, Add
virSecretLookupByUUID and virSecretGetUUID. Make
virSecretGetUUIDString follow normal API design pattern
* python/generator.py: Skip generation of virSecretGetUUID,
virSecretGetUUIDString and virSecretLookupByUUID
* python/libvir.c, python/libvirt-python-api.xml: Manual impl
of virSecretGetUUID,virSecretGetUUIDString and virSecretLookupByUUID
* qemud/remote.c: s/virSecretLookupByUUIDString/virSecretLookupByUUID/
Fix get_nonnull_secret/make_nonnull_secret to use unsigned char
* qemud/remote_protocol.x: Fix remote_nonnull_secret to use a
remote_uuid instead of remote_nonnull_string for UUID field.
Rename REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING to
REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING and make it take an
remote_uuid value
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.h, src/datatypes.c: Store UUID in raw format instead
of printable. Change virGetSecret to use raw format UUID
* src/driver.h: Rename virDrvSecretLookupByUUIDString to
virDrvSecretLookupByUUID and use raw format UUID
* src/libvirt.c: Add virSecretLookupByUUID and virSecretGetUUID
and re-implement virSecretLookupByUUIDString and
virSecretGetUUIDString in terms of those
* src/libvirt_public.syms: Add virSecretLookupByUUID and
virSecretGetUUID
* src/remote_internal.c: Rename remoteSecretLookupByUUIDString
to remoteSecretLookupByUUID. Fix typo in args for
remoteSecretDefineXML impl. Use raw UUID format for
get_nonnull_secret and make_nonnull_secret
* src/storage_encryption_conf.c, src/storage_encryption_conf.h:
Storage UUID in raw format, and require it to be present in
XML. Use UUID parser to validate.
* secret_conf.h, secret_conf.c: Generate a UUID if none is provided.
Storage UUID in raw format.
* src/secret_driver.c: Adjust to deal with raw UUIDs. Save secrets
in a filed with printable UUID, instead of base64 UUID.
* src/virsh.c: Adjust for changed public API contract of
virSecretGetUUIDString.
* src/storage_Backend.c: DOn't undefine secret we just generated
upon successful volume creation. Fix to handle raw UUIDs. Generate
a non-clashing UUID
* src/qemu_driver.c: Change to use lookupByUUID instead of
lookupByUUIDString
2009-09-10 16:44:12 +00:00
|
|
|
|
secretLookupByUUID(virConnectPtr conn, const unsigned char *uuid)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
{
|
|
|
|
|
|
virSecretDriverStatePtr driver = conn->secretPrivateData;
|
|
|
|
|
|
virSecretPtr ret = NULL;
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
virSecretEntryPtr secret;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
|
|
|
|
|
secretDriverLock(driver);
|
|
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
secret = secretFindByUUID(driver, uuid);
|
|
|
|
|
|
if (secret == NULL) {
|
Fix UUID handling in secrets/storage encryption APIs
Convert all the secret/storage encryption APIs / wire format to
handle UUIDs in raw format instead of non-canonical printable
format. Guarentees data format correctness.
* docs/schemas/storageencryption.rng: Make UUID mandatory for a secret
and validate fully
* docs/schemas/secret.rng: Fully validate UUID
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in, Add
virSecretLookupByUUID and virSecretGetUUID. Make
virSecretGetUUIDString follow normal API design pattern
* python/generator.py: Skip generation of virSecretGetUUID,
virSecretGetUUIDString and virSecretLookupByUUID
* python/libvir.c, python/libvirt-python-api.xml: Manual impl
of virSecretGetUUID,virSecretGetUUIDString and virSecretLookupByUUID
* qemud/remote.c: s/virSecretLookupByUUIDString/virSecretLookupByUUID/
Fix get_nonnull_secret/make_nonnull_secret to use unsigned char
* qemud/remote_protocol.x: Fix remote_nonnull_secret to use a
remote_uuid instead of remote_nonnull_string for UUID field.
Rename REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING to
REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING and make it take an
remote_uuid value
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.h, src/datatypes.c: Store UUID in raw format instead
of printable. Change virGetSecret to use raw format UUID
* src/driver.h: Rename virDrvSecretLookupByUUIDString to
virDrvSecretLookupByUUID and use raw format UUID
* src/libvirt.c: Add virSecretLookupByUUID and virSecretGetUUID
and re-implement virSecretLookupByUUIDString and
virSecretGetUUIDString in terms of those
* src/libvirt_public.syms: Add virSecretLookupByUUID and
virSecretGetUUID
* src/remote_internal.c: Rename remoteSecretLookupByUUIDString
to remoteSecretLookupByUUID. Fix typo in args for
remoteSecretDefineXML impl. Use raw UUID format for
get_nonnull_secret and make_nonnull_secret
* src/storage_encryption_conf.c, src/storage_encryption_conf.h:
Storage UUID in raw format, and require it to be present in
XML. Use UUID parser to validate.
* secret_conf.h, secret_conf.c: Generate a UUID if none is provided.
Storage UUID in raw format.
* src/secret_driver.c: Adjust to deal with raw UUIDs. Save secrets
in a filed with printable UUID, instead of base64 UUID.
* src/virsh.c: Adjust for changed public API contract of
virSecretGetUUIDString.
