External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-02-22 11:22:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Convert all files in src/rpc/ to use virReportError()

Browse Source 
This rmoves all the per-file error reporting macros
from the code in src/rpc/

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrange 2012-07-18 11:41:47 +01:00
parent f6d4405e3c
commit 7c45ad4ba2
12 changed files with 316 additions and 354 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/rpc/virkeepalive.c
View File

@ -33,9 +33,6 @@
#include "virkeepalive.h" #include "virkeepalive.h"
#define VIR_FROM_THIS VIR_FROM_RPC #define VIR_FROM_THIS VIR_FROM_RPC
#define virNetError(code, ...) \
virReportErrorHelper(VIR_FROM_THIS, code, __FILE__, \
__FUNCTION__, __LINE__, __VA_ARGS__)
struct _virKeepAlive { struct _virKeepAlive {
int refs; int refs;
@ -287,8 +284,8 @@ virKeepAliveStart(virKeepAlivePtr ka,
if (interval > 0) { if (interval > 0) {
if (ka->interval > 0) { if (ka->interval > 0) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("keepalive interval already set")); _("keepalive interval already set"));
goto cleanup; goto cleanup;
} }
ka->interval = interval; ka->interval = interval;

51
src/rpc/virnetclient.c
View File

@ -38,9 +38,6 @@
#include "virterror_internal.h" #include "virterror_internal.h"
#define VIR_FROM_THIS VIR_FROM_RPC #define VIR_FROM_THIS VIR_FROM_RPC
#define virNetError(code, ...) \
virReportErrorHelper(VIR_FROM_THIS, code, __FILE__, \
__FUNCTION__, __LINE__, __VA_ARGS__)
typedef struct _virNetClientCall virNetClientCall; typedef struct _virNetClientCall virNetClientCall;
typedef virNetClientCall *virNetClientCallPtr; typedef virNetClientCall *virNetClientCallPtr;
@ -651,9 +648,9 @@ int virNetClientSetTLSSession(virNetClientPtr client,
goto error; goto error;
} }
if (len != 1 || buf[0] != '\1') { if (len != 1 || buf[0] != '\1') {
virNetError(VIR_ERR_RPC, "%s", virReportError(VIR_ERR_RPC, "%s",
_("server verification (of our certificate or IP " _("server verification (of our certificate or IP "
"address) failed")); "address) failed"));
goto error; goto error;
} }
@ -802,9 +799,9 @@ virNetClientCallDispatchReply(virNetClientPtr client)
thecall = thecall->next; thecall = thecall->next;
if (!thecall) { if (!thecall) {
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("no call waiting for reply with prog %d vers %d serial %d"), _("no call waiting for reply with prog %d vers %d serial %d"),
client->msg.header.prog, client->msg.header.vers, client->msg.header.serial); client->msg.header.prog, client->msg.header.vers, client->msg.header.serial);
return -1; return -1;
} }
@ -968,10 +965,10 @@ virNetClientCallDispatch(virNetClientPtr client)
return virNetClientCallDispatchStream(client); return virNetClientCallDispatchStream(client);
default: default:
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("got unexpected RPC call prog %d vers %d proc %d type %d"), _("got unexpected RPC call prog %d vers %d proc %d type %d"),
client->msg.header.prog, client->msg.header.vers, client->msg.header.prog, client->msg.header.vers,
client->msg.header.proc, client->msg.header.type); client->msg.header.proc, client->msg.header.type);
return -1; return -1;
} }
} }
@ -1413,8 +1410,8 @@ static int virNetClientIOEventLoop(virNetClientPtr client,
} }
if (fds[0].revents & (POLLHUP | POLLERR)) { if (fds[0].revents & (POLLHUP | POLLERR)) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("received hangup / error event on socket")); _("received hangup / error event on socket"));
goto error; goto error;
} }
} }
@ -1554,8 +1551,8 @@ static int virNetClientIO(virNetClientPtr client,
/* Go to sleep while other thread is working... */ /* Go to sleep while other thread is working... */
if (virCondWait(&thiscall->cond, &client->lock) < 0) { if (virCondWait(&thiscall->cond, &client->lock) < 0) {
virNetClientCallRemove(&client->waitDispatch, thiscall); virNetClientCallRemove(&client->waitDispatch, thiscall);
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("failed to wait on condition")); _("failed to wait on condition"));
return -1; return -1;
} }
@ -1673,16 +1670,16 @@ virNetClientCallNew(virNetMessagePtr msg,
if (expectReply && if (expectReply &&
(msg->bufferLength != 0) && (msg->bufferLength != 0) &&
(msg->header.status == VIR_NET_CONTINUE)) { (msg->header.status == VIR_NET_CONTINUE)) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Attempt to send an asynchronous message with" _("Attempt to send an asynchronous message with"
" a synchronous reply")); " a synchronous reply"));
goto error; goto error;
} }
if (expectReply && nonBlock) { if (expectReply && nonBlock) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Attempt to send a non-blocking message with" _("Attempt to send a non-blocking message with"
" a synchronous reply")); " a synchronous reply"));
goto error; goto error;
} }
@ -1692,8 +1689,8 @@ virNetClientCallNew(virNetMessagePtr msg,
} }
if (virCondInit(&call->cond) < 0) { if (virCondInit(&call->cond) < 0) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("cannot initialize condition variable")); _("cannot initialize condition variable"));
goto error; goto error;
} }
@ -1757,8 +1754,8 @@ static int virNetClientSendInternal(virNetClientPtr client,
msg->header.type, msg->header.status, msg->header.serial); msg->header.type, msg->header.status, msg->header.serial);
if (!client->sock || client->wantClose) { if (!client->sock || client->wantClose) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("client socket is closed")); _("client socket is closed"));
return -1; return -1;
} }

23
src/rpc/virnetclientprogram.c
View File

@ -35,9 +35,6 @@
#include "virfile.h" #include "virfile.h"
#define VIR_FROM_THIS VIR_FROM_RPC #define VIR_FROM_THIS VIR_FROM_RPC
#define virNetError(code, ...) \
virReportErrorHelper(VIR_FROM_THIS, code, __FILE__, \
__FUNCTION__, __LINE__, __VA_ARGS__)
struct _virNetClientProgram { struct _virNetClientProgram {
int refs; int refs;
@ -336,20 +333,20 @@ int virNetClientProgramCall(virNetClientProgramPtr prog,
*/ */
if (msg->header.type != VIR_NET_REPLY && if (msg->header.type != VIR_NET_REPLY &&
msg->header.type != VIR_NET_REPLY_WITH_FDS) { msg->header.type != VIR_NET_REPLY_WITH_FDS) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("Unexpected message type %d"), msg->header.type); _("Unexpected message type %d"), msg->header.type);
goto error; goto error;
} }
if (msg->header.proc != proc) { if (msg->header.proc != proc) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("Unexpected message proc %d != %d"), _("Unexpected message proc %d != %d"),
msg->header.proc, proc); msg->header.proc, proc);
goto error; goto error;
} }
if (msg->header.serial != serial) { if (msg->header.serial != serial) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("Unexpected message serial %d != %d"), _("Unexpected message serial %d != %d"),
msg->header.serial, serial); msg->header.serial, serial);
goto error; goto error;
} }
@ -388,8 +385,8 @@ int virNetClientProgramCall(virNetClientProgramPtr prog,
goto error; goto error;
default: default:
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("Unexpected message status %d"), msg->header.status); _("Unexpected message status %d"), msg->header.status);
goto error; goto error;
} }

19
src/rpc/virnetclientstream.c
View File

@ -31,9 +31,6 @@
#include "threads.h" #include "threads.h"
#define VIR_FROM_THIS VIR_FROM_RPC #define VIR_FROM_THIS VIR_FROM_RPC
#define virNetError(code, ...) \
virReportErrorHelper(VIR_FROM_THIS, code, __FILE__, \
__FUNCTION__, __LINE__, __VA_ARGS__)
struct _virNetClientStream { struct _virNetClientStream {
virMutex lock; virMutex lock;
@ -147,8 +144,8 @@ virNetClientStreamPtr virNetClientStreamNew(virNetClientProgramPtr prog,
st->serial = serial; st->serial = serial;
if (virMutexInit(&st->lock) < 0) { if (virMutexInit(&st->lock) < 0) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("cannot initialize mutex")); _("cannot initialize mutex"));
VIR_FREE(st); VIR_FREE(st);
return NULL; return NULL;
} }
@ -452,8 +449,8 @@ int virNetClientStreamEventAddCallback(virNetClientStreamPtr st,
virMutexLock(&st->lock); virMutexLock(&st->lock);
if (st->cb) { if (st->cb) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("multiple stream callbacks not supported")); "%s", _("multiple stream callbacks not supported"));
goto cleanup; goto cleanup;
} }
@ -488,8 +485,8 @@ int virNetClientStreamEventUpdateCallback(virNetClientStreamPtr st,
virMutexLock(&st->lock); virMutexLock(&st->lock);
if (!st->cb) { if (!st->cb) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("no stream callback registered")); "%s", _("no stream callback registered"));
goto cleanup; goto cleanup;
} }
@ -510,8 +507,8 @@ int virNetClientStreamEventRemoveCallback(virNetClientStreamPtr st)
virMutexLock(&st->lock); virMutexLock(&st->lock);
if (!st->cb) { if (!st->cb) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("no stream callback registered")); "%s", _("no stream callback registered"));
goto cleanup; goto cleanup;
} }

49
src/rpc/virnetmessage.c
View File

@ -31,9 +31,6 @@
#include "util.h" #include "util.h"
#define VIR_FROM_THIS VIR_FROM_RPC #define VIR_FROM_THIS VIR_FROM_RPC
#define virNetError(code, ...) \
virReportErrorHelper(VIR_FROM_THIS, code, __FILE__, \
__FUNCTION__, __LINE__, __VA_ARGS__)
virNetMessagePtr virNetMessageNew(bool tracked) virNetMessagePtr virNetMessageNew(bool tracked)
{ {
@ -121,15 +118,15 @@ int virNetMessageDecodeLength(virNetMessagePtr msg)
xdrmem_create(&xdr, msg->buffer, xdrmem_create(&xdr, msg->buffer,
msg->bufferLength, XDR_DECODE); msg->bufferLength, XDR_DECODE);
if (!xdr_u_int(&xdr, &len)) { if (!xdr_u_int(&xdr, &len)) {
virNetError(VIR_ERR_RPC, "%s", _("Unable to decode message length")); virReportError(VIR_ERR_RPC, "%s", _("Unable to decode message length"));
goto cleanup; goto cleanup;
} }
msg->bufferOffset = xdr_getpos(&xdr); msg->bufferOffset = xdr_getpos(&xdr);
if (len < VIR_NET_MESSAGE_LEN_MAX) { if (len < VIR_NET_MESSAGE_LEN_MAX) {
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("packet %d bytes received from server too small, want %d"), _("packet %d bytes received from server too small, want %d"),
len, VIR_NET_MESSAGE_LEN_MAX); len, VIR_NET_MESSAGE_LEN_MAX);
goto cleanup; goto cleanup;
} }
@ -137,9 +134,9 @@ int virNetMessageDecodeLength(virNetMessagePtr msg)
len -= VIR_NET_MESSAGE_LEN_MAX; len -= VIR_NET_MESSAGE_LEN_MAX;
if (len > VIR_NET_MESSAGE_MAX) { if (len > VIR_NET_MESSAGE_MAX) {
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("packet %d bytes received from server too large, want %d"), _("packet %d bytes received from server too large, want %d"),
len, VIR_NET_MESSAGE_MAX); len, VIR_NET_MESSAGE_MAX);
goto cleanup; goto cleanup;
} }
@ -187,7 +184,7 @@ int virNetMessageDecodeHeader(virNetMessagePtr msg)
XDR_DECODE); XDR_DECODE);
if (!xdr_virNetMessageHeader(&xdr, &msg->header)) { if (!xdr_virNetMessageHeader(&xdr, &msg->header)) {
virNetError(VIR_ERR_RPC, "%s", _("Unable to decode message header")); virReportError(VIR_ERR_RPC, "%s", _("Unable to decode message header"));
goto cleanup; goto cleanup;
} }
@ -233,12 +230,12 @@ int virNetMessageEncodeHeader(virNetMessagePtr msg)
/* The real value is filled in shortly */ /* The real value is filled in shortly */
if (!xdr_u_int(&xdr, &len)) { if (!xdr_u_int(&xdr, &len)) {
virNetError(VIR_ERR_RPC, "%s", _("Unable to encode message length")); virReportError(VIR_ERR_RPC, "%s", _("Unable to encode message length"));
goto cleanup; goto cleanup;
} }
if (!xdr_virNetMessageHeader(&xdr, &msg->header)) { if (!xdr_virNetMessageHeader(&xdr, &msg->header)) {
virNetError(VIR_ERR_RPC, "%s", _("Unable to encode message header")); virReportError(VIR_ERR_RPC, "%s", _("Unable to encode message header"));
goto cleanup; goto cleanup;
} }
@ -249,7 +246,7 @@ int virNetMessageEncodeHeader(virNetMessagePtr msg)
* if a payload is added * if a payload is added
*/ */
if (!xdr_u_int(&xdr, &len)) { if (!xdr_u_int(&xdr, &len)) {
virNetError(VIR_ERR_RPC, "%s", _("Unable to re-encode message length")); virReportError(VIR_ERR_RPC, "%s", _("Unable to re-encode message length"));
goto cleanup; goto cleanup;
} }
@ -273,14 +270,14 @@ int virNetMessageEncodeNumFDs(virNetMessagePtr msg)
msg->bufferLength - msg->bufferOffset, XDR_ENCODE); msg->bufferLength - msg->bufferOffset, XDR_ENCODE);
if (numFDs > VIR_NET_MESSAGE_NUM_FDS_MAX) { if (numFDs > VIR_NET_MESSAGE_NUM_FDS_MAX) {
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("Too many FDs to send %d, expected %d maximum"), _("Too many FDs to send %d, expected %d maximum"),
numFDs, VIR_NET_MESSAGE_NUM_FDS_MAX); numFDs, VIR_NET_MESSAGE_NUM_FDS_MAX);
goto cleanup; goto cleanup;
} }
if (!xdr_u_int(&xdr, &numFDs)) { if (!xdr_u_int(&xdr, &numFDs)) {
virNetError(VIR_ERR_RPC, "%s", _("Unable to encode number of FDs")); virReportError(VIR_ERR_RPC, "%s", _("Unable to encode number of FDs"));
goto cleanup; goto cleanup;
} }
msg->bufferOffset += xdr_getpos(&xdr); msg->bufferOffset += xdr_getpos(&xdr);
@ -305,13 +302,13 @@ int virNetMessageDecodeNumFDs(virNetMessagePtr msg)
xdrmem_create(&xdr, msg->buffer + msg->bufferOffset, xdrmem_create(&xdr, msg->buffer + msg->bufferOffset,
msg->bufferLength - msg->bufferOffset, XDR_DECODE); msg->bufferLength - msg->bufferOffset, XDR_DECODE);
if (!xdr_u_int(&xdr, &numFDs)) { if (!xdr_u_int(&xdr, &numFDs)) {
virNetError(VIR_ERR_RPC, "%s", _("Unable to decode number of FDs")); virReportError(VIR_ERR_RPC, "%s", _("Unable to decode number of FDs"));
goto cleanup; goto cleanup;
} }
msg->bufferOffset += xdr_getpos(&xdr); msg->bufferOffset += xdr_getpos(&xdr);
if (numFDs > VIR_NET_MESSAGE_NUM_FDS_MAX) { if (numFDs > VIR_NET_MESSAGE_NUM_FDS_MAX) {
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("Received too many FDs %d, expected %d maximum"), _("Received too many FDs %d, expected %d maximum"),
numFDs, VIR_NET_MESSAGE_NUM_FDS_MAX); numFDs, VIR_NET_MESSAGE_NUM_FDS_MAX);
goto cleanup; goto cleanup;
@ -349,7 +346,7 @@ int virNetMessageEncodePayload(virNetMessagePtr msg,
msg->bufferLength - msg->bufferOffset, XDR_ENCODE); msg->bufferLength - msg->bufferOffset, XDR_ENCODE);
if (!(*filter)(&xdr, data)) { if (!(*filter)(&xdr, data)) {
virNetError(VIR_ERR_RPC, "%s", _("Unable to encode message payload")); virReportError(VIR_ERR_RPC, "%s", _("Unable to encode message payload"));
goto error; goto error;
} }
@ -362,7 +359,7 @@ int virNetMessageEncodePayload(virNetMessagePtr msg,
xdrmem_create(&xdr, msg->buffer, VIR_NET_MESSAGE_HEADER_XDR_LEN, XDR_ENCODE); xdrmem_create(&xdr, msg->buffer, VIR_NET_MESSAGE_HEADER_XDR_LEN, XDR_ENCODE);
msglen = msg->bufferOffset; msglen = msg->bufferOffset;
if (!xdr_u_int(&xdr, &msglen)) { if (!xdr_u_int(&xdr, &msglen)) {
virNetError(VIR_ERR_RPC, "%s", _("Unable to encode message length")); virReportError(VIR_ERR_RPC, "%s", _("Unable to encode message length"));
goto error; goto error;
} }
xdr_destroy(&xdr); xdr_destroy(&xdr);
@ -390,7 +387,7 @@ int virNetMessageDecodePayload(virNetMessagePtr msg,
msg->bufferLength - msg->bufferOffset, XDR_DECODE); msg->bufferLength - msg->bufferOffset, XDR_DECODE);
if (!(*filter)(&xdr, data)) { if (!(*filter)(&xdr, data)) {
virNetError(VIR_ERR_RPC, "%s", _("Unable to decode message payload")); virReportError(VIR_ERR_RPC, "%s", _("Unable to decode message payload"));
goto error; goto error;
} }
@ -413,7 +410,7 @@ int virNetMessageEncodePayloadRaw(virNetMessagePtr msg,
unsigned int msglen; unsigned int msglen;
if ((msg->bufferLength - msg->bufferOffset) < len) { if ((msg->bufferLength - msg->bufferOffset) < len) {
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("Stream data too long to send (%zu bytes needed, %zu bytes available)"), _("Stream data too long to send (%zu bytes needed, %zu bytes available)"),
len, (msg->bufferLength - msg->bufferOffset)); len, (msg->bufferLength - msg->bufferOffset));
return -1; return -1;
@ -427,7 +424,7 @@ int virNetMessageEncodePayloadRaw(virNetMessagePtr msg,
xdrmem_create(&xdr, msg->buffer, VIR_NET_MESSAGE_HEADER_XDR_LEN, XDR_ENCODE); xdrmem_create(&xdr, msg->buffer, VIR_NET_MESSAGE_HEADER_XDR_LEN, XDR_ENCODE);
msglen = msg->bufferOffset; msglen = msg->bufferOffset;
if (!xdr_u_int(&xdr, &msglen)) { if (!xdr_u_int(&xdr, &msglen)) {
virNetError(VIR_ERR_RPC, "%s", _("Unable to encode message length")); virReportError(VIR_ERR_RPC, "%s", _("Unable to encode message length"));
goto error; goto error;
} }
xdr_destroy(&xdr); xdr_destroy(&xdr);
@ -452,7 +449,7 @@ int virNetMessageEncodePayloadEmpty(virNetMessagePtr msg)
xdrmem_create(&xdr, msg->buffer, VIR_NET_MESSAGE_HEADER_XDR_LEN, XDR_ENCODE); xdrmem_create(&xdr, msg->buffer, VIR_NET_MESSAGE_HEADER_XDR_LEN, XDR_ENCODE);
msglen = msg->bufferOffset; msglen = msg->bufferOffset;
if (!xdr_u_int(&xdr, &msglen)) { if (!xdr_u_int(&xdr, &msglen)) {
virNetError(VIR_ERR_RPC, "%s", _("Unable to encode message length")); virReportError(VIR_ERR_RPC, "%s", _("Unable to encode message length"));
goto error; goto error;
} }
xdr_destroy(&xdr); xdr_destroy(&xdr);
@ -508,8 +505,8 @@ int virNetMessageDupFD(virNetMessagePtr msg,
int fd; int fd;
if (slot >= msg->nfds) { if (slot >= msg->nfds) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("No FD available at slot %zu"), slot); _("No FD available at slot %zu"), slot);
return -1; return -1;
} }

130
src/rpc/virnetsaslcontext.c
View File

@ -31,10 +31,6 @@
#include "logging.h" #include "logging.h"
#define VIR_FROM_THIS VIR_FROM_RPC #define VIR_FROM_THIS VIR_FROM_RPC
#define virNetError(code, ...) \
virReportErrorHelper(VIR_FROM_THIS, code, __FILE__, \
__FUNCTION__, __LINE__, __VA_ARGS__)
struct _virNetSASLContext { struct _virNetSASLContext {
virMutex lock; virMutex lock;
@ -57,9 +53,9 @@ virNetSASLContextPtr virNetSASLContextNewClient(void)
err = sasl_client_init(NULL); err = sasl_client_init(NULL);
if (err != SASL_OK) { if (err != SASL_OK) {
virNetError(VIR_ERR_AUTH_FAILED, virReportError(VIR_ERR_AUTH_FAILED,
_("failed to initialize SASL library: %d (%s)"), _("failed to initialize SASL library: %d (%s)"),
err, sasl_errstring(err, NULL, NULL)); err, sasl_errstring(err, NULL, NULL));
return NULL; return NULL;
} }
@ -69,8 +65,8 @@ virNetSASLContextPtr virNetSASLContextNewClient(void)
} }
if (virMutexInit(&ctxt->lock) < 0) { if (virMutexInit(&ctxt->lock) < 0) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Failed to initialized mutex")); _("Failed to initialized mutex"));
VIR_FREE(ctxt); VIR_FREE(ctxt);
return NULL; return NULL;
} }
@ -87,9 +83,9 @@ virNetSASLContextPtr virNetSASLContextNewServer(const char *const*usernameWhitel
err = sasl_server_init(NULL, "libvirt"); err = sasl_server_init(NULL, "libvirt");
if (err != SASL_OK) { if (err != SASL_OK) {
virNetError(VIR_ERR_AUTH_FAILED, virReportError(VIR_ERR_AUTH_FAILED,
_("failed to initialize SASL library: %d (%s)"), _("failed to initialize SASL library: %d (%s)"),
err, sasl_errstring(err, NULL, NULL)); err, sasl_errstring(err, NULL, NULL));
return NULL; return NULL;
} }
@ -99,8 +95,8 @@ virNetSASLContextPtr virNetSASLContextNewServer(const char *const*usernameWhitel
} }
if (virMutexInit(&ctxt->lock) < 0) { if (virMutexInit(&ctxt->lock) < 0) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Failed to initialized mutex")); _("Failed to initialized mutex"));
VIR_FREE(ctxt); VIR_FREE(ctxt);
return NULL; return NULL;
} }
@ -133,9 +129,9 @@ int virNetSASLContextCheckIdentity(virNetSASLContextPtr ctxt,
goto cleanup; /* Succesful match */ goto cleanup; /* Succesful match */
} }
if (rv != FNM_NOMATCH) { if (rv != FNM_NOMATCH) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("Malformed TLS whitelist regular expression '%s'"), _("Malformed TLS whitelist regular expression '%s'"),
*wildcards); *wildcards);
goto cleanup; goto cleanup;
} }
@ -146,8 +142,8 @@ int virNetSASLContextCheckIdentity(virNetSASLContextPtr ctxt,
VIR_ERROR(_("SASL client %s not allowed in whitelist"), identity); VIR_ERROR(_("SASL client %s not allowed in whitelist"), identity);
/* This is the most common error: make it informative. */ /* This is the most common error: make it informative. */
virNetError(VIR_ERR_SYSTEM_ERROR, "%s", virReportError(VIR_ERR_SYSTEM_ERROR, "%s",
_("Client's username is not on the list of allowed clients")); _("Client's username is not on the list of allowed clients"));
ret = 0; ret = 0;
cleanup: cleanup:
@ -196,8 +192,8 @@ virNetSASLSessionPtr virNetSASLSessionNewClient(virNetSASLContextPtr ctxt ATTRIB
} }
if (virMutexInit(&sasl->lock) < 0) { if (virMutexInit(&sasl->lock) < 0) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Failed to initialized mutex")); _("Failed to initialized mutex"));
VIR_FREE(sasl); VIR_FREE(sasl);
return NULL; return NULL;
} }
@ -214,9 +210,9 @@ virNetSASLSessionPtr virNetSASLSessionNewClient(virNetSASLContextPtr ctxt ATTRIB
SASL_SUCCESS_DATA, SASL_SUCCESS_DATA,
&sasl->conn); &sasl->conn);
if (err != SASL_OK) { if (err != SASL_OK) {
virNetError(VIR_ERR_AUTH_FAILED, virReportError(VIR_ERR_AUTH_FAILED,
_("Failed to create SASL client context: %d (%s)"), _("Failed to create SASL client context: %d (%s)"),
err, sasl_errstring(err, NULL, NULL)); err, sasl_errstring(err, NULL, NULL));
goto cleanup; goto cleanup;
} }
@ -241,8 +237,8 @@ virNetSASLSessionPtr virNetSASLSessionNewServer(virNetSASLContextPtr ctxt ATTRIB
} }
if (virMutexInit(&sasl->lock) < 0) { if (virMutexInit(&sasl->lock) < 0) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Failed to initialized mutex")); _("Failed to initialized mutex"));
VIR_FREE(sasl); VIR_FREE(sasl);
return NULL; return NULL;
} }
@ -260,9 +256,9 @@ virNetSASLSessionPtr virNetSASLSessionNewServer(virNetSASLContextPtr ctxt ATTRIB
SASL_SUCCESS_DATA, SASL_SUCCESS_DATA,
&sasl->conn); &sasl->conn);
if (err != SASL_OK) { if (err != SASL_OK) {
virNetError(VIR_ERR_AUTH_FAILED, virReportError(VIR_ERR_AUTH_FAILED,
_("Failed to create SASL client context: %d (%s)"), _("Failed to create SASL client context: %d (%s)"),
err, sasl_errstring(err, NULL, NULL)); err, sasl_errstring(err, NULL, NULL));
goto cleanup; goto cleanup;
} }
@ -289,9 +285,9 @@ int virNetSASLSessionExtKeySize(virNetSASLSessionPtr sasl,
err = sasl_setprop(sasl->conn, SASL_SSF_EXTERNAL, &ssf); err = sasl_setprop(sasl->conn, SASL_SSF_EXTERNAL, &ssf);
if (err != SASL_OK) { if (err != SASL_OK) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("cannot set external SSF %d (%s)"), _("cannot set external SSF %d (%s)"),
err, sasl_errstring(err, NULL, NULL)); err, sasl_errstring(err, NULL, NULL));
goto cleanup; goto cleanup;
} }
@ -310,15 +306,15 @@ const char *virNetSASLSessionGetIdentity(virNetSASLSessionPtr sasl)
err = sasl_getprop(sasl->conn, SASL_USERNAME, &val); err = sasl_getprop(sasl->conn, SASL_USERNAME, &val);
if (err != SASL_OK) { if (err != SASL_OK) {
virNetError(VIR_ERR_AUTH_FAILED, virReportError(VIR_ERR_AUTH_FAILED,
_("cannot query SASL username on connection %d (%s)"), _("cannot query SASL username on connection %d (%s)"),
err, sasl_errstring(err, NULL, NULL)); err, sasl_errstring(err, NULL, NULL));
val = NULL; val = NULL;
goto cleanup; goto cleanup;
} }
if (val == NULL) { if (val == NULL) {
virNetError(VIR_ERR_AUTH_FAILED, virReportError(VIR_ERR_AUTH_FAILED,
_("no client username was found")); _("no client username was found"));
goto cleanup; goto cleanup;
} }
VIR_DEBUG("SASL client username %s", (const char *)val); VIR_DEBUG("SASL client username %s", (const char *)val);
@ -338,9 +334,9 @@ int virNetSASLSessionGetKeySize(virNetSASLSessionPtr sasl)
virMutexLock(&sasl->lock); virMutexLock(&sasl->lock);
err = sasl_getprop(sasl->conn, SASL_SSF, &val); err = sasl_getprop(sasl->conn, SASL_SSF, &val);
if (err != SASL_OK) { if (err != SASL_OK) {
virNetError(VIR_ERR_AUTH_FAILED, virReportError(VIR_ERR_AUTH_FAILED,
_("cannot query SASL ssf on connection %d (%s)"), _("cannot query SASL ssf on connection %d (%s)"),
err, sasl_errstring(err, NULL, NULL)); err, sasl_errstring(err, NULL, NULL));
ssf = -1; ssf = -1;
goto cleanup; goto cleanup;
} }
@ -374,9 +370,9 @@ int virNetSASLSessionSecProps(virNetSASLSessionPtr sasl,
err = sasl_setprop(sasl->conn, SASL_SEC_PROPS, &secprops); err = sasl_setprop(sasl->conn, SASL_SEC_PROPS, &secprops);
if (err != SASL_OK) { if (err != SASL_OK) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("cannot set security props %d (%s)"), _("cannot set security props %d (%s)"),
err, sasl_errstring(err, NULL, NULL)); err, sasl_errstring(err, NULL, NULL));
goto cleanup; goto cleanup;
} }
@ -398,9 +394,9 @@ static int virNetSASLSessionUpdateBufSize(virNetSASLSessionPtr sasl)
err = sasl_getprop(sasl->conn, SASL_MAXOUTBUF, &u.ptr); err = sasl_getprop(sasl->conn, SASL_MAXOUTBUF, &u.ptr);
if (err != SASL_OK) { if (err != SASL_OK) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("cannot get security props %d (%s)"), _("cannot get security props %d (%s)"),
err, sasl_errstring(err, NULL, NULL)); err, sasl_errstring(err, NULL, NULL));
return -1; return -1;
} }
@ -426,9 +422,9 @@ char *virNetSASLSessionListMechanisms(virNetSASLSessionPtr sasl)
NULL, NULL,
NULL); NULL);
if (err != SASL_OK) { if (err != SASL_OK) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("cannot list SASL mechanisms %d (%s)"), _("cannot list SASL mechanisms %d (%s)"),
err, sasl_errdetail(sasl->conn)); err, sasl_errdetail(sasl->conn));
goto cleanup; goto cleanup;
} }
if (!(ret = strdup(mechlist))) { if (!(ret = strdup(mechlist))) {
@ -479,9 +475,9 @@ int virNetSASLSessionClientStart(virNetSASLSessionPtr sasl,
ret = VIR_NET_SASL_INTERACT; ret = VIR_NET_SASL_INTERACT;
break; break;
default: default:
virNetError(VIR_ERR_AUTH_FAILED, virReportError(VIR_ERR_AUTH_FAILED,
_("Failed to start SASL negotiation: %d (%s)"), _("Failed to start SASL negotiation: %d (%s)"),
err, sasl_errdetail(sasl->conn)); err, sasl_errdetail(sasl->conn));
break; break;
} }
@ -528,9 +524,9 @@ int virNetSASLSessionClientStep(virNetSASLSessionPtr sasl,
ret = VIR_NET_SASL_INTERACT; ret = VIR_NET_SASL_INTERACT;
break; break;
default: default:
virNetError(VIR_ERR_AUTH_FAILED, virReportError(VIR_ERR_AUTH_FAILED,
_("Failed to step SASL negotiation: %d (%s)"), _("Failed to step SASL negotiation: %d (%s)"),
err, sasl_errdetail(sasl->conn)); err, sasl_errdetail(sasl->conn));
break; break;
} }
@ -574,9 +570,9 @@ int virNetSASLSessionServerStart(virNetSASLSessionPtr sasl,
ret = VIR_NET_SASL_INTERACT; ret = VIR_NET_SASL_INTERACT;
break; break;
default: default:
virNetError(VIR_ERR_AUTH_FAILED, virReportError(VIR_ERR_AUTH_FAILED,
_("Failed to start SASL negotiation: %d (%s)"), _("Failed to start SASL negotiation: %d (%s)"),
err, sasl_errdetail(sasl->conn)); err, sasl_errdetail(sasl->conn));
break; break;
} }
@ -619,9 +615,9 @@ int virNetSASLSessionServerStep(virNetSASLSessionPtr sasl,
ret = VIR_NET_SASL_INTERACT; ret = VIR_NET_SASL_INTERACT;
break; break;
default: default:
virNetError(VIR_ERR_AUTH_FAILED, virReportError(VIR_ERR_AUTH_FAILED,
_("Failed to start SASL negotiation: %d (%s)"), _("Failed to start SASL negotiation: %d (%s)"),
err, sasl_errdetail(sasl->conn)); err, sasl_errdetail(sasl->conn));
break; break;
} }
@ -666,9 +662,9 @@ ssize_t virNetSASLSessionEncode(virNetSASLSessionPtr sasl,
*outputlen = outlen; *outputlen = outlen;
if (err != SASL_OK) { if (err != SASL_OK) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("failed to encode SASL data: %d (%s)"), _("failed to encode SASL data: %d (%s)"),
err, sasl_errstring(err, NULL, NULL)); err, sasl_errstring(err, NULL, NULL));
goto cleanup; goto cleanup;
} }
ret = 0; ret = 0;
@ -704,9 +700,9 @@ ssize_t virNetSASLSessionDecode(virNetSASLSessionPtr sasl,
&outlen); &outlen);
*outputlen = outlen; *outputlen = outlen;
if (err != SASL_OK) { if (err != SASL_OK) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("failed to decode SASL data: %d (%s)"), _("failed to decode SASL data: %d (%s)"),
err, sasl_errstring(err, NULL, NULL)); err, sasl_errstring(err, NULL, NULL));
goto cleanup; goto cleanup;
} }
ret = 0; ret = 0;

25
src/rpc/virnetserver.c
View File

@ -45,9 +45,6 @@
#endif #endif
#define VIR_FROM_THIS VIR_FROM_RPC #define VIR_FROM_THIS VIR_FROM_RPC
#define virNetError(code, ...) \
virReportErrorHelper(VIR_FROM_THIS, code, __FILE__, \
__FUNCTION__, __LINE__, __VA_ARGS__)
typedef struct _virNetServerSignal virNetServerSignal; typedef struct _virNetServerSignal virNetServerSignal;
typedef virNetServerSignal *virNetServerSignalPtr; typedef virNetServerSignal *virNetServerSignalPtr;
@ -261,9 +258,9 @@ static int virNetServerDispatchNewClient(virNetServerServicePtr svc ATTRIBUTE_UN
virNetServerLock(srv); virNetServerLock(srv);
if (srv->nclients >= srv->nclients_max) { if (srv->nclients >= srv->nclients_max) {
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("Too many active clients (%zu), dropping connection from %s"), _("Too many active clients (%zu), dropping connection from %s"),
srv->nclients_max, virNetServerClientRemoteAddrString(client)); srv->nclients_max, virNetServerClientRemoteAddrString(client));
goto error; goto error;
} }
@ -378,8 +375,8 @@ virNetServerPtr virNetServerNew(size_t min_workers,
#endif #endif
if (virMutexInit(&srv->lock) < 0) { if (virMutexInit(&srv->lock) < 0) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("cannot initialize mutex")); _("cannot initialize mutex"));
goto error; goto error;
} }
@ -507,8 +504,8 @@ virNetServerSignalEvent(int watch,
} }
} }
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("Unexpected signal received: %d"), siginfo.si_signo); _("Unexpected signal received: %d"), siginfo.si_signo);
cleanup: cleanup:
virNetServerUnlock(srv); virNetServerUnlock(srv);
@ -531,8 +528,8 @@ static int virNetServerSignalSetup(virNetServerPtr srv)
VIR_EVENT_HANDLE_READABLE, VIR_EVENT_HANDLE_READABLE,
virNetServerSignalEvent, virNetServerSignalEvent,
srv, NULL)) < 0) { srv, NULL)) < 0) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Failed to add signal handle watch")); _("Failed to add signal handle watch"));
goto error; goto error;
} }
@ -707,8 +704,8 @@ void virNetServerRun(virNetServerPtr srv)
(timerid = virEventAddTimeout(-1, (timerid = virEventAddTimeout(-1,
virNetServerAutoShutdownTimer, virNetServerAutoShutdownTimer,
srv, NULL)) < 0) { srv, NULL)) < 0) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Failed to register shutdown timeout")); _("Failed to register shutdown timeout"));
goto cleanup; goto cleanup;
} }

15
src/rpc/virnetserverclient.c
View File

@ -36,9 +36,6 @@
#include "virkeepalive.h" #include "virkeepalive.h"
#define VIR_FROM_THIS VIR_FROM_RPC #define VIR_FROM_THIS VIR_FROM_RPC
#define virNetError(code, ...) \
virReportErrorHelper(VIR_FROM_THIS, code, __FILE__, \
__FUNCTION__, __LINE__, __VA_ARGS__)
/* Allow for filtering of incoming messages to a custom /* Allow for filtering of incoming messages to a custom
* dispatch processing queue, instead of the workers. * dispatch processing queue, instead of the workers.
@ -775,9 +772,9 @@ static ssize_t virNetServerClientRead(virNetServerClientPtr client)
ssize_t ret; ssize_t ret;
if (client->rx->bufferLength <= client->rx->bufferOffset) { if (client->rx->bufferLength <= client->rx->bufferOffset) {
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("unexpected zero/negative length request %lld"), _("unexpected zero/negative length request %lld"),
(long long int)(client->rx->bufferLength - client->rx->bufferOffset)); (long long int)(client->rx->bufferLength - client->rx->bufferOffset));
client->wantClose = true; client->wantClose = true;
return -1; return -1;
} }
@ -953,9 +950,9 @@ static ssize_t virNetServerClientWrite(virNetServerClientPtr client)
ssize_t ret; ssize_t ret;
if (client->tx->bufferLength < client->tx->bufferOffset) { if (client->tx->bufferLength < client->tx->bufferOffset) {
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("unexpected zero/negative length request %lld"), _("unexpected zero/negative length request %lld"),
(long long int)(client->tx->bufferLength - client->tx->bufferOffset)); (long long int)(client->tx->bufferLength - client->tx->bufferOffset));
client->wantClose = true; client->wantClose = true;
return -1; return -1;
} }

17
src/rpc/virnetservermdns.c
View File

@ -46,9 +46,6 @@
#include "logging.h" #include "logging.h"
#define VIR_FROM_THIS VIR_FROM_RPC #define VIR_FROM_THIS VIR_FROM_RPC
#define virNetError(code, ...) \
virReportErrorHelper(VIR_FROM_THIS, code, __FILE__, \
__FUNCTION__, __LINE__, __VA_ARGS__)
struct _virNetServerMDNSEntry { struct _virNetServerMDNSEntry {
char *type; char *type;
@ -285,8 +282,8 @@ static AvahiWatch *virNetServerMDNSWatchNew(const AvahiPoll *api ATTRIBUTE_UNUSE
virNetServerMDNSWatchDispatch, virNetServerMDNSWatchDispatch,
w, w,
virNetServerMDNSWatchDofree)) < 0) { virNetServerMDNSWatchDofree)) < 0) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("Failed to add watch for fd %d events %d"), fd, hEvents); _("Failed to add watch for fd %d events %d"), fd, hEvents);
VIR_FREE(w); VIR_FREE(w);
return NULL; return NULL;
} }
@ -367,8 +364,8 @@ static AvahiTimeout *virNetServerMDNSTimeoutNew(const AvahiPoll *api ATTRIBUTE_U
t->userdata = userdata; t->userdata = userdata;
if (t->timer < 0) { if (t->timer < 0) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("Failed to add timer with timeout %lld"), timeout); _("Failed to add timer with timeout %lld"), timeout);
VIR_FREE(t); VIR_FREE(t);
return NULL; return NULL;
} }
@ -455,9 +452,9 @@ int virNetServerMDNSStart(virNetServerMDNS *mdns)
mdns, &error); mdns, &error);
if (!mdns->client) { if (!mdns->client) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("Failed to create mDNS client: %s"), _("Failed to create mDNS client: %s"),
avahi_strerror(error)); avahi_strerror(error));
return -1; return -1;
} }

41
src/rpc/virnetserverprogram.c
View File

@ -32,9 +32,6 @@
#include "virfile.h" #include "virfile.h"
#define VIR_FROM_THIS VIR_FROM_RPC #define VIR_FROM_THIS VIR_FROM_RPC
#define virNetError(code, ...) \
virReportErrorHelper(VIR_FROM_THIS, code, __FILE__, \
__FUNCTION__, __LINE__, __VA_ARGS__)
struct _virNetServerProgram { struct _virNetServerProgram {
int refs; int refs;
@ -218,8 +215,8 @@ int virNetServerProgramUnknownError(virNetServerClientPtr client,
{ {
virNetMessageError rerr; virNetMessageError rerr;
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("Cannot find program %d version %d"), req->prog, req->vers); _("Cannot find program %d version %d"), req->prog, req->vers);
memset(&rerr, 0, sizeof(rerr)); memset(&rerr, 0, sizeof(rerr));
return virNetServerProgramSendError(req->prog, return virNetServerProgramSendError(req->prog,
@ -270,16 +267,16 @@ int virNetServerProgramDispatch(virNetServerProgramPtr prog,
/* Check version, etc. */ /* Check version, etc. */
if (msg->header.prog != prog->program) { if (msg->header.prog != prog->program) {
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("program mismatch (actual %x, expected %x)"), _("program mismatch (actual %x, expected %x)"),
msg->header.prog, prog->program); msg->header.prog, prog->program);
goto error; goto error;
} }
if (msg->header.vers != prog->version) { if (msg->header.vers != prog->version) {
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("version mismatch (actual %x, expected %x)"), _("version mismatch (actual %x, expected %x)"),
msg->header.vers, prog->version); msg->header.vers, prog->version);
goto error; goto error;
} }
@ -307,9 +304,9 @@ int virNetServerProgramDispatch(virNetServerProgramPtr prog,
break; break;
default: default:
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("Unexpected message type %u"), _("Unexpected message type %u"),
msg->header.type); msg->header.type);
goto error; goto error;
} }
@ -363,18 +360,18 @@ virNetServerProgramDispatchCall(virNetServerProgramPtr prog,
memset(&rerr, 0, sizeof(rerr)); memset(&rerr, 0, sizeof(rerr));
if (msg->header.status != VIR_NET_OK) { if (msg->header.status != VIR_NET_OK) {
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("Unexpected message status %u"), _("Unexpected message status %u"),
msg->header.status); msg->header.status);
goto error; goto error;
} }
dispatcher = virNetServerProgramGetProc(prog, msg->header.proc); dispatcher = virNetServerProgramGetProc(prog, msg->header.proc);
if (!dispatcher) { if (!dispatcher) {
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("unknown procedure: %d"), _("unknown procedure: %d"),
msg->header.proc); msg->header.proc);
goto error; goto error;
} }
@ -386,8 +383,8 @@ virNetServerProgramDispatchCall(virNetServerProgramPtr prog,
/* Explicitly *NOT* calling remoteDispatchAuthError() because /* Explicitly *NOT* calling remoteDispatchAuthError() because
we want back-compatibility with libvirt clients which don't we want back-compatibility with libvirt clients which don't
support the VIR_ERR_AUTH_FAILED error code */ support the VIR_ERR_AUTH_FAILED error code */
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
"%s", _("authentication required")); "%s", _("authentication required"));
goto error; goto error;
} }

28
src/rpc/virnetsocket.c
View File

@ -48,10 +48,6 @@
#define VIR_FROM_THIS VIR_FROM_RPC #define VIR_FROM_THIS VIR_FROM_RPC
#define virNetError(code, ...) \
virReportErrorHelper(VIR_FROM_THIS, code, __FILE__, \
__FUNCTION__, __LINE__, __VA_ARGS__)
struct _virNetSocket { struct _virNetSocket {
virMutex lock; virMutex lock;
@ -212,9 +208,9 @@ int virNetSocketNewListenTCP(const char *nodename,
int e = getaddrinfo(nodename, service, &hints, &ai); int e = getaddrinfo(nodename, service, &hints, &ai);
if (e != 0) { if (e != 0) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Unable to resolve address '%s' service '%s': %s"), _("Unable to resolve address '%s' service '%s': %s"),
nodename, service, gai_strerror(e)); nodename, service, gai_strerror(e));
return -1; return -1;
} }
@ -409,9 +405,9 @@ int virNetSocketNewConnectTCP(const char *nodename,
int e = getaddrinfo(nodename, service, &hints, &ai); int e = getaddrinfo(nodename, service, &hints, &ai);
if (e != 0) { if (e != 0) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Unable to resolve address '%s' service '%s': %s"), _("Unable to resolve address '%s' service '%s': %s"),
nodename, service, gai_strerror (e)); nodename, service, gai_strerror (e));
return -1; return -1;
} }
@ -485,8 +481,8 @@ int virNetSocketNewConnectUNIX(const char *path,
remoteAddr.len = sizeof(remoteAddr.data.un); remoteAddr.len = sizeof(remoteAddr.data.un);
if (spawnDaemon && !binary) { if (spawnDaemon && !binary) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("Auto-spawn of daemon requested, but no binary specified")); _("Auto-spawn of daemon requested, but no binary specified"));
return -1; return -1;
} }
@ -1180,8 +1176,8 @@ int virNetSocketSendFD(virNetSocketPtr sock, int fd)
{ {
int ret = -1; int ret = -1;
if (!virNetSocketHasPassFD(sock)) { if (!virNetSocketHasPassFD(sock)) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("Sending file descriptors is not supported on this socket")); _("Sending file descriptors is not supported on this socket"));
return -1; return -1;
} }
virMutexLock(&sock->lock); virMutexLock(&sock->lock);
@ -1214,8 +1210,8 @@ int virNetSocketRecvFD(virNetSocketPtr sock, int *fd)
*fd = -1; *fd = -1;
if (!virNetSocketHasPassFD(sock)) { if (!virNetSocketHasPassFD(sock)) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("Receiving file descriptors is not supported on this socket")); _("Receiving file descriptors is not supported on this socket"));
return -1; return -1;
} }
virMutexLock(&sock->lock); virMutexLock(&sock->lock);

265
src/rpc/virnettlscontext.c
View File

@ -48,9 +48,6 @@
#define LIBVIRT_SERVERCERT LIBVIRT_PKI_DIR "/libvirt/servercert.pem" #define LIBVIRT_SERVERCERT LIBVIRT_PKI_DIR "/libvirt/servercert.pem"
#define VIR_FROM_THIS VIR_FROM_RPC #define VIR_FROM_THIS VIR_FROM_RPC
#define virNetError(code, ...) \
virReportErrorHelper(VIR_FROM_THIS, code, __FILE__, \
__FUNCTION__, __LINE__, __VA_ARGS__)
struct _virNetTLSContext { struct _virNetTLSContext {
virMutex lock; virMutex lock;
@ -116,24 +113,24 @@ static int virNetTLSContextCheckCertTimes(gnutls_x509_crt_t cert,
} }
if (gnutls_x509_crt_get_expiration_time(cert) < now) { if (gnutls_x509_crt_get_expiration_time(cert) < now) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
(isCA ? (isCA ?
_("The CA certificate %s has expired") : _("The CA certificate %s has expired") :
(isServer ? (isServer ?
_("The server certificate %s has expired") : _("The server certificate %s has expired") :
_("The client certificate %s has expired"))), _("The client certificate %s has expired"))),
certFile); certFile);
return -1; return -1;
} }
if (gnutls_x509_crt_get_activation_time(cert) > now) { if (gnutls_x509_crt_get_activation_time(cert) > now) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
(isCA ? (isCA ?
_("The CA certificate %s is not yet active") : _("The CA certificate %s is not yet active") :
(isServer ? (isServer ?
_("The server certificate %s is not yet active") : _("The server certificate %s is not yet active") :
_("The client certificate %s is not yet active"))), _("The client certificate %s is not yet active"))),
certFile); certFile);
return -1; return -1;
} }
@ -161,30 +158,30 @@ static int virNetTLSContextCheckCertBasicConstraints(gnutls_x509_crt_t cert,
if (status > 0) { /* It is a CA cert */ if (status > 0) { /* It is a CA cert */
if (!isCA) { if (!isCA) {
virNetError(VIR_ERR_SYSTEM_ERROR, isServer ? virReportError(VIR_ERR_SYSTEM_ERROR, isServer ?
_("The certificate %s basic constraints show a CA, but we need one for a server") : _("The certificate %s basic constraints show a CA, but we need one for a server") :
_("The certificate %s basic constraints show a CA, but we need one for a client"), _("The certificate %s basic constraints show a CA, but we need one for a client"),
certFile); certFile);
return -1; return -1;
} }
} else if (status == 0) { /* It is not a CA cert */ } else if (status == 0) { /* It is not a CA cert */
if (isCA) { if (isCA) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("The certificate %s basic constraints do not show a CA"), _("The certificate %s basic constraints do not show a CA"),
certFile); certFile);
return -1; return -1;
} }
} else if (status == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { /* Missing basicConstraints */ } else if (status == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { /* Missing basicConstraints */
if (isCA) { if (isCA) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("The certificate %s is missing basic constraints for a CA"), _("The certificate %s is missing basic constraints for a CA"),
certFile); certFile);
return -1; return -1;
} }
} else { /* General error */ } else { /* General error */
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Unable to query certificate %s basic constraints %s"), _("Unable to query certificate %s basic constraints %s"),
certFile, gnutls_strerror(status)); certFile, gnutls_strerror(status));
return -1; return -1;
} }
@ -209,9 +206,9 @@ static int virNetTLSContextCheckCertKeyUsage(gnutls_x509_crt_t cert,
usage = isCA ? GNUTLS_KEY_KEY_CERT_SIGN : usage = isCA ? GNUTLS_KEY_KEY_CERT_SIGN :
GNUTLS_KEY_DIGITAL_SIGNATURE|GNUTLS_KEY_KEY_ENCIPHERMENT; GNUTLS_KEY_DIGITAL_SIGNATURE|GNUTLS_KEY_KEY_ENCIPHERMENT;
} else { } else {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Unable to query certificate %s key usage %s"), _("Unable to query certificate %s key usage %s"),
certFile, gnutls_strerror(status)); certFile, gnutls_strerror(status));
return -1; return -1;
} }
} }
@ -219,9 +216,9 @@ static int virNetTLSContextCheckCertKeyUsage(gnutls_x509_crt_t cert,
if (isCA) { if (isCA) {
if (!(usage & GNUTLS_KEY_KEY_CERT_SIGN)) { if (!(usage & GNUTLS_KEY_KEY_CERT_SIGN)) {
if (critical) { if (critical) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Certificate %s usage does not permit certificate signing"), _("Certificate %s usage does not permit certificate signing"),
certFile); certFile);
return -1; return -1;
} else { } else {
VIR_WARN("Certificate %s usage does not permit certificate signing", VIR_WARN("Certificate %s usage does not permit certificate signing",
@ -231,9 +228,9 @@ static int virNetTLSContextCheckCertKeyUsage(gnutls_x509_crt_t cert,
} else { } else {
if (!(usage & GNUTLS_KEY_DIGITAL_SIGNATURE)) { if (!(usage & GNUTLS_KEY_DIGITAL_SIGNATURE)) {
if (critical) { if (critical) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Certificate %s usage does not permit digital signature"), _("Certificate %s usage does not permit digital signature"),
certFile); certFile);
return -1; return -1;
} else { } else {
VIR_WARN("Certificate %s usage does not permit digital signature", VIR_WARN("Certificate %s usage does not permit digital signature",
@ -242,9 +239,9 @@ static int virNetTLSContextCheckCertKeyUsage(gnutls_x509_crt_t cert,
} }
if (!(usage & GNUTLS_KEY_KEY_ENCIPHERMENT)) { if (!(usage & GNUTLS_KEY_KEY_ENCIPHERMENT)) {
if (critical) { if (critical) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Certificate %s usage does not permit key encipherment"), _("Certificate %s usage does not permit key encipherment"),
certFile); certFile);
return -1; return -1;
} else { } else {
VIR_WARN("Certificate %s usage does not permit key encipherment", VIR_WARN("Certificate %s usage does not permit key encipherment",
@ -283,9 +280,9 @@ static int virNetTLSContextCheckCertKeyPurpose(gnutls_x509_crt_t cert,
break; break;
} }
if (status != GNUTLS_E_SHORT_MEMORY_BUFFER) { if (status != GNUTLS_E_SHORT_MEMORY_BUFFER) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Unable to query certificate %s key purpose %s"), _("Unable to query certificate %s key purpose %s"),
certFile, gnutls_strerror(status)); certFile, gnutls_strerror(status));
return -1; return -1;
} }
@ -297,9 +294,9 @@ static int virNetTLSContextCheckCertKeyPurpose(gnutls_x509_crt_t cert,
status = gnutls_x509_crt_get_key_purpose_oid(cert, i, buffer, &size, &purposeCritical); status = gnutls_x509_crt_get_key_purpose_oid(cert, i, buffer, &size, &purposeCritical);
if (status < 0) { if (status < 0) {
VIR_FREE(buffer); VIR_FREE(buffer);
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Unable to query certificate %s key purpose %s"), _("Unable to query certificate %s key purpose %s"),
certFile, gnutls_strerror(status)); certFile, gnutls_strerror(status));
return -1; return -1;
} }
if (purposeCritical) if (purposeCritical)
@ -320,9 +317,9 @@ static int virNetTLSContextCheckCertKeyPurpose(gnutls_x509_crt_t cert,
if (isServer) { if (isServer) {
if (!allowServer) { if (!allowServer) {
