External/libvirt
1
0
Fork 0
Code

Convert callers to use typesafe APIs for setting identity attrs

Browse Source 
Update virNetServerClientCreateIdentity and virIdentityGetSystem
to use the new typesafe APIs for setting identity attributes

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrange 2013-08-22 16:58:58 +01:00
parent b4b41521fa
commit 5282ed8d1c
2 changed files with 46 additions and 148 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

115
src/rpc/virnetserverclient.c
View File

@ -653,21 +653,14 @@ int virNetServerClientGetUNIXIdentity(virNetServerClientPtr client,
static virIdentityPtr static virIdentityPtr
virNetServerClientCreateIdentity(virNetServerClientPtr client) virNetServerClientCreateIdentity(virNetServerClientPtr client)
{ {
char *processid = NULL;
char *processtime = NULL;
char *username = NULL; char *username = NULL;
char *userid = NULL;
char *groupname = NULL; char *groupname = NULL;
char *groupid = NULL;
#if WITH_SASL
char *saslname = NULL;
#endif
#if WITH_GNUTLS
char *x509dname = NULL;
#endif
char *seccontext = NULL; char *seccontext = NULL;
virIdentityPtr ret = NULL; virIdentityPtr ret = NULL;
if (!(ret = virIdentityNew()))
goto error;
if (client->sock && virNetSocketIsLocal(client->sock)) { if (client->sock && virNetSocketIsLocal(client->sock)) {
gid_t gid; gid_t gid;
uid_t uid; uid_t uid;
@ -676,116 +669,60 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
if (virNetSocketGetUNIXIdentity(client->sock, if (virNetSocketGetUNIXIdentity(client->sock,
&uid, &gid, &pid, &uid, &gid, &pid,
&timestamp) < 0) &timestamp) < 0)
goto cleanup; goto error;
if (!(username = virGetUserName(uid))) if (!(username = virGetUserName(uid)))
goto cleanup; goto error;
if (virAsprintf(&userid, "%d", (int)uid) < 0) if (virIdentitySetUNIXUserName(ret, username) < 0)
goto cleanup; goto error;
if (virIdentitySetUNIXUserID(ret, uid) < 0)
goto error;
if (!(groupname = virGetGroupName(gid))) if (!(groupname = virGetGroupName(gid)))
goto cleanup; goto error;
if (virAsprintf(&groupid, "%d", (int)gid) < 0) if (virIdentitySetUNIXGroupName(ret, groupname) < 0)
goto cleanup; goto error;
if (virAsprintf(&processid, "%llu", if (virIdentitySetUNIXGroupID(ret, gid) < 0)
(unsigned long long)pid) < 0) goto error;
goto cleanup;
if (virAsprintf(&processtime, "%llu", if (virIdentitySetUNIXProcessID(ret, pid) < 0)
timestamp) < 0) goto error;
goto cleanup; if (virIdentitySetUNIXProcessTime(ret, timestamp) < 0)
goto error;
} }
#if WITH_SASL #if WITH_SASL
if (client->sasl) { if (client->sasl) {
const char *identity = virNetSASLSessionGetIdentity(client->sasl); const char *identity = virNetSASLSessionGetIdentity(client->sasl);
if (VIR_STRDUP(saslname, identity) < 0) if (virIdentitySetSASLUserName(ret, identity) < 0)
goto cleanup; goto error;
} }
#endif #endif
#if WITH_GNUTLS #if WITH_GNUTLS
if (client->tls) { if (client->tls) {
const char *identity = virNetTLSSessionGetX509DName(client->tls); const char *identity = virNetTLSSessionGetX509DName(client->tls);
if (VIR_STRDUP(x509dname, identity) < 0) if (virIdentitySetX509DName(ret, identity) < 0)
goto cleanup; goto error;
} }
#endif #endif
if (client->sock && if (client->sock &&
virNetSocketGetSELinuxContext(client->sock, &seccontext) < 0) virNetSocketGetSELinuxContext(client->sock, &seccontext) < 0)
goto cleanup;
if (!(ret = virIdentityNew()))
goto cleanup;
if (username &&
virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_USER_NAME,
username) < 0)
goto error; goto error;
if (userid &&
virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_USER_ID,
userid) < 0)
goto error;
if (groupname &&
virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
groupname) < 0)
goto error;
if (groupid &&
virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
groupid) < 0)
goto error;
if (processid &&
virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
processid) < 0)
goto error;
if (processtime &&
virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME,
processtime) < 0)
goto error;
#if WITH_SASL
if (saslname &&
virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_SASL_USER_NAME,
saslname) < 0)
goto error;
#endif
#if WITH_GNUTLS
if (x509dname &&
virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_X509_DISTINGUISHED_NAME,
x509dname) < 0)
goto error;
#endif
if (seccontext && if (seccontext &&
virIdentitySetAttr(ret, virIdentitySetSELinuxContext(ret, seccontext) < 0)
VIR_IDENTITY_ATTR_SELINUX_CONTEXT,
seccontext) < 0)
goto error; goto error;
cleanup: cleanup:
VIR_FREE(username); VIR_FREE(username);
VIR_FREE(userid);
VIR_FREE(groupname); VIR_FREE(groupname);
VIR_FREE(groupid);
VIR_FREE(processid);
VIR_FREE(processtime);
VIR_FREE(seccontext); VIR_FREE(seccontext);
#if WITH_SASL
VIR_FREE(saslname);
#endif
#if WITH_GNUTLS
VIR_FREE(x509dname);
#endif
return ret; return ret;
error: error:
virObjectUnref(ret); virObjectUnref(ret);
ret = NULL; ret = 0;
goto cleanup; goto cleanup;
} }

79
src/util/viridentity.c
View File

@ -135,38 +135,38 @@ int virIdentitySetCurrent(virIdentityPtr ident)
virIdentityPtr virIdentityGetSystem(void) virIdentityPtr virIdentityGetSystem(void)
{ {
char *username = NULL; char *username = NULL;
char *userid = NULL;
char *groupname = NULL; char *groupname = NULL;
char *groupid = NULL; unsigned long long startTime;
char *seccontext = NULL;
virIdentityPtr ret = NULL; virIdentityPtr ret = NULL;
#if WITH_SELINUX #if WITH_SELINUX
security_context_t con; security_context_t con;
#endif #endif
char *processid = NULL;
unsigned long long timestamp;
char *processtime = NULL;
if (virAsprintf(&processid, "%llu", if (!(ret = virIdentityNew()))
(unsigned long long)getpid()) < 0) goto error;
goto cleanup;
if (virProcessGetStartTime(getpid(), &timestamp) < 0) if (virIdentitySetUNIXProcessID(ret, getpid()) < 0)
goto cleanup; goto error;
if (timestamp != 0 && if (virProcessGetStartTime(getpid(), &startTime) < 0)
virAsprintf(&processtime, "%llu", timestamp) < 0) goto error;
goto cleanup; if (startTime != 0 &&
virIdentitySetUNIXProcessTime(ret, startTime) < 0)
goto error;
if (!(username = virGetUserName(geteuid()))) if (!(username = virGetUserName(geteuid())))
goto cleanup; goto cleanup;
if (virAsprintf(&userid, "%d", (int)geteuid()) < 0) if (virIdentitySetUNIXUserName(ret, username) < 0)
goto cleanup; goto error;
if (virIdentitySetUNIXUserID(ret, getuid()) < 0)
goto error;
if (!(groupname = virGetGroupName(getegid()))) if (!(groupname = virGetGroupName(getegid())))
goto cleanup; goto cleanup;
if (virAsprintf(&groupid, "%d", (int)getegid()) < 0) if (virIdentitySetUNIXGroupName(ret, groupname) < 0)
goto cleanup; goto error;
if (virIdentitySetUNIXGroupID(ret, getgid()) < 0)
goto error;
#if WITH_SELINUX #if WITH_SELINUX
if (is_selinux_enabled() > 0) { if (is_selinux_enabled() > 0) {
@ -175,56 +175,17 @@ virIdentityPtr virIdentityGetSystem(void)
_("Unable to lookup SELinux process context")); _("Unable to lookup SELinux process context"));
goto cleanup; goto cleanup;
} }
if (VIR_STRDUP(seccontext, con) < 0) { if (virIdentitySetSELinuxContext(ret, con) < 0) {
freecon(con); freecon(con);
goto cleanup; goto error;
} }
freecon(con); freecon(con);
} }
#endif #endif
if (!(ret = virIdentityNew()))
goto cleanup;
if (virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_USER_NAME,
username) < 0)
goto error;
if (virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_USER_ID,
userid) < 0)
goto error;
if (virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
groupname) < 0)
goto error;
if (virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
groupid) < 0)
goto error;
if (seccontext &&
virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_SELINUX_CONTEXT,
seccontext) < 0)
goto error;
if (virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
processid) < 0)
goto error;
if (processtime &&
virIdentitySetAttr(ret,
VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME,
processtime) < 0)
goto error;
cleanup: cleanup:
VIR_FREE(username); VIR_FREE(username);
VIR_FREE(userid);
VIR_FREE(groupname); VIR_FREE(groupname);
VIR_FREE(groupid);
VIR_FREE(seccontext);
VIR_FREE(processid);
VIR_FREE(processtime);
return ret; return ret;
error: error: