Convert callers to use typesafe APIs for setting identity attrs

Update virNetServerClientCreateIdentity and virIdentityGetSystem to use the new typesafe APIs for setting identity attributes Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2025-01-09 06:25:19 +00:00 · 2013-08-22 16:58:58 +01:00 · 2013-08-22 16:58:58 +01:00 · 5282ed8d1c
commit 5282ed8d1c
parent b4b41521fa
2 changed files with 46 additions and 148 deletions
--- a/src/rpc/virnetserverclient.c
+++ b/src/rpc/virnetserverclient.c
@ -653,21 +653,14 @@ int virNetServerClientGetUNIXIdentity(virNetServerClientPtr client,
 static virIdentityPtr
 virNetServerClientCreateIdentity(virNetServerClientPtr client)
 {
-    char *processid = NULL;
-    char *processtime = NULL;
    char *username = NULL;
-    char *userid = NULL;
    char *groupname = NULL;
-    char *groupid = NULL;
-#if WITH_SASL
-    char *saslname = NULL;
-#endif
-#if WITH_GNUTLS
-    char *x509dname = NULL;
-#endif
    char *seccontext = NULL;
    virIdentityPtr ret = NULL;

+    if (!(ret = virIdentityNew()))
+        goto error;
+
    if (client->sock && virNetSocketIsLocal(client->sock)) {
        gid_t gid;
        uid_t uid;
@ -676,116 +669,60 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
        if (virNetSocketGetUNIXIdentity(client->sock,
                                        &uid, &gid, &pid,
                                        &timestamp) < 0)
-            goto cleanup;
+            goto error;

        if (!(username = virGetUserName(uid)))
-            goto cleanup;
-        if (virAsprintf(&userid, "%d", (int)uid) < 0)
-            goto cleanup;
+            goto error;
+        if (virIdentitySetUNIXUserName(ret, username) < 0)
+            goto error;
+        if (virIdentitySetUNIXUserID(ret, uid) < 0)
+            goto error;
+
        if (!(groupname = virGetGroupName(gid)))
-            goto cleanup;
-        if (virAsprintf(&groupid, "%d", (int)gid) < 0)
-            goto cleanup;
-        if (virAsprintf(&processid, "%llu",
-                        (unsigned long long)pid) < 0)
-            goto cleanup;
-        if (virAsprintf(&processtime, "%llu",
-                        timestamp) < 0)
-            goto cleanup;
+            goto error;
+        if (virIdentitySetUNIXGroupName(ret, groupname) < 0)
+            goto error;
+        if (virIdentitySetUNIXGroupID(ret, gid) < 0)
+            goto error;
+
+        if (virIdentitySetUNIXProcessID(ret, pid) < 0)
+            goto error;
+        if (virIdentitySetUNIXProcessTime(ret, timestamp) < 0)
+            goto error;
    }

 #if WITH_SASL
    if (client->sasl) {
        const char *identity = virNetSASLSessionGetIdentity(client->sasl);
-        if (VIR_STRDUP(saslname, identity) < 0)
-            goto cleanup;
+        if (virIdentitySetSASLUserName(ret, identity) < 0)
+            goto error;
    }
 #endif

 #if WITH_GNUTLS
    if (client->tls) {
        const char *identity = virNetTLSSessionGetX509DName(client->tls);
-        if (VIR_STRDUP(x509dname, identity) < 0)
-            goto cleanup;
+        if (virIdentitySetX509DName(ret, identity) < 0)
+            goto error;
    }
 #endif

    if (client->sock &&
        virNetSocketGetSELinuxContext(client->sock, &seccontext) < 0)
-        goto cleanup;
-
-    if (!(ret = virIdentityNew()))
-        goto cleanup;
-
-    if (username &&
-        virIdentitySetAttr(ret,
-                           VIR_IDENTITY_ATTR_UNIX_USER_NAME,
-                           username) < 0)
        goto error;
-    if (userid &&
-        virIdentitySetAttr(ret,
-                           VIR_IDENTITY_ATTR_UNIX_USER_ID,
-                           userid) < 0)
-        goto error;
-    if (groupname &&
-        virIdentitySetAttr(ret,
-                           VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
-                           groupname) < 0)
-        goto error;
-    if (groupid &&
-        virIdentitySetAttr(ret,
-                           VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
-                           groupid) < 0)
-        goto error;
-    if (processid &&
-        virIdentitySetAttr(ret,
-                           VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
-                           processid) < 0)
-        goto error;
-    if (processtime &&
-        virIdentitySetAttr(ret,
-                           VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME,
-                           processtime) < 0)
-        goto error;
-#if WITH_SASL
-    if (saslname &&
-        virIdentitySetAttr(ret,
-                           VIR_IDENTITY_ATTR_SASL_USER_NAME,
-                           saslname) < 0)
-        goto error;
-#endif
-#if WITH_GNUTLS
-    if (x509dname &&
-        virIdentitySetAttr(ret,
-                           VIR_IDENTITY_ATTR_X509_DISTINGUISHED_NAME,
-                           x509dname) < 0)
-        goto error;
-#endif
    if (seccontext &&
-        virIdentitySetAttr(ret,
-                           VIR_IDENTITY_ATTR_SELINUX_CONTEXT,
-                           seccontext) < 0)
+        virIdentitySetSELinuxContext(ret, seccontext) < 0)
        goto error;

 cleanup:
    VIR_FREE(username);
-    VIR_FREE(userid);
    VIR_FREE(groupname);
-    VIR_FREE(groupid);
-    VIR_FREE(processid);
-    VIR_FREE(processtime);
    VIR_FREE(seccontext);
-#if WITH_SASL
-    VIR_FREE(saslname);
-#endif
-#if WITH_GNUTLS
-    VIR_FREE(x509dname);
-#endif
    return ret;

 error:
    virObjectUnref(ret);
-    ret = NULL;
+    ret = 0;
    goto cleanup;
 }

--- a/src/util/viridentity.c
+++ b/src/util/viridentity.c
@ -135,38 +135,38 @@ int virIdentitySetCurrent(virIdentityPtr ident)
 virIdentityPtr virIdentityGetSystem(void)
 {
    char *username = NULL;
-    char *userid = NULL;
    char *groupname = NULL;
-    char *groupid = NULL;
-    char *seccontext = NULL;
+    unsigned long long startTime;
    virIdentityPtr ret = NULL;
 #if WITH_SELINUX
    security_context_t con;
 #endif
-    char *processid = NULL;
-    unsigned long long timestamp;
-    char *processtime = NULL;

-    if (virAsprintf(&processid, "%llu",
-                    (unsigned long long)getpid()) < 0)
-        goto cleanup;
+    if (!(ret = virIdentityNew()))
+        goto error;

-    if (virProcessGetStartTime(getpid(), &timestamp) < 0)
-        goto cleanup;
+    if (virIdentitySetUNIXProcessID(ret, getpid()) < 0)
+        goto error;

-    if (timestamp != 0 &&
-        virAsprintf(&processtime, "%llu", timestamp) < 0)
-        goto cleanup;
+    if (virProcessGetStartTime(getpid(), &startTime) < 0)
+        goto error;
+    if (startTime != 0 &&
+        virIdentitySetUNIXProcessTime(ret, startTime) < 0)
+        goto error;

    if (!(username = virGetUserName(geteuid())))
        goto cleanup;
-    if (virAsprintf(&userid, "%d", (int)geteuid()) < 0)
-        goto cleanup;
+    if (virIdentitySetUNIXUserName(ret, username) < 0)
+        goto error;
+    if (virIdentitySetUNIXUserID(ret, getuid()) < 0)
+        goto error;

    if (!(groupname = virGetGroupName(getegid())))
        goto cleanup;
-    if (virAsprintf(&groupid, "%d", (int)getegid()) < 0)
-        goto cleanup;
+    if (virIdentitySetUNIXGroupName(ret, groupname) < 0)
+        goto error;
+    if (virIdentitySetUNIXGroupID(ret, getgid()) < 0)
+        goto error;

 #if WITH_SELINUX
    if (is_selinux_enabled() > 0) {
@ -175,56 +175,17 @@ virIdentityPtr virIdentityGetSystem(void)
                                 _("Unable to lookup SELinux process context"));
            goto cleanup;
        }
-        if (VIR_STRDUP(seccontext, con) < 0) {
+        if (virIdentitySetSELinuxContext(ret, con) < 0) {
            freecon(con);
-            goto cleanup;
+            goto error;
        }
        freecon(con);
    }
 #endif

-    if (!(ret = virIdentityNew()))
-        goto cleanup;
-
-    if (virIdentitySetAttr(ret,
-                           VIR_IDENTITY_ATTR_UNIX_USER_NAME,
-                           username) < 0)
-        goto error;
-    if (virIdentitySetAttr(ret,
-                           VIR_IDENTITY_ATTR_UNIX_USER_ID,
-                           userid) < 0)
-        goto error;
-    if (virIdentitySetAttr(ret,
-                           VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
-                           groupname) < 0)
-        goto error;
-    if (virIdentitySetAttr(ret,
-                           VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
-                           groupid) < 0)
-        goto error;
-    if (seccontext &&
-        virIdentitySetAttr(ret,
-                           VIR_IDENTITY_ATTR_SELINUX_CONTEXT,
-                           seccontext) < 0)
-        goto error;
-    if (virIdentitySetAttr(ret,
-                           VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
-                           processid) < 0)
-        goto error;
-    if (processtime &&
-        virIdentitySetAttr(ret,
-                           VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME,
-                           processtime) < 0)
-        goto error;
-
 cleanup:
    VIR_FREE(username);
-    VIR_FREE(userid);
    VIR_FREE(groupname);
-    VIR_FREE(groupid);
-    VIR_FREE(seccontext);
-    VIR_FREE(processid);
-    VIR_FREE(processtime);
    return ret;

 error: