diff --git a/src/rpc/virnetserverclient.c b/src/rpc/virnetserverclient.c index 3493ef59a2..c6ef84c547 100644 --- a/src/rpc/virnetserverclient.c +++ b/src/rpc/virnetserverclient.c @@ -653,21 +653,14 @@ int virNetServerClientGetUNIXIdentity(virNetServerClientPtr client, static virIdentityPtr virNetServerClientCreateIdentity(virNetServerClientPtr client) { - char *processid = NULL; - char *processtime = NULL; char *username = NULL; - char *userid = NULL; char *groupname = NULL; - char *groupid = NULL; -#if WITH_SASL - char *saslname = NULL; -#endif -#if WITH_GNUTLS - char *x509dname = NULL; -#endif char *seccontext = NULL; virIdentityPtr ret = NULL; + if (!(ret = virIdentityNew())) + goto error; + if (client->sock && virNetSocketIsLocal(client->sock)) { gid_t gid; uid_t uid; @@ -676,116 +669,60 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client) if (virNetSocketGetUNIXIdentity(client->sock, &uid, &gid, &pid, ×tamp) < 0) - goto cleanup; + goto error; if (!(username = virGetUserName(uid))) - goto cleanup; - if (virAsprintf(&userid, "%d", (int)uid) < 0) - goto cleanup; + goto error; + if (virIdentitySetUNIXUserName(ret, username) < 0) + goto error; + if (virIdentitySetUNIXUserID(ret, uid) < 0) + goto error; + if (!(groupname = virGetGroupName(gid))) - goto cleanup; - if (virAsprintf(&groupid, "%d", (int)gid) < 0) - goto cleanup; - if (virAsprintf(&processid, "%llu", - (unsigned long long)pid) < 0) - goto cleanup; - if (virAsprintf(&processtime, "%llu", - timestamp) < 0) - goto cleanup; + goto error; + if (virIdentitySetUNIXGroupName(ret, groupname) < 0) + goto error; + if (virIdentitySetUNIXGroupID(ret, gid) < 0) + goto error; + + if (virIdentitySetUNIXProcessID(ret, pid) < 0) + goto error; + if (virIdentitySetUNIXProcessTime(ret, timestamp) < 0) + goto error; } #if WITH_SASL if (client->sasl) { const char *identity = virNetSASLSessionGetIdentity(client->sasl); - if (VIR_STRDUP(saslname, identity) < 0) - goto cleanup; + if (virIdentitySetSASLUserName(ret, identity) < 0) + goto error; } #endif #if WITH_GNUTLS if (client->tls) { const char *identity = virNetTLSSessionGetX509DName(client->tls); - if (VIR_STRDUP(x509dname, identity) < 0) - goto cleanup; + if (virIdentitySetX509DName(ret, identity) < 0) + goto error; } #endif if (client->sock && virNetSocketGetSELinuxContext(client->sock, &seccontext) < 0) - goto cleanup; - - if (!(ret = virIdentityNew())) - goto cleanup; - - if (username && - virIdentitySetAttr(ret, - VIR_IDENTITY_ATTR_UNIX_USER_NAME, - username) < 0) goto error; - if (userid && - virIdentitySetAttr(ret, - VIR_IDENTITY_ATTR_UNIX_USER_ID, - userid) < 0) - goto error; - if (groupname && - virIdentitySetAttr(ret, - VIR_IDENTITY_ATTR_UNIX_GROUP_NAME, - groupname) < 0) - goto error; - if (groupid && - virIdentitySetAttr(ret, - VIR_IDENTITY_ATTR_UNIX_GROUP_ID, - groupid) < 0) - goto error; - if (processid && - virIdentitySetAttr(ret, - VIR_IDENTITY_ATTR_UNIX_PROCESS_ID, - processid) < 0) - goto error; - if (processtime && - virIdentitySetAttr(ret, - VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME, - processtime) < 0) - goto error; -#if WITH_SASL - if (saslname && - virIdentitySetAttr(ret, - VIR_IDENTITY_ATTR_SASL_USER_NAME, - saslname) < 0) - goto error; -#endif -#if WITH_GNUTLS - if (x509dname && - virIdentitySetAttr(ret, - VIR_IDENTITY_ATTR_X509_DISTINGUISHED_NAME, - x509dname) < 0) - goto error; -#endif if (seccontext && - virIdentitySetAttr(ret, - VIR_IDENTITY_ATTR_SELINUX_CONTEXT, - seccontext) < 0) + virIdentitySetSELinuxContext(ret, seccontext) < 0) goto error; cleanup: VIR_FREE(username); - VIR_FREE(userid); VIR_FREE(groupname); - VIR_FREE(groupid); - VIR_FREE(processid); - VIR_FREE(processtime); VIR_FREE(seccontext); -#if WITH_SASL - VIR_FREE(saslname); -#endif -#if WITH_GNUTLS - VIR_FREE(x509dname); -#endif return ret; error: virObjectUnref(ret); - ret = NULL; + ret = 0; goto cleanup; } diff --git a/src/util/viridentity.c b/src/util/viridentity.c index 68ccab9ace..6f3baeeb11 100644 --- a/src/util/viridentity.c +++ b/src/util/viridentity.c @@ -135,38 +135,38 @@ int virIdentitySetCurrent(virIdentityPtr ident) virIdentityPtr virIdentityGetSystem(void) { char *username = NULL; - char *userid = NULL; char *groupname = NULL; - char *groupid = NULL; - char *seccontext = NULL; + unsigned long long startTime; virIdentityPtr ret = NULL; #if WITH_SELINUX security_context_t con; #endif - char *processid = NULL; - unsigned long long timestamp; - char *processtime = NULL; - if (virAsprintf(&processid, "%llu", - (unsigned long long)getpid()) < 0) - goto cleanup; + if (!(ret = virIdentityNew())) + goto error; - if (virProcessGetStartTime(getpid(), ×tamp) < 0) - goto cleanup; + if (virIdentitySetUNIXProcessID(ret, getpid()) < 0) + goto error; - if (timestamp != 0 && - virAsprintf(&processtime, "%llu", timestamp) < 0) - goto cleanup; + if (virProcessGetStartTime(getpid(), &startTime) < 0) + goto error; + if (startTime != 0 && + virIdentitySetUNIXProcessTime(ret, startTime) < 0) + goto error; if (!(username = virGetUserName(geteuid()))) goto cleanup; - if (virAsprintf(&userid, "%d", (int)geteuid()) < 0) - goto cleanup; + if (virIdentitySetUNIXUserName(ret, username) < 0) + goto error; + if (virIdentitySetUNIXUserID(ret, getuid()) < 0) + goto error; if (!(groupname = virGetGroupName(getegid()))) goto cleanup; - if (virAsprintf(&groupid, "%d", (int)getegid()) < 0) - goto cleanup; + if (virIdentitySetUNIXGroupName(ret, groupname) < 0) + goto error; + if (virIdentitySetUNIXGroupID(ret, getgid()) < 0) + goto error; #if WITH_SELINUX if (is_selinux_enabled() > 0) { @@ -175,56 +175,17 @@ virIdentityPtr virIdentityGetSystem(void) _("Unable to lookup SELinux process context")); goto cleanup; } - if (VIR_STRDUP(seccontext, con) < 0) { + if (virIdentitySetSELinuxContext(ret, con) < 0) { freecon(con); - goto cleanup; + goto error; } freecon(con); } #endif - if (!(ret = virIdentityNew())) - goto cleanup; - - if (virIdentitySetAttr(ret, - VIR_IDENTITY_ATTR_UNIX_USER_NAME, - username) < 0) - goto error; - if (virIdentitySetAttr(ret, - VIR_IDENTITY_ATTR_UNIX_USER_ID, - userid) < 0) - goto error; - if (virIdentitySetAttr(ret, - VIR_IDENTITY_ATTR_UNIX_GROUP_NAME, - groupname) < 0) - goto error; - if (virIdentitySetAttr(ret, - VIR_IDENTITY_ATTR_UNIX_GROUP_ID, - groupid) < 0) - goto error; - if (seccontext && - virIdentitySetAttr(ret, - VIR_IDENTITY_ATTR_SELINUX_CONTEXT, - seccontext) < 0) - goto error; - if (virIdentitySetAttr(ret, - VIR_IDENTITY_ATTR_UNIX_PROCESS_ID, - processid) < 0) - goto error; - if (processtime && - virIdentitySetAttr(ret, - VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME, - processtime) < 0) - goto error; - cleanup: VIR_FREE(username); - VIR_FREE(userid); VIR_FREE(groupname); - VIR_FREE(groupid); - VIR_FREE(seccontext); - VIR_FREE(processid); - VIR_FREE(processtime); return ret; error: