From 7fa9ceb7407ceedfe175a75067b71e73a9f26e6f Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrange" Date: Wed, 5 Dec 2007 18:28:05 +0000 Subject: [PATCH] Added public API for authentication credential callback support --- ChangeLog | 12 ++ Makefile.am | 2 +- docs/devhelp/libvirt-libvirt.html | 80 ++++++++++- docs/devhelp/libvirt-virterror.html | 3 +- docs/libvirt-api.xml | 118 ++++++++++++---- docs/libvirt-refs.xml | 210 +++++++++++++++++++++++++--- include/libvirt/libvirt.h | 72 ++++++++++ include/libvirt/libvirt.h.in | 72 ++++++++++ proxy/libvirt_proxy.c | 4 +- src/driver.h | 10 +- src/internal.h | 5 - src/libvirt.c | 40 ++++-- src/openvz_driver.c | 23 ++- src/proxy_internal.c | 9 +- src/qemu_driver.c | 2 + src/remote_internal.c | 22 +-- src/test.c | 2 + src/xen_internal.c | 1 + src/xen_internal.h | 1 + src/xen_unified.c | 4 +- src/xend_internal.c | 6 +- src/xend_internal.h | 2 +- src/xm_internal.c | 4 +- src/xm_internal.h | 2 +- src/xs_internal.c | 3 +- src/xs_internal.h | 1 + 26 files changed, 611 insertions(+), 99 deletions(-) diff --git a/ChangeLog b/ChangeLog index 42392ed5b6..594c967d8e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,15 @@ +Wed Dec 5 13:27:00 EST 2007 Daniel P. Berrange + + * Makefile.am: Put include/ before src/ in SUBDIRS + * docs/*: updated for new public API + * include/libvirt.h.in: Added virConnectOpenAuth and related + definitions for authentication callbacks. + * proxy/libvirt_proxy.c, src/openvz_driver.c, src/proxy_internal.c, + src/qemu_driver.c, src/test.c, src/xen_internal.c, src/xen_unified.c, + src/xend_internal.c, src/xend_internal.h, src/xm_internal.c, + src/xm_internal.h, src/xs_internal.c, src/xs_internal.h, + src/remote_internal.c: Update for new auth arg to the open API + Wed Dec 5 13:20:00 EST 2007 Daniel P. Berrange * configure.in: do PolicyKit checks via pkg-config diff --git a/Makefile.am b/Makefile.am index eaa204e6c6..03e80627df 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,6 +1,6 @@ ## Process this file with automake to produce Makefile.in -SUBDIRS = src qemud proxy include docs @PYTHON_SUBDIR@ tests po m4 scripts +SUBDIRS = include src qemud proxy docs @PYTHON_SUBDIR@ tests po m4 scripts ACLOCAL_AMFLAGS = -I m4 diff --git a/docs/devhelp/libvirt-libvirt.html b/docs/devhelp/libvirt-libvirt.html index bcde31a919..759a19751d 100644 --- a/docs/devhelp/libvirt-libvirt.html +++ b/docs/devhelp/libvirt-libvirt.html @@ -61,19 +61,26 @@ typedef struct _virDomainInterfaceStats virDomainState; typedef struct _virDomain virDomain; typedef virDomainInterfaceStatsStruct * virDomainInterfaceStatsPtr; +typedef virConnectAuth * virConnectAuthPtr; typedef enum virSchedParameterType; -typedef virSchedParameter * virSchedParameterPtr; +typedef virConnectCredential * virConnectCredentialPtr; typedef virNodeInfo * virNodeInfoPtr; typedef virNetwork * virNetworkPtr; typedef virDomainInfo * virDomainInfoPtr; typedef virConnect * virConnectPtr; typedef struct _virSchedParameter virSchedParameter; +typedef enum virConnectFlags; +typedef virSchedParameter * virSchedParameterPtr; typedef enum virVcpuState; +typedef struct _virConnectAuth virConnectAuth; +typedef struct _virConnectCredential virConnectCredential; typedef virVcpuInfo * virVcpuInfoPtr; typedef enum virDomainXMLFlags; typedef virDomain * virDomainPtr; +typedef enum virConnectCredentialType; typedef enum virDomainCreateFlags; int virDomainGetInfo (virDomainPtr domain,
virDomainInfoPtr info); +int virNetworkCreate (virNetworkPtr network); int virNetworkFree (virNetworkPtr network); const char * virNetworkGetName (virNetworkPtr network); const char * virDomainGetName (virDomainPtr domain); @@ -88,6 +95,7 @@ int virInitialize (void); virDomainPtr virDomainLookupByName (virConnectPtr conn,
const char * name); virNetworkPtr virNetworkLookupByUUID (virConnectPtr conn,
const unsigned char * uuid); char * virNetworkGetBridgeName (virNetworkPtr network); +char * virNetworkGetXMLDesc (virNetworkPtr network,
int flags); int virDomainPinVcpu (virDomainPtr domain,
unsigned int vcpu,
unsigned char * cpumap,
int maplen); int virDomainRestore (virConnectPtr conn,
const char * from); const char * virConnectGetType (virConnectPtr conn); @@ -119,21 +127,20 @@ int virDomainFree (virDomainSetAutostart (virDomainPtr domain,
int autostart); int virDomainSuspend (virDomainPtr domain); int virConnectGetMaxVcpus (virConnectPtr conn,
const char * type); -virConnectPtr virNetworkGetConnect (virNetworkPtr net); int virConnectNumOfDefinedDomains (virConnectPtr conn); -virNetworkPtr virNetworkCreateXML (virConnectPtr conn,
const char * xmlDesc); +virConnectPtr virNetworkGetConnect (virNetworkPtr net); virNetworkPtr virNetworkDefineXML (virConnectPtr conn,
const char * xml); -int virNetworkCreate (virNetworkPtr network); +virDomainPtr virDomainLookupByID (virConnectPtr conn,
int id); int virDomainSetSchedulerParameters (virDomainPtr domain,
virSchedParameterPtr params,
int nparams); int virNodeGetCellsFreeMemory (virConnectPtr conn,
unsigned long long * freeMems,
int startCell,
int maxCells); int virConnectClose (virConnectPtr conn); int virDomainReboot (virDomainPtr domain,
unsigned int flags); int virDomainBlockStats (virDomainPtr dom,
const char * path,
virDomainBlockStatsPtr stats,
size_t size); int virDomainSetVcpus (virDomainPtr domain,
unsigned int nvcpus); -virDomainPtr virDomainLookupByID (virConnectPtr conn,
int id); +virConnectPtr virConnectOpenAuth (const char * name,
virConnectAuthPtr auth,
int flags); int virNetworkGetUUIDString (virNetworkPtr network,
char * buf); virDomainPtr virDomainMigrate (virDomainPtr domain,
virConnectPtr dconn,
unsigned long flags,
const char * dname,
const char * uri,
unsigned long bandwidth); -char * virNetworkGetXMLDesc (virNetworkPtr network,
int flags); +virNetworkPtr virNetworkCreateXML (virConnectPtr conn,
const char * xmlDesc); unsigned int virDomainGetID (virDomainPtr domain); int virDomainResume (virDomainPtr domain); virDomainPtr virDomainCreateLinux (virConnectPtr conn,
const char * xmlDesc,
unsigned int flags); @@ -149,6 +156,7 @@ char * virConnectGetHostname (virDomainGetXMLDesc (virDomainPtr domain,
int flags); int virDomainSetMaxMemory (virDomainPtr domain,
unsigned long memory); int virDomainInterfaceStats (virDomainPtr dom,
const char * path,
virDomainInterfaceStatsPtr stats,
size_t size); +typedef int virConnectAuthCallbackPtr (virConnectCredentialPtr cred,
unsigned int ncred,
void * cbdata); int virConnectGetVersion (virConnectPtr conn,
unsigned long * hvVer); int virConnectListNetworks (virConnectPtr conn,
char ** const names,
int maxnames); char * virConnectGetURI (virConnectPtr conn); @@ -210,6 +218,54 @@ int virDomainSave (

Structure virConnectAuth

struct _virConnectAuth {
+    int *	credtype	: List of supported virConnectCredentialType values
+    unsigned int	ncredtype
+    virConnectAuthCallbackPtr	cb	: Callback used to collect credentials
+    void *	cbdata
+} virConnectAuth;
+

+ +

+

Typedef virConnectAuthPtr

virConnectAuth * virConnectAuthPtr;
+

+

+
+

Structure virConnectCredential

struct _virConnectCredential {
+    int	type	: One of virConnectCredentialType constants
+    const char *	prompt	: Prompt to show to user
+    const char *	challenge	: Additional challenge to show
+    const char *	defresult	: Optional default result
+    char *	result	: Result to be filled with user response (or defresult)
+    unsigned int	resultlen	: Length of the result
+} virConnectCredential;
+

+

+
+

Typedef virConnectCredentialPtr

virConnectCredential * virConnectCredentialPtr;
+

+

+
+

Enum virConnectCredentialType

enum virConnectCredentialType {
+    VIR_CRED_USERNAME = 1 /* Identity to act as */
+    VIR_CRED_AUTHNAME = 2 /* Identify to authorize as */
+    VIR_CRED_LANGUAGE = 3 /* RFC 1766 languages, comma separated */
+    VIR_CRED_CNONCE = 4 /* client supplies a nonce */
+    VIR_CRED_PASSPHRASE = 5 /* Passphrase secret */
+    VIR_CRED_ECHOPROMPT = 6 /* Challenge response */
+    VIR_CRED_NOECHOPROMPT = 7 /* Challenge response */
+    VIR_CRED_REALM = 8 /* Authentication realm */
+    VIR_CRED_EXTERNAL = 9 /*  Externally managed credential More may be added - expect the unexpected */
+};
+

+

+
+

Enum virConnectFlags

enum virConnectFlags {
+    VIR_CONNECT_RO = 1 /*  A readonly connection */
+};
+

Typedef virConnectPtr

virConnect * virConnectPtr;
@@ -370,6 +426,14 @@ The content of this structure is not made public by the API.
     VIR_VCPU_BLOCKED = 2 /*  the virtual CPU is blocked on resource */
 };

+

+
+

Function type virConnectAuthCallbackPtr

int	virConnectAuthCallbackPtr	(virConnectCredentialPtr cred, 
					 unsigned int ncred, 
					 void * cbdata)

+

+

cred:
ncred:
cbdata:
Returns:
+
+

Variable virConnectAuthPtrDefault

virConnectAuthPtr virConnectAuthPtrDefault;
+

virConnectClose ()

int	virConnectClose			(virConnectPtr conn)

@@ -435,6 +499,10 @@ The content of this structure is not made public by the API.
         
virConnectOpen ()
virConnectPtr	virConnectOpen		(const char * name)

 
This function should be called first to get a connection to the Hypervisor and xen store

 
name:URI of the hypervisor
Returns:a pointer to the hypervisor connection or NULL in case of error URIs are documented at http://libvirt.org/uri.html

+        

+        
virConnectOpenAuth ()
virConnectPtr	virConnectOpenAuth	(const char * name, 
					 virConnectAuthPtr auth, 
					 int flags)

+
This function should be called first to get a connection to the Hypervisor. If neccessary, authentication will be performed fetching credentials via the callback

+
name:URI of the hypervisor
auth:Authenticate callback parameters
flags:Open flags
Returns:a pointer to the hypervisor connection or NULL in case of error URIs are documented at http://libvirt.org/uri.html

         

         
virConnectOpenReadOnly ()
virConnectPtr	virConnectOpenReadOnly	(const char * name)

 
This function should be called first to get a restricted connection to the libbrary functionalities. The set of APIs usable are then restricted on the available methods to control the domains.

diff --git a/docs/devhelp/libvirt-virterror.html b/docs/devhelp/libvirt-virterror.html
index e83743567c..0f6322e81f 100644
--- a/docs/devhelp/libvirt-virterror.html
+++ b/docs/devhelp/libvirt-virterror.html
@@ -154,7 +154,8 @@ void	virConnResetLastError		(VIR_WAR_NO_NETWORK = 41 /* failed to start network */
     VIR_ERR_NO_DOMAIN = 42 /* domain not found or unexpectedly disappeared */
     VIR_ERR_NO_NETWORK = 43 /* network not found */
-    VIR_ERR_INVALID_MAC = 44 /*  invalid MAC adress */
+    VIR_ERR_INVALID_MAC = 44 /* invalid MAC adress */
+    VIR_ERR_AUTH_FAILED = 45 /*  authentication failed */
 };

diff --git a/docs/libvirt-api.xml b/docs/libvirt-api.xml index ff1ed98961..8c02503341 100644 --- a/docs/libvirt-api.xml +++ b/docs/libvirt-api.xml @@ -16,26 +16,36 @@ - - - - - - - - - - - - + - - - + + + + + + + + + + + + - + + + + + + + + + + + + + @@ -48,25 +58,35 @@ + - + + + + + + - + - + + + + + @@ -81,6 +101,7 @@ + @@ -112,21 +133,20 @@ - - + - + - + - + @@ -142,6 +162,7 @@ + @@ -159,6 +180,7 @@ + @@ -176,7 +198,7 @@ - + @@ -287,6 +309,16 @@ This macro provides the length of the buffer required for virDomainGetUUIDString() + + + + + + + + + + @@ -303,6 +335,7 @@ + @@ -315,7 +348,7 @@ - + @@ -373,6 +406,24 @@ + + + + + + + + + + + + + + + + + + a virConnectPtr is pointer to a virConnect private structure, this is the type used to reference a connection to the Xen Hypervisor in the API. @@ -468,6 +519,7 @@ + Copy the content of the last error caught on that connection One will need to free the result with virResetError() @@ -491,6 +543,13 @@ + + + + + + + This function closes the connection to the Hypervisor. This should not be called if further interaction with the Hypervisor are needed especially if there is running domain which need further monitoring by the application. @@ -581,6 +640,13 @@ + + This function should be called first to get a connection to the Hypervisor. If neccessary, authentication will be performed fetching credentials via the callback + + + + + This function should be called first to get a restricted connection to the libbrary functionalities. The set of APIs usable are then restricted on the available methods to control the domains. diff --git a/docs/libvirt-refs.xml b/docs/libvirt-refs.xml index c1e1746012..45762b0a6e 100644 --- a/docs/libvirt-refs.xml +++ b/docs/libvirt-refs.xml @@ -2,9 +2,19 @@ + + + + + + + + + + @@ -22,6 +32,7 @@ + @@ -97,6 +108,8 @@ + + @@ -109,7 +122,15 @@ + + + + + + + + @@ -125,6 +146,7 @@ + @@ -231,9 +253,19 @@ + + + + + + + + + + @@ -251,6 +283,7 @@ + @@ -328,6 +361,8 @@ + + @@ -342,7 +377,15 @@ + + + + + + + + @@ -358,6 +401,7 @@ + @@ -472,6 +516,7 @@ + @@ -525,6 +570,7 @@ + @@ -542,6 +588,12 @@ + + + + + + @@ -662,6 +714,7 @@ + @@ -669,9 +722,19 @@ + + + + + + + + + + @@ -699,6 +762,8 @@ + + @@ -706,7 +771,15 @@ + + + + + + + + @@ -722,6 +795,7 @@ + @@ -812,6 +886,7 @@ + @@ -912,12 +987,18 @@ + + + + + + @@ -956,6 +1037,9 @@ + + + @@ -1058,6 +1142,7 @@ + @@ -1085,9 +1170,15 @@ + + + + + + @@ -1132,12 +1223,22 @@ + + + + + + + + + + @@ -1179,6 +1280,9 @@ + + + @@ -1235,11 +1339,13 @@ + + @@ -1274,6 +1380,8 @@ + + @@ -1307,8 +1415,6 @@ - - @@ -1464,6 +1570,7 @@ + @@ -1507,6 +1614,9 @@ + + + @@ -1633,6 +1743,8 @@ + + @@ -1654,6 +1766,7 @@ + @@ -1661,6 +1774,7 @@ + @@ -1729,6 +1843,9 @@ + + + @@ -1755,6 +1872,7 @@ + @@ -1790,6 +1908,9 @@ + + + @@ -1846,6 +1967,10 @@ + + + + @@ -1856,8 +1981,6 @@ - - @@ -1876,6 +1999,7 @@ + @@ -1893,6 +2017,9 @@ + + + @@ -1945,6 +2072,7 @@ + @@ -1984,6 +2112,8 @@ + + @@ -2053,6 +2183,9 @@ + + + @@ -2065,6 +2198,7 @@ + @@ -2078,10 +2212,12 @@ + + @@ -2159,6 +2295,7 @@ + @@ -2191,6 +2328,7 @@ + @@ -2232,8 +2370,6 @@ - - @@ -2276,11 +2412,13 @@ + + @@ -2388,6 +2526,8 @@ + + @@ -2479,6 +2619,7 @@ + @@ -2709,8 +2850,6 @@ - - @@ -2737,6 +2876,9 @@ + + + @@ -2789,6 +2931,8 @@ + + @@ -2839,6 +2983,7 @@ + @@ -2874,6 +3019,7 @@ + @@ -2909,6 +3055,9 @@ + + + @@ -3102,6 +3251,9 @@ + + + @@ -3116,6 +3268,7 @@ + @@ -3193,7 +3346,7 @@ - + @@ -3242,6 +3395,7 @@ + @@ -3255,6 +3409,9 @@ + + + @@ -3428,6 +3585,7 @@ + @@ -3589,7 +3747,7 @@ - + @@ -3615,6 +3773,7 @@ + @@ -3642,6 +3801,7 @@ + @@ -3658,6 +3818,7 @@ + @@ -3686,6 +3847,7 @@ + @@ -3702,9 +3864,16 @@ + + + + + + + @@ -3882,6 +4051,7 @@ + @@ -3903,6 +4073,7 @@ + @@ -3935,7 +4106,7 @@ - + @@ -3964,14 +4135,15 @@ - - - - - - - - + + + + + + + + + diff --git a/include/libvirt/libvirt.h b/include/libvirt/libvirt.h index 0402aeade3..74b8beea9a 100644 --- a/include/libvirt/libvirt.h +++ b/include/libvirt/libvirt.h @@ -1,3 +1,4 @@ + /* -*- c -*- * libvirt.h: * Summary: core interfaces for the libvirt library @@ -274,6 +275,74 @@ virDomainPtr virDomainMigrate (virDomainPtr domain, virConnectPtr dconn, typedef virNodeInfo *virNodeInfoPtr; +/** + * virConnectFlags + * + * Flags when openning a connection to a hypervisor + */ +typedef enum { + VIR_CONNECT_RO = 1, /* A readonly connection */ +} virConnectFlags; + + +typedef enum { + VIR_CRED_USERNAME = 1, /* Identity to act as */ + VIR_CRED_AUTHNAME = 2, /* Identify to authorize as */ + VIR_CRED_LANGUAGE = 3, /* RFC 1766 languages, comma separated */ + VIR_CRED_CNONCE = 4, /* client supplies a nonce */ + VIR_CRED_PASSPHRASE = 5, /* Passphrase secret */ + VIR_CRED_ECHOPROMPT = 6, /* Challenge response */ + VIR_CRED_NOECHOPROMPT = 7, /* Challenge response */ + VIR_CRED_REALM = 8, /* Authentication realm */ + VIR_CRED_EXTERNAL = 9, /* Externally managed credential */ + + /* More may be added - expect the unexpected */ +} virConnectCredentialType; + +struct _virConnectCredential { + int type; /* One of virConnectCredentialType constants */ + const char *prompt; /* Prompt to show to user */ + const char *challenge; /* Additional challenge to show */ + const char *defresult; /* Optional default result */ + char *result; /* Result to be filled with user response (or defresult) */ + unsigned int resultlen; /* Length of the result */ +}; + +typedef struct _virConnectCredential virConnectCredential; +typedef virConnectCredential *virConnectCredentialPtr; + + +/** + * virConnectCredCallbackPtr + * + * @param authtype type of authentication being performed + * @param cred list of virConnectCredential object to fetch from user + * @param ncred size of cred list + * @param cbdata opaque data passed to virConnectOpenAuth + * + * When authentication requires one or more interactions, this callback + * is invoked. For each interaction supplied, data must be gathered + * from the user and filled in to the 'result' and 'resultlen' fields. + * If an interaction can not be filled, fill in NULL and 0. + * + * Return 0 if all interactions were filled, or -1 upon error + */ +typedef int (*virConnectAuthCallbackPtr)(virConnectCredentialPtr cred, + unsigned int ncred, + void *cbdata); + +struct _virConnectAuth { + int *credtype; /* List of supported virConnectCredentialType values */ + unsigned int ncredtype; + + virConnectAuthCallbackPtr cb; /* Callback used to collect credentials */ + void *cbdata; +}; + + +typedef struct _virConnectAuth virConnectAuth; +typedef virConnectAuth *virConnectAuthPtr; + /** * VIR_UUID_BUFLEN: * @@ -314,6 +383,9 @@ int virInitialize (void); virConnectPtr virConnectOpen (const char *name); virConnectPtr virConnectOpenReadOnly (const char *name); +virConnectPtr virConnectOpenAuth (const char *name, + virConnectAuthPtr auth, + int flags); int virConnectClose (virConnectPtr conn); const char * virConnectGetType (virConnectPtr