External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-10-06 22:35:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
bfd91dc0c4
libvirt/src/util/virauth.c

279 lines
7.1 KiB
C
Raw Normal View History

esx: Move username and password helper functions to authhelper.c
2010-03-14 19:50:14 +00:00
/*
Rename src/util/authhelper.[ch] to src/util/virauth.[ch] To follow latest naming conventions, rename src/util/authhelper.[ch] to src/util/virauth.[ch]. * src/util/authhelper.[ch]: Rename to src/util/virauth.[ch] * src/esx/esx_driver.c, src/hyperv/hyperv_driver.c, src/phyp/phyp_driver.c, src/xenapi/xenapi_driver.c: Update for renamed include files Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-19 16:21:12 +00:00
* virauth.c: authentication related utility functions
esx: Move username and password helper functions to authhelper.c
2010-03-14 19:50:14 +00:00
*
fixed SegFault in virauth No check for conn->uri being NULL in virAuthGetConfigFilePath (valid state) made the client segfault. This happens for example with these settings: - no virtualbox driver installed (modifies conn->uri) - no default URI set (VIRSH_DEFAULT_CONNECT_URI="", LIBVIRT_DEFAULT_URI="", uri_default="") - auth_sock_rw="sasl" - virsh run as root That are unfortunately the settings with fresh Fedora 17 installation with VDSM. The check ought to be enough as conn->uri being NULL is valid in later code and is handled properly.
2012-07-24 14:08:46 +00:00
* Copyright (C) 2012 Red Hat, Inc.
esx: Move username and password helper functions to authhelper.c
2010-03-14 19:50:14 +00:00
* Copyright (C) 2010 Matthias Bolte <matthias.bolte@googlemail.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
maint: fix up copyright notice inconsistencies https://www.gnu.org/licenses/gpl-howto.html recommends that the 'If not, see <url>.' phrase be a separate sentence. * tests/securityselinuxhelper.c: Remove doubled line. * tests/securityselinuxtest.c: Likewise. * globally: s/; If/. If/
2012-09-20 22:30:55 +00:00
* License along with this library. If not, see
Desert the FSF address in copyright Per the FSF address could be changed from time to time, and GNU recommends the following now: (http://www.gnu.org/licenses/gpl-howto.html) You should have received a copy of the GNU General Public License along with Foobar. If not, see <http://www.gnu.org/licenses/>. This patch removes the explicit FSF address, and uses above instead (of course, with inserting 'Lesser' before 'General'). Except a bunch of files for security driver, all others are changed automatically, the copyright for securify files are not complete, that's why to do it manually: src/security/security_selinux.h src/security/security_driver.h src/security/security_selinux.c src/security/security_apparmor.h src/security/security_apparmor.c src/security/security_driver.c
2012-07-21 10:06:23 +00:00
* <http://www.gnu.org/licenses/>.
esx: Move username and password helper functions to authhelper.c
2010-03-14 19:50:14 +00:00
*
*/
#include <config.h>
Add helper API for finding auth file path * src/util/virauth.c, src/util/virauth.h: Add virAuthGetConfigFilePath * include/libvirt/virterror.h, src/util/virterror.c: Add VIR_FROM_AUTH error domain Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 15:40:05 +00:00
#include <stdlib.h>
Rename src/util/authhelper.[ch] to src/util/virauth.[ch] To follow latest naming conventions, rename src/util/authhelper.[ch] to src/util/virauth.[ch]. * src/util/authhelper.[ch]: Rename to src/util/virauth.[ch] * src/esx/esx_driver.c, src/hyperv/hyperv_driver.c, src/phyp/phyp_driver.c, src/xenapi/xenapi_driver.c: Update for renamed include files Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-19 16:21:12 +00:00
#include "virauth.h"
Rename util.{c,h} to virutil.{c,h}
2012-12-13 17:44:57 +00:00
#include "virutil.h"
Rename logging.{c,h} to virlog.{c,h}
2012-12-12 17:59:27 +00:00
#include "virlog.h"
Add helper API for finding auth file path * src/util/virauth.c, src/util/virauth.h: Add virAuthGetConfigFilePath * include/libvirt/virterror.h, src/util/virterror.c: Add VIR_FROM_AUTH error domain Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 15:40:05 +00:00
#include "datatypes.h"
Rename virterror.c virterror_internal.h to virerror.{c,h}
2012-12-13 18:21:53 +00:00
#include "virerror.h"
Add helper API for finding auth file path * src/util/virauth.c, src/util/virauth.h: Add virAuthGetConfigFilePath * include/libvirt/virterror.h, src/util/virterror.c: Add VIR_FROM_AUTH error domain Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 15:40:05 +00:00
#include "configmake.h"
Lookup auth credentials in config file before prompting When SASL requests auth credentials, try to look them up in the config file first. If any are found, remove them from the list that the user is prompted for Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 11:11:10 +00:00
#include "virauthconfig.h"
virutil: Move string related functions to virstring.c The source code base needs to be adapted as well. Some files include virutil.h just for the string related functions (here, the include is substituted to match the new file), some include virutil.h without any need (here, the include is removed), and some require both.
2013-04-03 10:36:23 +00:00
#include "virstring.h"
Add helper API for finding auth file path * src/util/virauth.c, src/util/virauth.h: Add virAuthGetConfigFilePath * include/libvirt/virterror.h, src/util/virterror.c: Add VIR_FROM_AUTH error domain Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 15:40:05 +00:00
#define VIR_FROM_THIS VIR_FROM_AUTH
Add virLogSource variables to all source files Any source file which calls the logging APIs now needs to have a VIR_LOG_INIT("source.name") declaration at the start of the file. This provides a static variable of the virLogSource type. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-02-28 12:16:17 +00:00
VIR_LOG_INIT("util.auth");
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
int
virAuthGetConfigFilePathURI(virURIPtr uri,
char **path)
Add helper API for finding auth file path * src/util/virauth.c, src/util/virauth.h: Add virAuthGetConfigFilePath * include/libvirt/virterror.h, src/util/virterror.c: Add VIR_FROM_AUTH error domain Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 15:40:05 +00:00
{
size_t i;
Remove all direct use of getenv Unconditional use of getenv is not secure in setuid env. While not all libvirt code runs in a setuid env (since much of it only exists inside libvirtd) this is not always clear to developers. So make all the code paranoid, even if it only ever runs inside libvirtd. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-10-09 10:18:15 +00:00
const char *authenv = virGetEnvBlockSUID("LIBVIRT_AUTH_FILE");
util: auth: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:54 +00:00
VIR_AUTOFREE(char *) userdir = NULL;
Add helper API for finding auth file path * src/util/virauth.c, src/util/virauth.h: Add virAuthGetConfigFilePath * include/libvirt/virterror.h, src/util/virterror.c: Add VIR_FROM_AUTH error domain Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 15:40:05 +00:00
*path = NULL;
VIR_DEBUG("Determining auth config file path");
if (authenv) {
VIR_DEBUG("Using path from env '%s'", authenv);
Adapt to VIR_STRDUP and VIR_STRNDUP in src/util/*
2013-05-24 07:19:51 +00:00
if (VIR_STRDUP(*path, authenv) < 0)
util: auth: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:54 +00:00
return -1;
Add helper API for finding auth file path * src/util/virauth.c, src/util/virauth.h: Add virAuthGetConfigFilePath * include/libvirt/virterror.h, src/util/virterror.c: Add VIR_FROM_AUTH error domain Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 15:40:05 +00:00
return 0;
}
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
if (uri) {
for (i = 0; i < uri->paramsCount; i++) {
if (STREQ_NULLABLE(uri->params[i].name, "authfile") &&
uri->params[i].value) {
VIR_DEBUG("Using path from URI '%s'", uri->params[i].value);
if (VIR_STRDUP(*path, uri->params[i].value) < 0)
util: auth: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:54 +00:00
return -1;
fixed SegFault in virauth No check for conn->uri being NULL in virAuthGetConfigFilePath (valid state) made the client segfault. This happens for example with these settings: - no virtualbox driver installed (modifies conn->uri) - no default URI set (VIRSH_DEFAULT_CONNECT_URI="", LIBVIRT_DEFAULT_URI="", uri_default="") - auth_sock_rw="sasl" - virsh run as root That are unfortunately the settings with fresh Fedora 17 installation with VDSM. The check ought to be enough as conn->uri being NULL is valid in later code and is handled properly.
2012-07-24 14:08:46 +00:00
return 0;
}
Add helper API for finding auth file path * src/util/virauth.c, src/util/virauth.h: Add virAuthGetConfigFilePath * include/libvirt/virterror.h, src/util/virterror.c: Add VIR_FROM_AUTH error domain Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 15:40:05 +00:00
}
}
Remove uid param from directory lookup APIs Remove the uid param from virGetUserConfigDirectory, virGetUserCacheDirectory, virGetUserRuntimeDirectory, and virGetUserDirectory These functions were universally called with the results of getuid() or geteuid(). To make it practical to port to Win32, remove the uid parameter and hardcode geteuid() Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-24 12:29:42 +00:00
if (!(userdir = virGetUserConfigDirectory()))
util: auth: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:54 +00:00
return -1;
Add helper API for finding auth file path * src/util/virauth.c, src/util/virauth.h: Add virAuthGetConfigFilePath * include/libvirt/virterror.h, src/util/virterror.c: Add VIR_FROM_AUTH error domain Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 15:40:05 +00:00
Use XDG Base Directories instead of storing in home directory As defined in: http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html This offers a number of advantages: * Allows sharing a home directory between different machines, or sessions (eg. using NFS) * Cleanly separates cache, runtime (eg. sockets), or app data from user settings * Supports performing smart or selective migration of settings between different OS versions * Supports reseting settings without breaking things * Makes it possible to clear cache data to make room when the disk is filling up * Allows us to write a robust and efficient backup solution * Allows an admin flexibility to change where data and settings are stored * Dramatically reduces the complexity and incoherence of the system for administrators
2012-05-03 16:36:27 +00:00
if (virAsprintf(path, "%s/auth.conf", userdir) < 0)
util: auth: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:54 +00:00
return -1;
Add helper API for finding auth file path * src/util/virauth.c, src/util/virauth.h: Add virAuthGetConfigFilePath * include/libvirt/virterror.h, src/util/virterror.c: Add VIR_FROM_AUTH error domain Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 15:40:05 +00:00
VIR_DEBUG("Checking for readability of '%s'", *path);
if (access(*path, R_OK) == 0)
goto done;
VIR_FREE(*path);
Adapt to VIR_STRDUP and VIR_STRNDUP in src/util/*
2013-05-24 07:19:51 +00:00
if (VIR_STRDUP(*path, SYSCONFDIR "/libvirt/auth.conf") < 0)
util: auth: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:54 +00:00
return -1;
Add helper API for finding auth file path * src/util/virauth.c, src/util/virauth.h: Add virAuthGetConfigFilePath * include/libvirt/virterror.h, src/util/virterror.c: Add VIR_FROM_AUTH error domain Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 15:40:05 +00:00
VIR_DEBUG("Checking for readability of '%s'", *path);
if (access(*path, R_OK) == 0)
goto done;
VIR_FREE(*path);
Indent top-level labels by one space in src/util/
2014-03-25 06:53:22 +00:00
done:
Add helper API for finding auth file path * src/util/virauth.c, src/util/virauth.h: Add virAuthGetConfigFilePath * include/libvirt/virterror.h, src/util/virterror.c: Add VIR_FROM_AUTH error domain Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 15:40:05 +00:00
VIR_DEBUG("Using auth file '%s'", NULLSTR(*path));
util: auth: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:54 +00:00
return 0;
Add helper API for finding auth file path * src/util/virauth.c, src/util/virauth.h: Add virAuthGetConfigFilePath * include/libvirt/virterror.h, src/util/virterror.c: Add VIR_FROM_AUTH error domain Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 15:40:05 +00:00
}
esx: Move username and password helper functions to authhelper.c
2010-03-14 19:50:14 +00:00
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
int
virAuthGetConfigFilePath(virConnectPtr conn,
char **path)
{
return virAuthGetConfigFilePathURI(conn ? conn->uri : NULL, path);
}
Lookup auth credentials in config file before prompting When SASL requests auth credentials, try to look them up in the config file first. If any are found, remove them from the list that the user is prompted for Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 11:11:10 +00:00
static int
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
virAuthGetCredential(const char *servicename,
const char *hostname,
Lookup auth credentials in config file before prompting When SASL requests auth credentials, try to look them up in the config file first. If any are found, remove them from the list that the user is prompted for Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 11:11:10 +00:00
const char *credname,
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
const char *path,
Lookup auth credentials in config file before prompting When SASL requests auth credentials, try to look them up in the config file first. If any are found, remove them from the list that the user is prompted for Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 11:11:10 +00:00
char **value)
{
util: auth: use VIR_AUTOPTR for aggregate types By making use of GNU C's cleanup attribute handled by the VIR_AUTOPTR macro for declaring aggregate pointer variables, majority of the calls to *Free functions can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:55 +00:00
VIR_AUTOPTR(virAuthConfig) config = NULL;
Lookup auth credentials in config file before prompting When SASL requests auth credentials, try to look them up in the config file first. If any are found, remove them from the list that the user is prompted for Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 11:11:10 +00:00
const char *tmp;
*value = NULL;
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
if (path == NULL)
return 0;
Lookup auth credentials in config file before prompting When SASL requests auth credentials, try to look them up in the config file first. If any are found, remove them from the list that the user is prompted for Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 11:11:10 +00:00
if (!(config = virAuthConfigNew(path)))
util: auth: use VIR_AUTOPTR for aggregate types By making use of GNU C's cleanup attribute handled by the VIR_AUTOPTR macro for declaring aggregate pointer variables, majority of the calls to *Free functions can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:55 +00:00
return -1;
Lookup auth credentials in config file before prompting When SASL requests auth credentials, try to look them up in the config file first. If any are found, remove them from the list that the user is prompted for Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 11:11:10 +00:00
if (virAuthConfigLookup(config,
servicename,
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
hostname,
Lookup auth credentials in config file before prompting When SASL requests auth credentials, try to look them up in the config file first. If any are found, remove them from the list that the user is prompted for Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 11:11:10 +00:00
credname,
&tmp) < 0)
util: auth: use VIR_AUTOPTR for aggregate types By making use of GNU C's cleanup attribute handled by the VIR_AUTOPTR macro for declaring aggregate pointer variables, majority of the calls to *Free functions can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:55 +00:00
return -1;
Lookup auth credentials in config file before prompting When SASL requests auth credentials, try to look them up in the config file first. If any are found, remove them from the list that the user is prompted for Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 11:11:10 +00:00
Adapt to VIR_STRDUP and VIR_STRNDUP in src/util/*
2013-05-24 07:19:51 +00:00
if (VIR_STRDUP(*value, tmp) < 0)
util: auth: use VIR_AUTOPTR for aggregate types By making use of GNU C's cleanup attribute handled by the VIR_AUTOPTR macro for declaring aggregate pointer variables, majority of the calls to *Free functions can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:55 +00:00
return -1;
Lookup auth credentials in config file before prompting When SASL requests auth credentials, try to look them up in the config file first. If any are found, remove them from the list that the user is prompted for Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 11:11:10 +00:00
util: auth: use VIR_AUTOPTR for aggregate types By making use of GNU C's cleanup attribute handled by the VIR_AUTOPTR macro for declaring aggregate pointer variables, majority of the calls to *Free functions can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:55 +00:00
return 0;
Lookup auth credentials in config file before prompting When SASL requests auth credentials, try to look them up in the config file first. If any are found, remove them from the list that the user is prompted for Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 11:11:10 +00:00
}
esx: Move username and password helper functions to authhelper.c
2010-03-14 19:50:14 +00:00
char *
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
virAuthGetUsernamePath(const char *path,
virConnectAuthPtr auth,
const char *servicename,
const char *defaultUsername,
const char *hostname)
esx: Move username and password helper functions to authhelper.c
2010-03-14 19:50:14 +00:00
{
unsigned int ncred;
virConnectCredential cred;
util: auth: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:54 +00:00
VIR_AUTOFREE(char *) prompt = NULL;
Lookup auth credentials in config file before prompting When SASL requests auth credentials, try to look them up in the config file first. If any are found, remove them from the list that the user is prompted for Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 11:11:10 +00:00
char *ret = NULL;
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
if (virAuthGetCredential(servicename, hostname, "username", path, &ret) < 0)
Lookup auth credentials in config file before prompting When SASL requests auth credentials, try to look them up in the config file first. If any are found, remove them from the list that the user is prompted for Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 11:11:10 +00:00
return NULL;
if (ret != NULL)
return ret;
esx: Move username and password helper functions to authhelper.c
2010-03-14 19:50:14 +00:00
Consistent style for usage of sizeof operator The code is splattered with a mix of sizeof foo sizeof (foo) sizeof(foo) Standardize on sizeof(foo) and add a syntax check rule to enforce it Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-29 09:52:04 +00:00
memset(&cred, 0, sizeof(virConnectCredential));
esx: Move username and password helper functions to authhelper.c
2010-03-14 19:50:14 +00:00
if (defaultUsername != NULL) {
if (virAsprintf(&prompt, _("Enter username for %s [%s]"), hostname,
defaultUsername) < 0) {
return NULL;
}
} else {
Remove unnecessary curly brackets in src/util/ Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-11-13 14:28:18 +00:00
if (virAsprintf(&prompt, _("Enter username for %s"), hostname) < 0)
esx: Move username and password helper functions to authhelper.c
2010-03-14 19:50:14 +00:00
return NULL;
}
for (ncred = 0; ncred < auth->ncredtype; ncred++) {
Remove unnecessary curly brackets in src/util/ Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-11-13 14:28:18 +00:00
if (auth->credtype[ncred] != VIR_CRED_AUTHNAME)
esx: Move username and password helper functions to authhelper.c
2010-03-14 19:50:14 +00:00
continue;
cred.type = VIR_CRED_AUTHNAME;
cred.prompt = prompt;
cred.challenge = hostname;
cred.defresult = defaultUsername;
cred.result = NULL;
cred.resultlen = 0;
Remove unnecessary curly brackets in src/util/ Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-11-13 14:28:18 +00:00
if ((*(auth->cb))(&cred, 1, auth->cbdata) < 0)
esx: Move username and password helper functions to authhelper.c
2010-03-14 19:50:14 +00:00
VIR_FREE(cred.result);
break;
}
return cred.result;
}
char *
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
virAuthGetUsername(virConnectPtr conn,
Lookup auth credentials in config file before prompting When SASL requests auth credentials, try to look them up in the config file first. If any are found, remove them from the list that the user is prompted for Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 11:11:10 +00:00
virConnectAuthPtr auth,
const char *servicename,
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
const char *defaultUsername,
esx: Move username and password helper functions to authhelper.c
2010-03-14 19:50:14 +00:00
const char *hostname)
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
{
util: auth: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:54 +00:00
VIR_AUTOFREE(char *) path = NULL;
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
if (virAuthGetConfigFilePath(conn, &path) < 0)
return NULL;
virauth.c: Check for valid auth callback Instead of adding the same check for every drivers, execute the checks in virAuthGetUsername and virAuthGetPassword. These funtions are called when user is not set in the URI. Signed-off-by: Marcos Paulo de Souza <marcos.souza.org@gmail.com>
2018-08-03 00:27:51 +00:00
if (!auth || !auth->cb) {
virReportError(VIR_ERR_INVALID_ARG, "%s",
_("Missing or invalid auth pointer"));
return NULL;
}
util: auth: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:54 +00:00
return virAuthGetUsernamePath(path, auth, servicename,