* src/storage_Backend.c: DOn't undefine secret we just generated
upon successful volume creation. Fix to handle raw UUIDs. Generate
a non-clashing UUID
* src/qemu_driver.c: Change to use lookupByUUID instead of
lookupByUUIDString
2009-09-10 16:44:12 +00:00
|
|
|
|
char uuidstr[VIR_UUID_STRING_BUFLEN];
|
|
|
|
|
|
virUUIDFormat(uuid, uuidstr);
|
2012-07-18 11:40:16 +00:00
|
|
|
|
virReportError(VIR_ERR_NO_SECRET,
|
|
|
|
|
|
_("no secret with matching uuid '%s'"), uuidstr);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2013-04-23 10:56:22 +00:00
|
|
|
|
if (virSecretLookupByUUIDEnsureACL(conn, secret->def) < 0)
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
ret = virGetSecret(conn,
|
|
|
|
|
|
secret->def->uuid,
|
|
|
|
|
|
secret->def->usage_type,
|
|
|
|
|
|
secretUsageIDForDef(secret->def));
|
|
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
|
secretDriverUnlock(driver);
|
|
|
|
|
|
return ret;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static virSecretPtr
|
|
|
|
|
|
secretLookupByUsage(virConnectPtr conn, int usageType, const char *usageID)
|
|
|
|
|
|
{
|
|
|
|
|
|
virSecretDriverStatePtr driver = conn->secretPrivateData;
|
|
|
|
|
|
virSecretPtr ret = NULL;
|
|
|
|
|
|
virSecretEntryPtr secret;
|
|
|
|
|
|
|
|
|
|
|
|
secretDriverLock(driver);
|
|
|
|
|
|
|
|
|
|
|
|
secret = secretFindByUsage(driver, usageType, usageID);
|
|
|
|
|
|
if (secret == NULL) {
|
2012-07-18 11:40:16 +00:00
|
|
|
|
virReportError(VIR_ERR_NO_SECRET,
|
|
|
|
|
|
_("no secret with matching usage '%s'"), usageID);
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2013-04-23 10:56:22 +00:00
|
|
|
|
if (virSecretLookupByUsageEnsureACL(conn, secret->def) < 0)
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
ret = virGetSecret(conn,
|
|
|
|
|
|
secret->def->uuid,
|
|
|
|
|
|
secret->def->usage_type,
|
|
|
|
|
|
secretUsageIDForDef(secret->def));
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
|
secretDriverUnlock(driver);
|
|
|
|
|
|
return ret;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static virSecretPtr
|
|
|
|
|
|
secretDefineXML(virConnectPtr conn, const char *xml,
|
2011-07-06 22:29:02 +00:00
|
|
|
|
unsigned int flags)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
{
|
|
|
|
|
|
virSecretDriverStatePtr driver = conn->secretPrivateData;
|
|
|
|
|
|
virSecretPtr ret = NULL;
|
|
|
|
|
|
virSecretEntryPtr secret;
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
virSecretDefPtr backup = NULL;
|
|
|
|
|
|
virSecretDefPtr new_attrs;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
2011-07-06 22:29:02 +00:00
|
|
|
|
virCheckFlags(0, NULL);
|
|
|
|
|
|
|
2010-02-10 12:33:34 +00:00
|
|
|
|
new_attrs = virSecretDefParseString(xml);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
if (new_attrs == NULL)
|
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
|
|
secretDriverLock(driver);
|
|
|
|
|
|
|
2013-04-23 10:56:22 +00:00
|
|
|
|
if (virSecretDefineXMLEnsureACL(conn, new_attrs) < 0)
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
secret = secretFindByUUID(driver, new_attrs->uuid);
|
|
|
|
|
|
if (secret == NULL) {
|
|
|
|
|
|
/* No existing secret with same UUID, try look for matching usage instead */
|
|
|
|
|
|
const char *usageID = secretUsageIDForDef(new_attrs);
|
|
|
|
|
|
secret = secretFindByUsage(driver, new_attrs->usage_type, usageID);
|
|
|
|
|
|
if (secret) {
|
|
|
|
|
|
char uuidstr[VIR_UUID_STRING_BUFLEN];
|
|
|
|
|
|
virUUIDFormat(secret->def->uuid, uuidstr);
|
2012-07-18 11:40:16 +00:00
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
|
_("a secret with UUID %s already defined for use with %s"),
|
|
|
|
|
|
uuidstr, usageID);
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
/* No existing secret at all, create one */
|
2013-07-04 10:15:29 +00:00
|
|
|
|
if (VIR_ALLOC(secret) < 0)
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
goto cleanup;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
listInsert(&driver->secrets, secret);
|
|
|
|
|
|
secret->def = new_attrs;
|
|
|
|
|
|
} else {
|
|
|
|
|
|
const char *newUsageID = secretUsageIDForDef(new_attrs);
|
|
|
|
|
|
const char *oldUsageID = secretUsageIDForDef(secret->def);
|
|
|
|
|
|
if (STRNEQ(oldUsageID, newUsageID)) {
|
|
|
|
|
|
char uuidstr[VIR_UUID_STRING_BUFLEN];
|
|
|
|
|
|
virUUIDFormat(secret->def->uuid, uuidstr);
|
2012-07-18 11:40:16 +00:00
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
|
_("a secret with UUID %s is already defined for use with %s"),
|
|
|
|
|
|
uuidstr, oldUsageID);
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (secret->def->private && !new_attrs->private) {
|
2012-07-18 11:40:16 +00:00
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
|
|
|
|
|
_("cannot change private flag on existing secret"));
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* Got an existing secret matches attrs, so reuse that */
|
|
|
|
|
|
backup = secret->def;
|
|
|
|
|
|
secret->def = new_attrs;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (!new_attrs->ephemeral) {
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
if (backup && backup->ephemeral) {
|
2010-02-10 12:33:34 +00:00
|
|
|
|
if (secretSaveValue(driver, secret) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto restore_backup;
|
|
|
|
|
|
}
|
2010-02-10 12:33:34 +00:00
|
|
|
|
if (secretSaveDef(driver, secret) < 0) {
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
if (backup && backup->ephemeral) {
|
2009-08-14 19:48:55 +00:00
|
|
|
|
char *filename;
|
|
|
|
|
|
|
|
|
|
|
|
/* Undo the secretSaveValue() above; ignore errors */
|
2010-02-10 12:33:34 +00:00
|
|
|
|
filename = secretBase64Path(driver, secret);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
if (filename != NULL)
|
|
|
|
|
|
(void)unlink(filename);
|
|
|
|
|
|
VIR_FREE(filename);
|
|
|
|
|
|
}
|
|
|
|
|
|
goto restore_backup;
|
|
|
|
|
|
}
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
} else if (backup && !backup->ephemeral) {
|
2010-02-10 12:33:34 +00:00
|
|
|
|
if (secretDeleteSaved(driver, secret) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto restore_backup;
|
|
|
|
|
|
}
|
2009-10-01 14:42:40 +00:00
|
|
|
|
/* Saved successfully - drop old values */
|
2009-08-14 19:48:55 +00:00
|
|
|
|
new_attrs = NULL;
|
|
|
|
|
|
virSecretDefFree(backup);
|
|
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
ret = virGetSecret(conn,
|
|
|
|
|
|
secret->def->uuid,
|
|
|
|
|
|
secret->def->usage_type,
|
|
|
|
|
|
secretUsageIDForDef(secret->def));
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
|
|
restore_backup:
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
if (backup) {
|
|
|
|
|
|
/* Error - restore previous state and free new attributes */
|
|
|
|
|
|
secret->def = backup;
|
|
|
|
|
|
} else {
|
2009-08-14 19:48:55 +00:00
|
|
|
|
/* "secret" was added to the head of the list above */
|
|
|
|
|
|
if (listUnlink(&driverState->secrets) != secret)
|
2012-07-18 11:40:16 +00:00
|
|
|
|
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
|
|
|
|
|
_("list of secrets is inconsistent"));
|
2009-08-14 19:48:55 +00:00
|
|
|
|
else
|
|
|
|
|
|
secretFree(secret);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
|
virSecretDefFree(new_attrs);
|
|
|
|
|
|
secretDriverUnlock(driver);
|
|
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static char *
|
2011-07-06 22:29:02 +00:00
|
|
|
|
secretGetXMLDesc(virSecretPtr obj, unsigned int flags)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
{
|
|
|
|
|
|
virSecretDriverStatePtr driver = obj->conn->secretPrivateData;
|
|
|
|
|
|
char *ret = NULL;
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
virSecretEntryPtr secret;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
2011-07-06 22:29:02 +00:00
|
|
|
|
virCheckFlags(0, NULL);
|
|
|
|
|
|
|
2009-08-14 19:48:55 +00:00
|
|
|
|
secretDriverLock(driver);
|
|
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
secret = secretFindByUUID(driver, obj->uuid);
|
|
|
|
|
|
if (secret == NULL) {
|
Fix UUID handling in secrets/storage encryption APIs
Convert all the secret/storage encryption APIs / wire format to
handle UUIDs in raw format instead of non-canonical printable
format. Guarentees data format correctness.
* docs/schemas/storageencryption.rng: Make UUID mandatory for a secret
and validate fully
* docs/schemas/secret.rng: Fully validate UUID
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in, Add
virSecretLookupByUUID and virSecretGetUUID. Make
virSecretGetUUIDString follow normal API design pattern
* python/generator.py: Skip generation of virSecretGetUUID,
virSecretGetUUIDString and virSecretLookupByUUID
* python/libvir.c, python/libvirt-python-api.xml: Manual impl
of virSecretGetUUID,virSecretGetUUIDString and virSecretLookupByUUID
* qemud/remote.c: s/virSecretLookupByUUIDString/virSecretLookupByUUID/
Fix get_nonnull_secret/make_nonnull_secret to use unsigned char
* qemud/remote_protocol.x: Fix remote_nonnull_secret to use a
remote_uuid instead of remote_nonnull_string for UUID field.
Rename REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING to
REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING and make it take an
remote_uuid value
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.h, src/datatypes.c: Store UUID in raw format instead
of printable. Change virGetSecret to use raw format UUID
* src/driver.h: Rename virDrvSecretLookupByUUIDString to
virDrvSecretLookupByUUID and use raw format UUID
* src/libvirt.c: Add virSecretLookupByUUID and virSecretGetUUID
and re-implement virSecretLookupByUUIDString and
virSecretGetUUIDString in terms of those
* src/libvirt_public.syms: Add virSecretLookupByUUID and
virSecretGetUUID
* src/remote_internal.c: Rename remoteSecretLookupByUUIDString
to remoteSecretLookupByUUID. Fix typo in args for
remoteSecretDefineXML impl. Use raw UUID format for
get_nonnull_secret and make_nonnull_secret
* src/storage_encryption_conf.c, src/storage_encryption_conf.h:
Storage UUID in raw format, and require it to be present in
XML. Use UUID parser to validate.
* secret_conf.h, secret_conf.c: Generate a UUID if none is provided.
Storage UUID in raw format.
* src/secret_driver.c: Adjust to deal with raw UUIDs. Save secrets
in a filed with printable UUID, instead of base64 UUID.
* src/virsh.c: Adjust for changed public API contract of
virSecretGetUUIDString.
* src/storage_Backend.c: DOn't undefine secret we just generated
upon successful volume creation. Fix to handle raw UUIDs. Generate
a non-clashing UUID
* src/qemu_driver.c: Change to use lookupByUUID instead of
lookupByUUIDString
2009-09-10 16:44:12 +00:00
|
|
|
|
char uuidstr[VIR_UUID_STRING_BUFLEN];
|
|
|
|
|
|
virUUIDFormat(obj->uuid, uuidstr);
|
2012-07-18 11:40:16 +00:00
|
|
|
|
virReportError(VIR_ERR_NO_SECRET,
|
|
|
|
|
|
_("no secret with matching uuid '%s'"), uuidstr);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2013-04-23 10:56:22 +00:00
|
|
|
|
if (virSecretGetXMLDescEnsureACL(obj->conn, secret->def) < 0)
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
2010-02-10 12:33:34 +00:00
|
|
|
|
ret = virSecretDefFormat(secret->def);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
|
secretDriverUnlock(driver);
|
|
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
|
secretSetValue(virSecretPtr obj, const unsigned char *value,
|
2011-07-06 22:29:02 +00:00
|
|
|
|
size_t value_size, unsigned int flags)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
{
|
|
|
|
|
|
virSecretDriverStatePtr driver = obj->conn->secretPrivateData;
|
|
|
|
|
|
int ret = -1;
|
|
|
|
|
|
unsigned char *old_value, *new_value;
|
|
|
|
|
|
size_t old_value_size;
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
virSecretEntryPtr secret;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
2011-07-06 22:29:02 +00:00
|
|
|
|
virCheckFlags(0, -1);
|
|
|
|
|
|
|
2013-07-04 10:15:29 +00:00
|
|
|
|
if (VIR_ALLOC_N(new_value, value_size) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
|
|
secretDriverLock(driver);
|
|
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
secret = secretFindByUUID(driver, obj->uuid);
|
|
|
|
|
|
if (secret == NULL) {
|
Fix UUID handling in secrets/storage encryption APIs
Convert all the secret/storage encryption APIs / wire format to
handle UUIDs in raw format instead of non-canonical printable
format. Guarentees data format correctness.
* docs/schemas/storageencryption.rng: Make UUID mandatory for a secret
and validate fully
* docs/schemas/secret.rng: Fully validate UUID
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in, Add
virSecretLookupByUUID and virSecretGetUUID. Make
virSecretGetUUIDString follow normal API design pattern
* python/generator.py: Skip generation of virSecretGetUUID,
virSecretGetUUIDString and virSecretLookupByUUID
* python/libvir.c, python/libvirt-python-api.xml: Manual impl
of virSecretGetUUID,virSecretGetUUIDString and virSecretLookupByUUID
* qemud/remote.c: s/virSecretLookupByUUIDString/virSecretLookupByUUID/
Fix get_nonnull_secret/make_nonnull_secret to use unsigned char
* qemud/remote_protocol.x: Fix remote_nonnull_secret to use a
remote_uuid instead of remote_nonnull_string for UUID field.
Rename REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING to
REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING and make it take an
remote_uuid value
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.h, src/datatypes.c: Store UUID in raw format instead
of printable. Change virGetSecret to use raw format UUID
* src/driver.h: Rename virDrvSecretLookupByUUIDString to
virDrvSecretLookupByUUID and use raw format UUID
* src/libvirt.c: Add virSecretLookupByUUID and virSecretGetUUID
and re-implement virSecretLookupByUUIDString and
virSecretGetUUIDString in terms of those
* src/libvirt_public.syms: Add virSecretLookupByUUID and
virSecretGetUUID
* src/remote_internal.c: Rename remoteSecretLookupByUUIDString
to remoteSecretLookupByUUID. Fix typo in args for
remoteSecretDefineXML impl. Use raw UUID format for
get_nonnull_secret and make_nonnull_secret
* src/storage_encryption_conf.c, src/storage_encryption_conf.h:
Storage UUID in raw format, and require it to be present in
XML. Use UUID parser to validate.
* secret_conf.h, secret_conf.c: Generate a UUID if none is provided.
Storage UUID in raw format.
* src/secret_driver.c: Adjust to deal with raw UUIDs. Save secrets
in a filed with printable UUID, instead of base64 UUID.
* src/virsh.c: Adjust for changed public API contract of
virSecretGetUUIDString.
* src/storage_Backend.c: DOn't undefine secret we just generated
upon successful volume creation. Fix to handle raw UUIDs. Generate
a non-clashing UUID
* src/qemu_driver.c: Change to use lookupByUUID instead of
lookupByUUIDString
2009-09-10 16:44:12 +00:00
|
|
|
|
char uuidstr[VIR_UUID_STRING_BUFLEN];
|
|
|
|
|
|
virUUIDFormat(obj->uuid, uuidstr);
|
2012-07-18 11:40:16 +00:00
|
|
|
|
virReportError(VIR_ERR_NO_SECRET,
|
|
|
|
|
|
_("no secret with matching uuid '%s'"), uuidstr);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2013-04-23 10:56:22 +00:00
|
|
|
|
if (virSecretSetValueEnsureACL(obj->conn, secret->def) < 0)
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
2009-08-14 19:48:55 +00:00
|
|
|
|
old_value = secret->value;
|
|
|
|
|
|
old_value_size = secret->value_size;
|
|
|
|
|
|
|
|
|
|
|
|
memcpy(new_value, value, value_size);
|
|
|
|
|
|
secret->value = new_value;
|
|
|
|
|
|
secret->value_size = value_size;
|
|
|
|
|
|
if (!secret->def->ephemeral) {
|
2010-02-10 12:33:34 +00:00
|
|
|
|
if (secretSaveValue(driver, secret) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto restore_backup;
|
|
|
|
|
|
}
|
2009-10-01 14:42:40 +00:00
|
|
|
|
/* Saved successfully - drop old value */
|
2009-08-14 19:48:55 +00:00
|
|
|
|
if (old_value != NULL) {
|
|
|
|
|
|
memset(old_value, 0, old_value_size);
|
|
|
|
|
|
VIR_FREE(old_value);
|
|
|
|
|
|
}
|
|
|
|
|
|
new_value = NULL;
|
|
|
|
|
|
|
|
|
|
|
|
ret = 0;
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
|
|
restore_backup:
|
|
|
|
|
|
/* Error - restore previous state and free new value */
|
|
|
|
|
|
secret->value = old_value;
|
|
|
|
|
|
secret->value_size = old_value_size;
|
|
|
|
|
|
memset(new_value, 0, value_size);
|
|
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
|
secretDriverUnlock(driver);
|
|
|
|
|
|
|
|
|
|
|
|
VIR_FREE(new_value);
|
|
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static unsigned char *
|
libvirt: do not mix internal flags into public API
There were two API in driver.c that were silently masking flags
bits prior to calling out to the drivers, and several others
that were explicitly masking flags bits. This is not
forward-compatible - if we ever have that many flags in the
future, then talking to an old server that masks out the
flags would be indistinguishable from talking to a new server
that can honor the flag. In general, libvirt.c should forward
_all_ flags on to drivers, and only the drivers should reject
unknown flags.
In the case of virDrvSecretGetValue, the solution is to separate
the internal driver callback function to have two parameters
instead of one, with only one parameter affected by the public
API. In the case of virDomainGetXMLDesc, it turns out that
no one was ever mixing VIR_DOMAIN_XML_INTERNAL_STATUS with
the dumpxml path in the first place; that internal flag was
only used in saving and restoring state files, which happened
to be in functions internal to a single file, so there is no
mixing of the internal flag with a public flags argument.
Additionally, virDomainMemoryStats passed a flags argument
over RPC, but not to the driver.
* src/driver.h (VIR_DOMAIN_XML_FLAGS_MASK)
(VIR_SECRET_GET_VALUE_FLAGS_MASK): Delete.
(virDrvSecretGetValue): Separate out internal flags.
(virDrvDomainMemoryStats): Provide missing flags argument.
* src/driver.c (verify): Drop unused check.
* src/conf/domain_conf.h (virDomainObjParseFile): Delete
declaration.
(virDomainXMLInternalFlags): Move...
* src/conf/domain_conf.c: ...here. Delete redundant include.
(virDomainObjParseFile): Make static.
* src/libvirt.c (virDomainGetXMLDesc, virSecretGetValue): Update
clients.
(virDomainMemoryPeek, virInterfaceGetXMLDesc)
(virDomainMemoryStats, virDomainBlockPeek, virNetworkGetXMLDesc)
(virStoragePoolGetXMLDesc, virStorageVolGetXMLDesc)
(virNodeNumOfDevices, virNodeListDevices, virNWFilterGetXMLDesc):
Don't mask unknown flags.
* src/interface/netcf_driver.c (interfaceGetXMLDesc): Reject
unknown flags.
* src/secret/secret_driver.c (secretGetValue): Update clients.
* src/remote/remote_driver.c (remoteSecretGetValue)
(remoteDomainMemoryStats): Likewise.
* src/qemu/qemu_process.c (qemuProcessGetVolumeQcowPassphrase):
Likewise.
* src/qemu/qemu_driver.c (qemudDomainMemoryStats): Likewise.
* daemon/remote.c (remoteDispatchDomainMemoryStats): Likewise.
2011-07-13 21:31:56 +00:00
|
|
|
|
secretGetValue(virSecretPtr obj, size_t *value_size, unsigned int flags,
|
|
|
|
|
|
unsigned int internalFlags)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
{
|
|
|
|
|
|
virSecretDriverStatePtr driver = obj->conn->secretPrivateData;
|
|
|
|
|
|
unsigned char *ret = NULL;
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
virSecretEntryPtr secret;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
libvirt: do not mix internal flags into public API
There were two API in driver.c that were silently masking flags
bits prior to calling out to the drivers, and several others
that were explicitly masking flags bits. This is not
forward-compatible - if we ever have that many flags in the
future, then talking to an old server that masks out the
flags would be indistinguishable from talking to a new server
that can honor the flag. In general, libvirt.c should forward
_all_ flags on to drivers, and only the drivers should reject
unknown flags.
In the case of virDrvSecretGetValue, the solution is to separate
the internal driver callback function to have two parameters
instead of one, with only one parameter affected by the public
API. In the case of virDomainGetXMLDesc, it turns out that
no one was ever mixing VIR_DOMAIN_XML_INTERNAL_STATUS with
the dumpxml path in the first place; that internal flag was
only used in saving and restoring state files, which happened
to be in functions internal to a single file, so there is no
mixing of the internal flag with a public flags argument.
Additionally, virDomainMemoryStats passed a flags argument
over RPC, but not to the driver.
* src/driver.h (VIR_DOMAIN_XML_FLAGS_MASK)
(VIR_SECRET_GET_VALUE_FLAGS_MASK): Delete.
(virDrvSecretGetValue): Separate out internal flags.
(virDrvDomainMemoryStats): Provide missing flags argument.
* src/driver.c (verify): Drop unused check.
* src/conf/domain_conf.h (virDomainObjParseFile): Delete
declaration.
(virDomainXMLInternalFlags): Move...
* src/conf/domain_conf.c: ...here. Delete redundant include.
(virDomainObjParseFile): Make static.
* src/libvirt.c (virDomainGetXMLDesc, virSecretGetValue): Update
clients.
(virDomainMemoryPeek, virInterfaceGetXMLDesc)
(virDomainMemoryStats, virDomainBlockPeek, virNetworkGetXMLDesc)
(virStoragePoolGetXMLDesc, virStorageVolGetXMLDesc)
(virNodeNumOfDevices, virNodeListDevices, virNWFilterGetXMLDesc):
Don't mask unknown flags.
* src/interface/netcf_driver.c (interfaceGetXMLDesc): Reject
unknown flags.
* src/secret/secret_driver.c (secretGetValue): Update clients.
* src/remote/remote_driver.c (remoteSecretGetValue)
(remoteDomainMemoryStats): Likewise.
* src/qemu/qemu_process.c (qemuProcessGetVolumeQcowPassphrase):
Likewise.
* src/qemu/qemu_driver.c (qemudDomainMemoryStats): Likewise.
* daemon/remote.c (remoteDispatchDomainMemoryStats): Likewise.
2011-07-13 21:31:56 +00:00
|
|
|
|
virCheckFlags(0, NULL);
|
|
|
|
|
|
|
2009-08-14 19:48:55 +00:00
|
|
|
|
secretDriverLock(driver);
|
|
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
secret = secretFindByUUID(driver, obj->uuid);
|
|
|
|
|
|
if (secret == NULL) {
|
Fix UUID handling in secrets/storage encryption APIs
Convert all the secret/storage encryption APIs / wire format to
handle UUIDs in raw format instead of non-canonical printable
format. Guarentees data format correctness.
* docs/schemas/storageencryption.rng: Make UUID mandatory for a secret
and validate fully
* docs/schemas/secret.rng: Fully validate UUID
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in, Add
virSecretLookupByUUID and virSecretGetUUID. Make
virSecretGetUUIDString follow normal API design pattern
* python/generator.py: Skip generation of virSecretGetUUID,
virSecretGetUUIDString and virSecretLookupByUUID
* python/libvir.c, python/libvirt-python-api.xml: Manual impl
of virSecretGetUUID,virSecretGetUUIDString and virSecretLookupByUUID
* qemud/remote.c: s/virSecretLookupByUUIDString/virSecretLookupByUUID/
Fix get_nonnull_secret/make_nonnull_secret to use unsigned char
* qemud/remote_protocol.x: Fix remote_nonnull_secret to use a
remote_uuid instead of remote_nonnull_string for UUID field.
Rename REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING to
REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING and make it take an
remote_uuid value
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.h, src/datatypes.c: Store UUID in raw format instead
of printable. Change virGetSecret to use raw format UUID
* src/driver.h: Rename virDrvSecretLookupByUUIDString to
virDrvSecretLookupByUUID and use raw format UUID
* src/libvirt.c: Add virSecretLookupByUUID and virSecretGetUUID
and re-implement virSecretLookupByUUIDString and
virSecretGetUUIDString in terms of those
* src/libvirt_public.syms: Add virSecretLookupByUUID and
virSecretGetUUID
* src/remote_internal.c: Rename remoteSecretLookupByUUIDString
to remoteSecretLookupByUUID. Fix typo in args for
remoteSecretDefineXML impl. Use raw UUID format for
get_nonnull_secret and make_nonnull_secret
* src/storage_encryption_conf.c, src/storage_encryption_conf.h:
Storage UUID in raw format, and require it to be present in
XML. Use UUID parser to validate.
* secret_conf.h, secret_conf.c: Generate a UUID if none is provided.
Storage UUID in raw format.
* src/secret_driver.c: Adjust to deal with raw UUIDs. Save secrets
in a filed with printable UUID, instead of base64 UUID.
* src/virsh.c: Adjust for changed public API contract of
virSecretGetUUIDString.
* src/storage_Backend.c: DOn't undefine secret we just generated
upon successful volume creation. Fix to handle raw UUIDs. Generate
a non-clashing UUID
* src/qemu_driver.c: Change to use lookupByUUID instead of
lookupByUUIDString
2009-09-10 16:44:12 +00:00
|
|
|
|
char uuidstr[VIR_UUID_STRING_BUFLEN];
|
|
|
|
|
|
virUUIDFormat(obj->uuid, uuidstr);
|
2012-07-18 11:40:16 +00:00
|
|
|
|
virReportError(VIR_ERR_NO_SECRET,
|
|
|
|
|
|
_("no secret with matching uuid '%s'"), uuidstr);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
|
2013-04-23 10:56:22 +00:00
|
|
|
|
if (virSecretGetValueEnsureACL(obj->conn, secret->def) < 0)
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
2009-08-14 19:48:55 +00:00
|
|
|
|
if (secret->value == NULL) {
|
Fix UUID handling in secrets/storage encryption APIs
Convert all the secret/storage encryption APIs / wire format to
handle UUIDs in raw format instead of non-canonical printable
format. Guarentees data format correctness.
* docs/schemas/storageencryption.rng: Make UUID mandatory for a secret
and validate fully
* docs/schemas/secret.rng: Fully validate UUID
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in, Add
virSecretLookupByUUID and virSecretGetUUID. Make
virSecretGetUUIDString follow normal API design pattern
* python/generator.py: Skip generation of virSecretGetUUID,
virSecretGetUUIDString and virSecretLookupByUUID
* python/libvir.c, python/libvirt-python-api.xml: Manual impl
of virSecretGetUUID,virSecretGetUUIDString and virSecretLookupByUUID
* qemud/remote.c: s/virSecretLookupByUUIDString/virSecretLookupByUUID/
Fix get_nonnull_secret/make_nonnull_secret to use unsigned char
* qemud/remote_protocol.x: Fix remote_nonnull_secret to use a
remote_uuid instead of remote_nonnull_string for UUID field.
Rename REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING to
REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING and make it take an
remote_uuid value
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.h, src/datatypes.c: Store UUID in raw format instead
of printable. Change virGetSecret to use raw format UUID
* src/driver.h: Rename virDrvSecretLookupByUUIDString to
virDrvSecretLookupByUUID and use raw format UUID
* src/libvirt.c: Add virSecretLookupByUUID and virSecretGetUUID
and re-implement virSecretLookupByUUIDString and
virSecretGetUUIDString in terms of those
* src/libvirt_public.syms: Add virSecretLookupByUUID and
virSecretGetUUID
* src/remote_internal.c: Rename remoteSecretLookupByUUIDString
to remoteSecretLookupByUUID. Fix typo in args for
remoteSecretDefineXML impl. Use raw UUID format for
get_nonnull_secret and make_nonnull_secret
* src/storage_encryption_conf.c, src/storage_encryption_conf.h:
Storage UUID in raw format, and require it to be present in
XML. Use UUID parser to validate.
* secret_conf.h, secret_conf.c: Generate a UUID if none is provided.
Storage UUID in raw format.
* src/secret_driver.c: Adjust to deal with raw UUIDs. Save secrets
in a filed with printable UUID, instead of base64 UUID.
* src/virsh.c: Adjust for changed public API contract of
virSecretGetUUIDString.
* src/storage_Backend.c: DOn't undefine secret we just generated
upon successful volume creation. Fix to handle raw UUIDs. Generate
a non-clashing UUID
* src/qemu_driver.c: Change to use lookupByUUID instead of
lookupByUUIDString
2009-09-10 16:44:12 +00:00
|
|
|
|
char uuidstr[VIR_UUID_STRING_BUFLEN];
|
|
|
|
|
|
virUUIDFormat(obj->uuid, uuidstr);
|
2012-07-18 11:40:16 +00:00
|
|
|
|
virReportError(VIR_ERR_NO_SECRET,
|
|
|
|
|
|
_("secret '%s' does not have a value"), uuidstr);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
libvirt: do not mix internal flags into public API
There were two API in driver.c that were silently masking flags
bits prior to calling out to the drivers, and several others
that were explicitly masking flags bits. This is not
forward-compatible - if we ever have that many flags in the
future, then talking to an old server that masks out the
flags would be indistinguishable from talking to a new server
that can honor the flag. In general, libvirt.c should forward
_all_ flags on to drivers, and only the drivers should reject
unknown flags.
In the case of virDrvSecretGetValue, the solution is to separate
the internal driver callback function to have two parameters
instead of one, with only one parameter affected by the public
API. In the case of virDomainGetXMLDesc, it turns out that
no one was ever mixing VIR_DOMAIN_XML_INTERNAL_STATUS with
the dumpxml path in the first place; that internal flag was
only used in saving and restoring state files, which happened
to be in functions internal to a single file, so there is no
mixing of the internal flag with a public flags argument.
Additionally, virDomainMemoryStats passed a flags argument
over RPC, but not to the driver.
* src/driver.h (VIR_DOMAIN_XML_FLAGS_MASK)
(VIR_SECRET_GET_VALUE_FLAGS_MASK): Delete.
(virDrvSecretGetValue): Separate out internal flags.
(virDrvDomainMemoryStats): Provide missing flags argument.
* src/driver.c (verify): Drop unused check.
* src/conf/domain_conf.h (virDomainObjParseFile): Delete
declaration.
(virDomainXMLInternalFlags): Move...
* src/conf/domain_conf.c: ...here. Delete redundant include.
(virDomainObjParseFile): Make static.
* src/libvirt.c (virDomainGetXMLDesc, virSecretGetValue): Update
clients.
(virDomainMemoryPeek, virInterfaceGetXMLDesc)
(virDomainMemoryStats, virDomainBlockPeek, virNetworkGetXMLDesc)
(virStoragePoolGetXMLDesc, virStorageVolGetXMLDesc)
(virNodeNumOfDevices, virNodeListDevices, virNWFilterGetXMLDesc):
Don't mask unknown flags.
* src/interface/netcf_driver.c (interfaceGetXMLDesc): Reject
unknown flags.
* src/secret/secret_driver.c (secretGetValue): Update clients.
* src/remote/remote_driver.c (remoteSecretGetValue)
(remoteDomainMemoryStats): Likewise.
* src/qemu/qemu_process.c (qemuProcessGetVolumeQcowPassphrase):
Likewise.
* src/qemu/qemu_driver.c (qemudDomainMemoryStats): Likewise.
* daemon/remote.c (remoteDispatchDomainMemoryStats): Likewise.
2011-07-13 21:31:56 +00:00
|
|
|
|
if ((internalFlags & VIR_SECRET_GET_VALUE_INTERNAL_CALL) == 0 &&
|
2009-08-14 19:48:55 +00:00
|
|
|
|
secret->def->private) {
|
2012-09-18 10:01:46 +00:00
|
|
|
|
virReportError(VIR_ERR_INVALID_SECRET, "%s",
|
2012-07-18 11:40:16 +00:00
|
|
|
|
_("secret is private"));
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2013-07-04 10:15:29 +00:00
|
|
|
|
if (VIR_ALLOC_N(ret, secret->value_size) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
memcpy(ret, secret->value, secret->value_size);
|
|
|
|
|
|
*value_size = secret->value_size;
|
|
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
|
secretDriverUnlock(driver);
|
|
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
|
secretUndefine(virSecretPtr obj)
|
|
|
|
|
|
{
|
|
|
|
|
|
virSecretDriverStatePtr driver = obj->conn->secretPrivateData;
|
|
|
|
|
|
int ret = -1;
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
virSecretEntryPtr secret;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
|
|
|
|
|
|
secretDriverLock(driver);
|
|
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
secret = secretFindByUUID(driver, obj->uuid);
|
|
|
|
|
|
if (secret == NULL) {
|
Fix UUID handling in secrets/storage encryption APIs
Convert all the secret/storage encryption APIs / wire format to
handle UUIDs in raw format instead of non-canonical printable
format. Guarentees data format correctness.