conn); int virConnectGetVersion (virConnectPtr conn, diff --git a/include/libvirt/libvirt.h.in b/include/libvirt/libvirt.h.in index 9d44a74f0f..15f325fb23 100644 --- a/include/libvirt/libvirt.h.in +++ b/include/libvirt/libvirt.h.in @@ -1,3 +1,4 @@ + /* -*- c -*- * libvirt.h: * Summary: core interfaces for the libvirt library @@ -274,6 +275,74 @@ virDomainPtr virDomainMigrate (virDomainPtr domain, virConnectPtr dconn, typedef virNodeInfo *virNodeInfoPtr; +/** + * virConnectFlags + * + * Flags when openning a connection to a hypervisor + */ +typedef enum { + VIR_CONNECT_RO = 1, /* A readonly connection */ +} virConnectFlags; + + +typedef enum { + VIR_CRED_USERNAME = 1, /* Identity to act as */ + VIR_CRED_AUTHNAME = 2, /* Identify to authorize as */ + VIR_CRED_LANGUAGE = 3, /* RFC 1766 languages, comma separated */ + VIR_CRED_CNONCE = 4, /* client supplies a nonce */ + VIR_CRED_PASSPHRASE = 5, /* Passphrase secret */ + VIR_CRED_ECHOPROMPT = 6, /* Challenge response */ + VIR_CRED_NOECHOPROMPT = 7, /* Challenge response */ + VIR_CRED_REALM = 8, /* Authentication realm */ + VIR_CRED_EXTERNAL = 9, /* Externally managed credential */ + + /* More may be added - expect the unexpected */ +} virConnectCredentialType; + +struct _virConnectCredential { + int type; /* One of virConnectCredentialType constants */ + const char *prompt; /* Prompt to show to user */ + const char *challenge; /* Additional challenge to show */ + const char *defresult; /* Optional default result */ + char *result; /* Result to be filled with user response (or defresult) */ + unsigned int resultlen; /* Length of the result */ +}; + +typedef struct _virConnectCredential virConnectCredential; +typedef virConnectCredential *virConnectCredentialPtr; + + +/** + * virConnectCredCallbackPtr + * + * @param authtype type of authentication being performed + * @param cred list of virConnectCredential object to fetch from user + * @param ncred size of cred list + * @param cbdata opaque data passed to virConnectOpenAuth + * + * When authentication requires one or more interactions, this callback + * is invoked. For each interaction supplied, data must be gathered + * from the user and filled in to the 'result' and 'resultlen' fields. + * If an interaction can not be filled, fill in NULL and 0. + * + * Return 0 if all interactions were filled, or -1 upon error + */ +typedef int (*virConnectAuthCallbackPtr)(virConnectCredentialPtr cred, + unsigned int ncred, + void *cbdata); + +struct _virConnectAuth { + int *credtype; /* List of supported virConnectCredentialType values */ + unsigned int ncredtype; + + virConnectAuthCallbackPtr cb; /* Callback used to collect credentials */ + void *cbdata; +}; + + +typedef struct _virConnectAuth virConnectAuth; +typedef virConnectAuth *virConnectAuthPtr; + /** * VIR_UUID_BUFLEN: * @@ -314,6 +383,9 @@ int virInitialize (void); virConnectPtr virConnectOpen (const char *name); virConnectPtr virConnectOpenReadOnly (const char *name); +virConnectPtr virConnectOpenAuth (const char *name, + virConnectAuthPtr auth, + int flags); int virConnectClose (virConnectPtr conn); const char * virConnectGetType (virConnectPtr conn); int virConnectGetVersion (virConnectPtr conn, diff --git a/proxy/libvirt_proxy.c b/proxy/libvirt_proxy.c index d8092a26ee..d7deb44014 100644 --- a/proxy/libvirt_proxy.c +++ b/proxy/libvirt_proxy.c @@ -77,7 +77,7 @@ proxyInitXen(void) { priv->xshandle = NULL; priv->proxy = -1; - ret = xenHypervisorOpen(conn, NULL, 0); + ret = xenHypervisorOpen(conn, NULL, NULL, 0); if (ret < 0) { fprintf(stderr, "Failed to open Xen hypervisor\n"); return(-1); @@ -93,7 +93,7 @@ proxyInitXen(void) { fprintf(stderr, "Failed to connect to Xen daemon\n"); return(-1); } - ret = xenStoreOpen(conn, NULL, VIR_DRV_OPEN_RO); + ret = xenStoreOpen(conn, NULL, NULL, VIR_CONNECT_RO); if (ret < 0) { fprintf(stderr, "Failed to open XenStore connection"); return (-1); diff --git a/src/driver.h b/src/driver.h index d7c7c5f376..a91cd4251f 100644 --- a/src/driver.h +++ b/src/driver.h @@ -27,11 +27,6 @@ typedef enum { } virDrvNo; -typedef enum { - /* VIR_DRV_OPEN_QUIET = 1 - removed by RWMJ */ - VIR_DRV_OPEN_RO = 2 -} virDrvOpenFlag; - /* Status codes returned from driver open call. */ typedef enum { /* Opened successfully. */ @@ -76,8 +71,9 @@ typedef enum { typedef virDrvOpenStatus (*virDrvOpen) (virConnectPtr conn, - xmlURIPtr uri, - int flags); + xmlURIPtr uri, + virConnectAuthPtr auth, + int flags); typedef int (*virDrvClose) (virConnectPtr conn); typedef int diff --git a/src/internal.h b/src/internal.h index 0ef32a0b51..b50d626303 100644 --- a/src/internal.h +++ b/src/internal.h @@ -123,11 +123,6 @@ extern "C" { #define MAX_DRIVERS 10 #define MIN_XEN_GUEST_SIZE 64 /* 64 megabytes */ -/* - * Flags for Xen connections - */ -#define VIR_CONNECT_RO 1 - /** * _virConnect: * diff --git a/src/libvirt.c b/src/libvirt.c index 239c7d018a..62ede212a3 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -395,7 +395,9 @@ virGetVersion(unsigned long *libVer, const char *type, } static virConnectPtr -do_open (const char *name, int flags) +do_open (const char *name, + virConnectAuthPtr auth, + int flags) { int i, res; virConnectPtr ret = NULL; @@ -458,7 +460,7 @@ do_open (const char *name, int flags) fprintf (stderr, "libvirt: do_open: trying driver %d (%s) ...\n", i, virDriverTab[i]->name); #endif - res = virDriverTab[i]->open (ret, uri, flags); + res = virDriverTab[i]->open (ret, uri, auth, flags); #ifdef ENABLE_DEBUG fprintf (stderr, "libvirt: do_open: driver %d %s returned %s\n", i, virDriverTab[i]->name, @@ -480,7 +482,7 @@ do_open (const char *name, int flags) } for (i = 0; i < virNetworkDriverTabCount; i++) { - res = virNetworkDriverTab[i]->open (ret, uri, flags); + res = virNetworkDriverTab[i]->open (ret, uri, auth, flags); #ifdef ENABLE_DEBUG fprintf (stderr, "libvirt: do_open: network driver %d %s returned %s\n", i, virNetworkDriverTab[i]->name, @@ -500,9 +502,8 @@ do_open (const char *name, int flags) } } - if (flags & VIR_DRV_OPEN_RO) { - ret->flags = VIR_CONNECT_RO; - } + /* Cleansing flags */ + ret->flags = flags & VIR_CONNECT_RO; xmlFreeURI (uri); @@ -531,7 +532,7 @@ virConnectPtr virConnectOpen (const char *name) { DEBUG("name=%s", name); - return do_open (name, 0); + return do_open (name, NULL, 0); } /** @@ -550,7 +551,30 @@ virConnectPtr virConnectOpenReadOnly(const char *name) { DEBUG("name=%s", name); - return do_open (name, VIR_DRV_OPEN_RO); + return do_open (name, NULL, VIR_CONNECT_RO); +} + +/** + * virConnectOpenAuth: + * @name: URI of the hypervisor + * @auth: Authenticate callback parameters + * @flags: Open flags + * + * This function should be called first to get a connection to the + * Hypervisor. If neccessary, authentication will be performed fetching + * credentials via the callback + * + * Returns a