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
defaultUsername, hostname);
}
char *
virAuthGetPasswordPath(const char *path,
virConnectAuthPtr auth,
const char *servicename,
const char *username,
const char *hostname)
esx: Move username and password helper functions to authhelper.c
2010-03-14 19:50:14 +00:00
{
unsigned int ncred;
virConnectCredential cred;
util: auth: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:54 +00:00
VIR_AUTOFREE(char *) prompt = NULL;
Lookup auth credentials in config file before prompting When SASL requests auth credentials, try to look them up in the config file first. If any are found, remove them from the list that the user is prompted for Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 11:11:10 +00:00
char *ret = NULL;
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
if (virAuthGetCredential(servicename, hostname, "password", path, &ret) < 0)
Lookup auth credentials in config file before prompting When SASL requests auth credentials, try to look them up in the config file first. If any are found, remove them from the list that the user is prompted for Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-20 11:11:10 +00:00
return NULL;
if (ret != NULL)
return ret;
esx: Move username and password helper functions to authhelper.c
2010-03-14 19:50:14 +00:00
Consistent style for usage of sizeof operator The code is splattered with a mix of sizeof foo sizeof (foo) sizeof(foo) Standardize on sizeof(foo) and add a syntax check rule to enforce it Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-29 09:52:04 +00:00
memset(&cred, 0, sizeof(virConnectCredential));
esx: Move username and password helper functions to authhelper.c
2010-03-14 19:50:14 +00:00
if (virAsprintf(&prompt, _("Enter %s's password for %s"), username,
hostname) < 0) {
return NULL;
}
for (ncred = 0; ncred < auth->ncredtype; ncred++) {
if (auth->credtype[ncred] != VIR_CRED_PASSPHRASE &&
auth->credtype[ncred] != VIR_CRED_NOECHOPROMPT) {
continue;
}
cred.type = auth->credtype[ncred];
cred.prompt = prompt;
cred.challenge = hostname;
cred.defresult = NULL;
cred.result = NULL;
cred.resultlen = 0;
Remove unnecessary curly brackets in src/util/ Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-11-13 14:28:18 +00:00
if ((*(auth->cb))(&cred, 1, auth->cbdata) < 0)
esx: Move username and password helper functions to authhelper.c
2010-03-14 19:50:14 +00:00
VIR_FREE(cred.result);
break;
}
return cred.result;
}
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
char *
virAuthGetPassword(virConnectPtr conn,
virConnectAuthPtr auth,
const char *servicename,
const char *username,
const char *hostname)
{
util: auth: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:54 +00:00
VIR_AUTOFREE(char *) path = NULL;
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
if (virAuthGetConfigFilePath(conn, &path) < 0)
return NULL;
virauth.c: Check for valid auth callback Instead of adding the same check for every drivers, execute the checks in virAuthGetUsername and virAuthGetPassword. These funtions are called when user is not set in the URI. Signed-off-by: Marcos Paulo de Souza <marcos.souza.org@gmail.com>
2018-08-03 00:27:51 +00:00
if (!auth || !auth->cb) {
virReportError(VIR_ERR_INVALID_ARG, "%s",
_("Missing or invalid auth pointer"));
return NULL;
}
util: auth: use VIR_AUTOFREE instead of VIR_FREE for scalar types By making use of GNU C's cleanup attribute handled by the VIR_AUTOFREE macro for declaring scalar variables, majority of the VIR_FREE calls can be dropped, which in turn leads to getting rid of most of our cleanup sections. Signed-off-by: Sukrit Bhatnagar <skrtbhtngr@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-07-13 17:54:54 +00:00
return virAuthGetPasswordPath(path, auth, servicename, username, hostname);
virAuth: Don't require virConnectPtr to retrieve authentication creds Previously a connection object was required to retrieve the auth credentials. This patch adds the option to call the retrieval functions only using the connection URI or path to the configuration file. This will allow to use this toolkit to request passwords for ssh authentication in the libssh2 connection driver. Changes: *virAuthGetConfigFilePathURI(): use URI to retrieve the config file path *virAuthGetCredential(): Remove the need to propagate conn object virAuthGetPasswordPath(): *virAuthGetUsernamePath(): New functions, that use config file path instead of conn object
2013-07-09 14:14:45 +00:00
}
Reference in New Issue Copy Permalink