* docs/schemas/storageencryption.rng: Make UUID mandatory for a secret
and validate fully
* docs/schemas/secret.rng: Fully validate UUID
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in, Add
virSecretLookupByUUID and virSecretGetUUID. Make
virSecretGetUUIDString follow normal API design pattern
* python/generator.py: Skip generation of virSecretGetUUID,
virSecretGetUUIDString and virSecretLookupByUUID
* python/libvir.c, python/libvirt-python-api.xml: Manual impl
of virSecretGetUUID,virSecretGetUUIDString and virSecretLookupByUUID
* qemud/remote.c: s/virSecretLookupByUUIDString/virSecretLookupByUUID/
Fix get_nonnull_secret/make_nonnull_secret to use unsigned char
* qemud/remote_protocol.x: Fix remote_nonnull_secret to use a
remote_uuid instead of remote_nonnull_string for UUID field.
Rename REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING to
REMOTE_PROC_SECRET_LOOKUP_BY_UUID_STRING and make it take an
remote_uuid value
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.h, src/datatypes.c: Store UUID in raw format instead
of printable. Change virGetSecret to use raw format UUID
* src/driver.h: Rename virDrvSecretLookupByUUIDString to
virDrvSecretLookupByUUID and use raw format UUID
* src/libvirt.c: Add virSecretLookupByUUID and virSecretGetUUID
and re-implement virSecretLookupByUUIDString and
virSecretGetUUIDString in terms of those
* src/libvirt_public.syms: Add virSecretLookupByUUID and
virSecretGetUUID
* src/remote_internal.c: Rename remoteSecretLookupByUUIDString
to remoteSecretLookupByUUID. Fix typo in args for
remoteSecretDefineXML impl. Use raw UUID format for
get_nonnull_secret and make_nonnull_secret
* src/storage_encryption_conf.c, src/storage_encryption_conf.h:
Storage UUID in raw format, and require it to be present in
XML. Use UUID parser to validate.
* secret_conf.h, secret_conf.c: Generate a UUID if none is provided.
Storage UUID in raw format.
* src/secret_driver.c: Adjust to deal with raw UUIDs. Save secrets
in a filed with printable UUID, instead of base64 UUID.
* src/virsh.c: Adjust for changed public API contract of
virSecretGetUUIDString.
* src/storage_Backend.c: DOn't undefine secret we just generated
upon successful volume creation. Fix to handle raw UUIDs. Generate
a non-clashing UUID
* src/qemu_driver.c: Change to use lookupByUUID instead of
lookupByUUIDString
2009-09-10 16:44:12 +00:00
|
|
|
|
char uuidstr[VIR_UUID_STRING_BUFLEN];
|
|
|
|
|
|
virUUIDFormat(obj->uuid, uuidstr);
|
2012-07-18 11:40:16 +00:00
|
|
|
|
virReportError(VIR_ERR_NO_SECRET,
|
|
|
|
|
|
_("no secret with matching uuid '%s'"), uuidstr);
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2013-04-23 10:56:22 +00:00
|
|
|
|
if (virSecretUndefineEnsureACL(obj->conn, secret->def) < 0)
|
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
if (!secret->def->ephemeral &&
|
2010-02-10 12:33:34 +00:00
|
|
|
|
secretDeleteSaved(driver, secret) < 0)
|
Add usage type/id as a public API property of virSecret
* include/libvirt/libvirt.h, include/libvirt/libvirt.h.in: Add
virSecretGetUsageType, virSecretGetUsageID and virLookupSecretByUsage
* python/generator.py: Mark virSecretGetUsageType, virSecretGetUsageID
as not throwing exceptions
* qemud/remote.c: Implement dispatch for virLookupSecretByUsage
* qemud/remote_protocol.x: Add usage type & ID as attributes of
remote_nonnull_secret. Add RPC calls for new public APIs
* qemud/remote_dispatch_args.h, qemud/remote_dispatch_prototypes.h,
qemud/remote_dispatch_ret.h, qemud/remote_dispatch_table.h,
qemud/remote_protocol.c, qemud/remote_protocol.h: Re-generate
* src/datatypes.c, src/datatypes.h: Add usageType and usageID as
properties of virSecretPtr
* src/driver.h: Add virLookupSecretByUsage driver entry point
* src/libvirt.c: Implement virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/libvirt_public.syms: Export virSecretGetUsageType, virSecretGetUsageID
and virLookupSecretByUsage
* src/remote_internal.c: Implement virLookupSecretByUsage entry
* src/secret_conf.c, src/secret_conf.h: Remove the
virSecretUsageType enum, now in public API. Make volume
path mandatory when parsing XML
* src/secret_driver.c: Enforce usage uniqueness when defining secrets.