if (critical) { if (critical) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Certificate %s purpose does not allow use for with a TLS server"), _("Certificate %s purpose does not allow use for with a TLS server"),
certFile); certFile);
return -1; return -1;
} else { } else {
VIR_WARN("Certificate %s purpose does not allow use for with a TLS server", VIR_WARN("Certificate %s purpose does not allow use for with a TLS server",
@ -332,9 +329,9 @@ static int virNetTLSContextCheckCertKeyPurpose(gnutls_x509_crt_t cert,
} else { } else {
if (!allowClient) { if (!allowClient) {
if (critical) { if (critical) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Certificate %s purpose does not allow use for with a TLS client"), _("Certificate %s purpose does not allow use for with a TLS client"),
certFile); certFile);
return -1; return -1;
} else { } else {
VIR_WARN("Certificate %s purpose does not allow use for with a TLS client", VIR_WARN("Certificate %s purpose does not allow use for with a TLS client",
@ -356,9 +353,9 @@ virNetTLSContextCheckCertDNWhitelist(const char *dname,
if (ret == 0) /* Succesful match */ if (ret == 0) /* Succesful match */
return 1; return 1;
if (ret != FNM_NOMATCH) { if (ret != FNM_NOMATCH) {
virNetError(VIR_ERR_INTERNAL_ERROR, virReportError(VIR_ERR_INTERNAL_ERROR,
_("Malformed TLS whitelist regular expression '%s'"), _("Malformed TLS whitelist regular expression '%s'"),
*wildcards); *wildcards);
return -1; return -1;
} }
@ -369,12 +366,12 @@ virNetTLSContextCheckCertDNWhitelist(const char *dname,
VIR_DEBUG("Failed whitelist check for client DN '%s'", dname); VIR_DEBUG("Failed whitelist check for client DN '%s'", dname);
/* This is the most common error: make it informative. */ /* This is the most common error: make it informative. */
virNetError(VIR_ERR_SYSTEM_ERROR, "%s", virReportError(VIR_ERR_SYSTEM_ERROR, "%s",
_("Client's Distinguished Name is not on the list " _("Client's Distinguished Name is not on the list "
"of allowed clients (tls_allowed_dn_list). Use " "of allowed clients (tls_allowed_dn_list). Use "
"'certtool -i --infile clientcert.pem' to view the" "'certtool -i --infile clientcert.pem' to view the"
"Distinguished Name field in the client certificate," "Distinguished Name field in the client certificate,"
"or run this daemon with --verbose option.")); "or run this daemon with --verbose option."));
return 0; return 0;
} }
@ -392,9 +389,9 @@ virNetTLSContextCheckCertDN(gnutls_x509_crt_t cert,
if (hostname && if (hostname &&
!gnutls_x509_crt_check_hostname(cert, hostname)) { !gnutls_x509_crt_check_hostname(cert, hostname)) {
virNetError(VIR_ERR_RPC, virReportError(VIR_ERR_RPC,
_("Certificate %s owner does not match the hostname %s"), _("Certificate %s owner does not match the hostname %s"),
certFile, hostname); certFile, hostname);
return -1; return -1;
} }
@ -442,10 +439,10 @@ static int virNetTLSContextCheckCertPair(gnutls_x509_crt_t cert,
&cacert, 1, &cacert, 1,
NULL, 0, NULL, 0,
0, &status) < 0) { 0, &status) < 0) {
virNetError(VIR_ERR_SYSTEM_ERROR, isServer ? virReportError(VIR_ERR_SYSTEM_ERROR, isServer ?
_("Unable to verify server certificate %s against CA certificate %s") : _("Unable to verify server certificate %s against CA certificate %s") :
_("Unable to verify client certificate %s against CA certificate %s"), _("Unable to verify client certificate %s against CA certificate %s"),
certFile, cacertFile); certFile, cacertFile);
return -1; return -1;
} }
@ -466,9 +463,9 @@ static int virNetTLSContextCheckCertPair(gnutls_x509_crt_t cert,
reason = _("The certificate uses an insecure algorithm"); reason = _("The certificate uses an insecure algorithm");
#endif #endif
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Our own certificate %s failed validation against %s: %s"), _("Our own certificate %s failed validation against %s: %s"),
certFile, cacertFile, reason); certFile, cacertFile, reason);
return -1; return -1;
} }
@ -489,8 +486,8 @@ static gnutls_x509_crt_t virNetTLSContextLoadCertFromFile(const char *certFile,
isServer, isCA, certFile); isServer, isCA, certFile);
if (gnutls_x509_crt_init(&cert) < 0) { if (gnutls_x509_crt_init(&cert) < 0) {
virNetError(VIR_ERR_SYSTEM_ERROR, "%s", virReportError(VIR_ERR_SYSTEM_ERROR, "%s",
_("Unable to initialize certificate")); _("Unable to initialize certificate"));
goto cleanup; goto cleanup;
} }
@ -501,10 +498,10 @@ static gnutls_x509_crt_t virNetTLSContextLoadCertFromFile(const char *certFile,
data.size = strlen(buf); data.size = strlen(buf);
if (gnutls_x509_crt_import(cert, &data, GNUTLS_X509_FMT_PEM) < 0) { if (gnutls_x509_crt_import(cert, &data, GNUTLS_X509_FMT_PEM) < 0) {
virNetError(VIR_ERR_SYSTEM_ERROR, isServer ? virReportError(VIR_ERR_SYSTEM_ERROR, isServer ?
_("Unable to import server certificate %s") : _("Unable to import server certificate %s") :
_("Unable to import client certificate %s"), _("Unable to import client certificate %s"),
certFile); certFile);
goto cleanup; goto cleanup;
} }
@ -577,9 +574,9 @@ static int virNetTLSContextLoadCredentials(virNetTLSContextPtr ctxt,
cacert, cacert,
GNUTLS_X509_FMT_PEM); GNUTLS_X509_FMT_PEM);
if (err < 0) { if (err < 0) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Unable to set x509 CA certificate: %s: %s"), _("Unable to set x509 CA certificate: %s: %s"),
cacert, gnutls_strerror (err)); cacert, gnutls_strerror (err));
goto cleanup; goto cleanup;
} }
} }
@ -595,9 +592,9 @@ static int virNetTLSContextLoadCredentials(virNetTLSContextPtr ctxt,
cacrl, cacrl,
GNUTLS_X509_FMT_PEM); GNUTLS_X509_FMT_PEM);
if (err < 0) { if (err < 0) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Unable to set x509 certificate revocation list: %s: %s"), _("Unable to set x509 certificate revocation list: %s: %s"),
cacrl, gnutls_strerror(err)); cacrl, gnutls_strerror(err));
goto cleanup; goto cleanup;
} }
} else { } else {
@ -620,9 +617,9 @@ static int virNetTLSContextLoadCredentials(virNetTLSContextPtr ctxt,
cert, key, cert, key,
GNUTLS_X509_FMT_PEM); GNUTLS_X509_FMT_PEM);
if (err < 0) { if (err < 0) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Unable to set x509 key and certificate: %s, %s: %s"), _("Unable to set x509 key and certificate: %s, %s: %s"),
key, cert, gnutls_strerror(err)); key, cert, gnutls_strerror(err));
goto cleanup; goto cleanup;
} }
} else { } else {
@ -656,8 +653,8 @@ static virNetTLSContextPtr virNetTLSContextNew(const char *cacert,
} }
if (virMutexInit(&ctxt->lock) < 0) { if (virMutexInit(&ctxt->lock) < 0) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Failed to initialized mutex")); _("Failed to initialized mutex"));
VIR_FREE(ctxt); VIR_FREE(ctxt);
return NULL; return NULL;
} }
@ -676,9 +673,9 @@ static virNetTLSContextPtr virNetTLSContextNew(const char *cacert,
err = gnutls_certificate_allocate_credentials(&ctxt->x509cred); err = gnutls_certificate_allocate_credentials(&ctxt->x509cred);
if (err) { if (err) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Unable to allocate x509 credentials: %s"), _("Unable to allocate x509 credentials: %s"),
gnutls_strerror(err)); gnutls_strerror(err));
goto error; goto error;
} }
@ -697,16 +694,16 @@ static virNetTLSContextPtr virNetTLSContextNew(const char *cacert,
if (isServer) { if (isServer) {
err = gnutls_dh_params_init(&ctxt->dhParams); err = gnutls_dh_params_init(&ctxt->dhParams);
if (err < 0) { if (err < 0) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Unable to initialize diffie-hellman parameters: %s"), _("Unable to initialize diffie-hellman parameters: %s"),
gnutls_strerror(err)); gnutls_strerror(err));
goto error; goto error;
} }
err = gnutls_dh_params_generate2(ctxt->dhParams, DH_BITS); err = gnutls_dh_params_generate2(ctxt->dhParams, DH_BITS);
if (err < 0) { if (err < 0) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Unable to generate diffie-hellman parameters: %s"), _("Unable to generate diffie-hellman parameters: %s"),
gnutls_strerror(err)); gnutls_strerror(err));
goto error; goto error;
} }
@ -954,9 +951,9 @@ static int virNetTLSContextValidCertificate(virNetTLSContextPtr ctxt,
memset(dname, 0, dnamesize); memset(dname, 0, dnamesize);
if ((ret = gnutls_certificate_verify_peers2(sess->session, &status)) < 0){ if ((ret = gnutls_certificate_verify_peers2(sess->session, &status)) < 0){
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Unable to verify TLS peer: %s"), _("Unable to verify TLS peer: %s"),
gnutls_strerror(ret)); gnutls_strerror(ret));
goto authdeny; goto authdeny;
} }
@ -977,21 +974,21 @@ static int virNetTLSContextValidCertificate(virNetTLSContextPtr ctxt,
reason = _("The certificate uses an insecure algorithm"); reason = _("The certificate uses an insecure algorithm");
#endif #endif
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Certificate failed validation: %s"), _("Certificate failed validation: %s"),
reason); reason);
goto authdeny; goto authdeny;
} }
if (gnutls_certificate_type_get(sess->session) != GNUTLS_CRT_X509) { if (gnutls_certificate_type_get(sess->session) != GNUTLS_CRT_X509) {
virNetError(VIR_ERR_SYSTEM_ERROR, "%s", virReportError(VIR_ERR_SYSTEM_ERROR, "%s",
_("Only x509 certificates are supported")); _("Only x509 certificates are supported"));
goto authdeny; goto authdeny;
} }
if (!(certs = gnutls_certificate_get_peers(sess->session, &nCerts))) { if (!(certs = gnutls_certificate_get_peers(sess->session, &nCerts))) {
virNetError(VIR_ERR_SYSTEM_ERROR, "%s", virReportError(VIR_ERR_SYSTEM_ERROR, "%s",
_("The certificate has no peers")); _("The certificate has no peers"));
goto authdeny; goto authdeny;
} }
@ -999,14 +996,14 @@ static int virNetTLSContextValidCertificate(virNetTLSContextPtr ctxt,
gnutls_x509_crt_t cert; gnutls_x509_crt_t cert;
if (gnutls_x509_crt_init(&cert) < 0) { if (gnutls_x509_crt_init(&cert) < 0) {
virNetError(VIR_ERR_SYSTEM_ERROR, "%s", virReportError(VIR_ERR_SYSTEM_ERROR, "%s",
_("Unable to initialize certificate")); _("Unable to initialize certificate"));
goto authfail; goto authfail;
} }
if (gnutls_x509_crt_import(cert, &certs[i], GNUTLS_X509_FMT_DER) < 0) { if (gnutls_x509_crt_import(cert, &certs[i], GNUTLS_X509_FMT_DER) < 0) {
virNetError(VIR_ERR_SYSTEM_ERROR, "%s", virReportError(VIR_ERR_SYSTEM_ERROR, "%s",
_("Unable to load certificate")); _("Unable to load certificate"));
gnutls_x509_crt_deinit(cert); gnutls_x509_crt_deinit(cert);
goto authfail; goto authfail;
} }
@ -1020,9 +1017,9 @@ static int virNetTLSContextValidCertificate(virNetTLSContextPtr ctxt,
if (i == 0) { if (i == 0) {
ret = gnutls_x509_crt_get_dn(cert, dname, &dnamesize); ret = gnutls_x509_crt_get_dn(cert, dname, &dnamesize);
if (ret != 0) { if (ret != 0) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Failed to get certificate %s distinguished name: %s"), _("Failed to get certificate %s distinguished name: %s"),
"[session]", gnutls_strerror(ret)); "[session]", gnutls_strerror(ret));
goto authfail; goto authfail;
} }
VIR_DEBUG("Peer DN is %s", dname); VIR_DEBUG("Peer DN is %s", dname);
@ -1092,8 +1089,8 @@ int virNetTLSContextCheckCertificate(virNetTLSContextPtr ctxt,
virErrorPtr err = virGetLastError(); virErrorPtr err = virGetLastError();
VIR_WARN("Certificate check failed %s", err && err->message ? err->message : "<unknown>"); VIR_WARN("Certificate check failed %s", err && err->message ? err->message : "<unknown>");
if (ctxt->requireValidCert) { if (ctxt->requireValidCert) {
virNetError(VIR_ERR_AUTH_FAILED, "%s", virReportError(VIR_ERR_AUTH_FAILED, "%s",
_("Failed to verify peer's certificate")); _("Failed to verify peer's certificate"));
goto cleanup; goto cleanup;
} }
virResetLastError(); virResetLastError();
@ -1176,8 +1173,8 @@ virNetTLSSessionPtr virNetTLSSessionNew(virNetTLSContextPtr ctxt,
} }
if (virMutexInit(&sess->lock) < 0) { if (virMutexInit(&sess->lock) < 0) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Failed to initialized mutex")); _("Failed to initialized mutex"));
VIR_FREE(sess); VIR_FREE(sess);
return NULL; return NULL;
} }
@ -1191,9 +1188,9 @@ virNetTLSSessionPtr virNetTLSSessionNew(virNetTLSContextPtr ctxt,
if ((err = gnutls_init(&sess->session, if ((err = gnutls_init(&sess->session,
ctxt->isServer ? GNUTLS_SERVER : GNUTLS_CLIENT)) != 0) { ctxt->isServer ? GNUTLS_SERVER : GNUTLS_CLIENT)) != 0) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Failed to initialize TLS session: %s"), _("Failed to initialize TLS session: %s"),
gnutls_strerror(err)); gnutls_strerror(err));
goto error; goto error;
} }
@ -1201,18 +1198,18 @@ virNetTLSSessionPtr virNetTLSSessionNew(virNetTLSContextPtr ctxt,
* are adequate. * are adequate.
*/ */
if ((err = gnutls_set_default_priority(sess->session)) != 0) { if ((err = gnutls_set_default_priority(sess->session)) != 0) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Failed to set TLS session priority %s"), _("Failed to set TLS session priority %s"),
gnutls_strerror(err)); gnutls_strerror(err));
goto error; goto error;
} }
if ((err = gnutls_credentials_set(sess->session, if ((err = gnutls_credentials_set(sess->session,
GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE,
ctxt->x509cred)) != 0) { ctxt->x509cred)) != 0) {
virNetError(VIR_ERR_SYSTEM_ERROR, virReportError(VIR_ERR_SYSTEM_ERROR,
_("Failed set TLS x509 credentials: %s"), _("Failed set TLS x509 credentials: %s"),
gnutls_strerror(err)); gnutls_strerror(err));
goto error; goto error;
} }
@ -1352,9 +1349,9 @@ int virNetTLSSessionHandshake(virNetTLSSessionPtr sess)
virNetServerClientGetFD(client)); virNetServerClientGetFD(client));
#endif #endif
virNetError(VIR_ERR_AUTH_FAILED, virReportError(VIR_ERR_AUTH_FAILED,
_("TLS handshake failed %s"), _("TLS handshake failed %s"),
gnutls_strerror(ret)); gnutls_strerror(ret));
ret = -1; ret = -1;
cleanup: cleanup:
@ -1384,8 +1381,8 @@ int virNetTLSSessionGetKeySize(virNetTLSSessionPtr sess)
virMutexLock(&sess->lock); virMutexLock(&sess->lock);
cipher = gnutls_cipher_get(sess->session); cipher = gnutls_cipher_get(sess->session);
if (!(ssf = gnutls_cipher_get_key_size(cipher))) { if (!(ssf = gnutls_cipher_get_key_size(cipher))) {
virNetError(VIR_ERR_INTERNAL_ERROR, "%s", virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("invalid cipher size for TLS session")); _("invalid cipher size for TLS session"));
ssf = -1; ssf = -1;
goto cleanup; goto cleanup;
} }