Implement virSecretLookupByUsage api method
* src/virsh.c: Include usage for secret-list command
2009-09-11 13:06:15 +00:00
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
|
|
if (driver->secrets == secret) {
|
|
|
|
|
|
driver->secrets = secret->next;
|
|
|
|
|
|
} else {
|
|
|
|
|
|
virSecretEntryPtr tmp = driver->secrets;
|
|
|
|
|
|
while (tmp && tmp->next != secret)
|
|
|
|
|
|
tmp = tmp->next;
|
|
|
|
|
|
if (tmp)
|
|
|
|
|
|
tmp->next = secret->next;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
}
|
|
|
|
|
|
secretFree(secret);
|
|
|
|
|
|
|
|
|
|
|
|
ret = 0;
|
|
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
|
secretDriverUnlock(driver);
|
|
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2013-04-23 12:50:18 +00:00
|
|
|
|
secretStateCleanup(void)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
{
|
|
|
|
|
|
if (driverState == NULL)
|
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
|
|
secretDriverLock(driverState);
|
|
|
|
|
|
|
|
|
|
|
|
while (driverState->secrets != NULL) {
|
|
|
|
|
|
virSecretEntryPtr s;
|
|
|
|
|
|
|
|
|
|
|
|
s = listUnlink(&driverState->secrets);
|
|
|
|
|
|
secretFree(s);
|
|
|
|
|
|
}
|
|
|
|
|
|
VIR_FREE(driverState->directory);
|
|
|
|
|
|
|
|
|
|
|
|
secretDriverUnlock(driverState);
|
|
|
|
|
|
virMutexDestroy(&driverState->lock);
|
|
|
|
|
|
VIR_FREE(driverState);
|
|
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2013-04-23 12:50:18 +00:00
|
|
|
|
secretStateInitialize(bool privileged,
|
|
|
|
|
|
virStateInhibitCallback callback ATTRIBUTE_UNUSED,
|
|
|
|
|
|
void *opaque ATTRIBUTE_UNUSED)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
{
|
|
|
|
|
|
char *base = NULL;
|
|
|
|
|
|
|
|
|
|
|
|
if (VIR_ALLOC(driverState) < 0)
|
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
|
|
if (virMutexInit(&driverState->lock) < 0) {
|
|
|
|
|
|
VIR_FREE(driverState);
|
|
|
|
|
|
return -1;
|
|
|
|
|
|
}
|
|
|
|
|
|
secretDriverLock(driverState);
|
|
|
|
|
|
|
|
|
|
|
|
if (privileged) {
|
2013-05-03 12:48:16 +00:00
|
|
|
|
if (VIR_STRDUP(base, SYSCONFDIR "/libvirt") < 0)
|
|
|
|
|
|
goto error;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
} else {
|
2012-05-24 12:29:42 +00:00
|
|
|
|
base = virGetUserConfigDirectory();
|
2012-05-03 16:36:27 +00:00
|
|
|
|
if (!base)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto error;
|
|
|
|
|
|
}
|
2013-07-04 10:15:29 +00:00
|
|
|
|
if (virAsprintf(&driverState->directory, "%s/secrets", base) < 0)
|
|
|
|
|
|
goto error;
|
2009-08-14 19:48:55 +00:00
|
|
|
|
VIR_FREE(base);
|
|
|
|
|
|
|
2010-02-10 12:33:34 +00:00
|
|
|
|
if (loadSecrets(driverState, &driverState->secrets) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto error;
|
|
|
|
|
|
|
|
|
|
|
|
secretDriverUnlock(driverState);
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
|
|
error:
|
|
|
|
|
|
VIR_FREE(base);
|
|
|
|
|
|
secretDriverUnlock(driverState);
|
2013-04-23 12:50:18 +00:00
|
|
|
|
secretStateCleanup();
|
2009-08-14 19:48:55 +00:00
|
|
|
|
return -1;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2013-04-23 12:50:18 +00:00
|
|
|
|
secretStateReload(void)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
{
|
|
|
|
|
|
virSecretEntryPtr new_secrets = NULL;
|
|
|
|
|
|
|
|
|
|
|
|
if (!driverState)
|
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
|
|
secretDriverLock(driverState);
|
|
|
|
|
|
|
2010-02-10 12:33:34 +00:00
|
|
|
|
if (loadSecrets(driverState, &new_secrets) < 0)
|
2009-08-14 19:48:55 +00:00
|
|
|
|
goto end;
|
|
|
|
|
|
|
|
|
|
|
|
/* Keep ephemeral secrets from current state. Discard non-ephemeral secrets
|
|
|
|
|
|
that were removed by the secrets directory. */
|
|
|
|
|
|
while (driverState->secrets != NULL) {
|
|
|
|
|
|
virSecretEntryPtr s;
|
|
|
|
|
|
|
|
|
|
|
|
s = listUnlink(&driverState->secrets);
|
|
|
|
|
|
if (s->def->ephemeral)
|
|
|
|
|
|
listInsert(&new_secrets, s);
|
|
|
|
|
|
else
|
|
|
|
|
|
secretFree(s);
|
|
|
|
|
|
}
|
|
|
|
|
|
driverState->secrets = new_secrets;
|
|
|
|
|
|
|
|
|
|
|
|
end:
|
|
|
|
|
|
secretDriverUnlock(driverState);
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static virSecretDriver secretDriver = {
|
|
|
|
|
|
.name = "secret",
|
2013-04-23 12:49:21 +00:00
|
|
|
|
.secretOpen = secretOpen, /* 0.7.1 */
|
|
|
|
|
|
.secretClose = secretClose, /* 0.7.1 */
|
2013-04-23 12:50:18 +00:00
|
|
|
|
.connectNumOfSecrets = secretConnectNumOfSecrets, /* 0.7.1 */
|
|
|
|
|
|
.connectListSecrets = secretConnectListSecrets, /* 0.7.1 */
|
|
|
|
|
|
.connectListAllSecrets = secretConnectListAllSecrets, /* 0.10.2 */
|
2013-04-22 17:26:01 +00:00
|
|
|
|
.secretLookupByUUID = secretLookupByUUID, /* 0.7.1 */
|
|
|
|
|
|
.secretLookupByUsage = secretLookupByUsage, /* 0.7.1 */
|
|
|
|
|
|
.secretDefineXML = secretDefineXML, /* 0.7.1 */
|
|
|
|
|
|
.secretGetXMLDesc = secretGetXMLDesc, /* 0.7.1 */
|
|
|
|
|
|
.secretSetValue = secretSetValue, /* 0.7.1 */
|
|
|
|
|
|
.secretGetValue = secretGetValue, /* 0.7.1 */
|
|
|
|
|
|
.secretUndefine = secretUndefine, /* 0.7.1 */
|
2009-08-14 19:48:55 +00:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
static virStateDriver stateDriver = {
|
Fix return value in virStateInitialize impl for LXC
The LXC driver was mistakenly returning -1 for lxcStartup()
in scenarios that are not an error. This caused the libvirtd
to quit for unprivileged users. This fixes the return code
of LXC driver, and also adds a "name" field to the virStateDriver
struct and logging to make it easier to find these problems
in the future
* src/driver.h: Add a 'name' field to state driver to allow
easy identification during failures
* src/libvirt.c: Log name of failed driver for virStateInit
failures
* src/lxc/lxc_driver.c: Don't return a failure code for
lxcStartup() if LXC is not available on this host, simply
disable the driver.
* src/network/bridge_driver.c, src/node_device/node_device_devkit.c,
src/node_device/node_device_hal.c, src/opennebula/one_driver.c,
src/qemu/qemu_driver.c, src/remote/remote_driver.c,
src/secret/secret_driver.c, src/storage/storage_driver.c,
src/uml/uml_driver.c, src/xen/xen_driver.c: Fill in name
field in virStateDriver struct
2009-11-02 23:18:19 +00:00
|
|
|
|
.name = "Secret",
|
2013-04-23 12:50:18 +00:00
|
|
|
|
.stateInitialize = secretStateInitialize,
|
|
|
|
|
|
.stateCleanup = secretStateCleanup,
|
|
|
|
|
|
.stateReload = secretStateReload,
|
2009-08-14 19:48:55 +00:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
int
|
|
|
|
|
|
secretRegister(void)
|
|
|
|
|
|
{
|
|
|
|
|
|
virRegisterSecretDriver(&secretDriver);
|
|
|
|
|
|
virRegisterStateDriver(&stateDriver);
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