pointer to the hypervisor connection or NULL in case of error + * + * URIs are documented at http://libvirt.org/uri.html + */ +virConnectPtr +virConnectOpenAuth(const char *name, + virConnectAuthPtr auth, + int flags) +{ + DEBUG("name=%s", name); + return do_open (name, auth, flags); } /** diff --git a/src/openvz_driver.c b/src/openvz_driver.c index 7c4a46d844..f51725df66 100644 --- a/src/openvz_driver.c +++ b/src/openvz_driver.c @@ -89,7 +89,12 @@ static int openvzReload(void); static int openvzActive(void); static int openvzCloseNetwork(virConnectPtr conn); static virDrvOpenStatus openvzOpenNetwork(virConnectPtr conn, - const char *name ATTRIBUTE_UNUSED, int flags ATTRIBUTE_UNUSED); + const char *name ATTRIBUTE_UNUSED, + int *credtype ATTRIBUTE_UNUSED, + int ncredtype ATTRIBUTE_UNUSED, + virConnectAuthCallbackPtr cb ATTRIBUTE_UNUSED, + void *cbdata ATTRIBUTE_UNUSED, + int flags ATTRIBUTE_UNUSED); static virDomainPtr openvzDomainDefineXML(virConnectPtr conn, const char *xml); static virDomainPtr openvzDomainCreateLinux(virConnectPtr conn, const char *xml, @@ -551,8 +556,12 @@ bail_out5: } static virDrvOpenStatus openvzOpen(virConnectPtr conn, - const char *name, - int flags ATTRIBUTE_UNUSED) { + const char *name, + int *credtype ATTRIBUTE_UNUSED, + int ncredtype ATTRIBUTE_UNUSED, + virConnectAuthCallbackPtr cb ATTRIBUTE_UNUSED, + void *cbdata ATTRIBUTE_UNUSED, + int flags ATTRIBUTE_UNUSED) { struct openvz_vm *vms; /* Just check if the guy is root. Nothing really to open for OpenVZ */ @@ -693,8 +702,12 @@ static int openvzCloseNetwork(virConnectPtr conn ATTRIBUTE_UNUSED) { } static virDrvOpenStatus openvzOpenNetwork(virConnectPtr conn ATTRIBUTE_UNUSED, - const char *name ATTRIBUTE_UNUSED, - int flags ATTRIBUTE_UNUSED) { + const char *name ATTRIBUTE_UNUSED, + int *credtype ATTRIBUTE_UNUSED, + int ncredtype ATTRIBUTE_UNUSED, + virConnectAuthCallbackPtr cb ATTRIBUTE_UNUSED, + void *cbdata ATTRIBUTE_UNUSED, + int flags ATTRIBUTE_UNUSED) { return VIR_DRV_OPEN_SUCCESS; } diff --git a/src/proxy_internal.c b/src/proxy_internal.c index 95ff673767..6f142c57a8 100644 --- a/src/proxy_internal.c +++ b/src/proxy_internal.c @@ -29,7 +29,7 @@ static int debug = 0; static int xenProxyClose(virConnectPtr conn); -static int xenProxyOpen(virConnectPtr conn, xmlURIPtr uri, int flags); +static int xenProxyOpen(virConnectPtr conn, xmlURIPtr uri, virConnectAuthPtr auth, int flags); static int xenProxyGetVersion(virConnectPtr conn, unsigned long *hvVer); static int xenProxyNodeGetInfo(virConnectPtr conn, virNodeInfoPtr info); static char *xenProxyGetCapabilities(virConnectPtr conn); @@ -520,14 +520,17 @@ retry: * Returns 0 in case of success, and -1 in case of failure */ int -xenProxyOpen(virConnectPtr conn, xmlURIPtr uri ATTRIBUTE_UNUSED, int flags) +xenProxyOpen(virConnectPtr conn, + xmlURIPtr uri ATTRIBUTE_UNUSED, + virConnectAuthPtr auth ATTRIBUTE_UNUSED, + int flags) { virProxyPacket req; int ret; int fd; xenUnifiedPrivatePtr priv; - if (!(flags & VIR_DRV_OPEN_RO)) + if (!(flags & VIR_CONNECT_RO)) return(-1); priv = (xenUnifiedPrivatePtr) conn->privateData; diff --git a/src/qemu_driver.c b/src/qemu_driver.c index 4cdf0b4dfe..dfed446559 100644 --- a/src/qemu_driver.c +++ b/src/qemu_driver.c @@ -1390,6 +1390,7 @@ static int qemudMonitorCommand(struct qemud_driver *driver ATTRIBUTE_UNUSED, static virDrvOpenStatus qemudOpen(virConnectPtr conn, xmlURIPtr uri, + virConnectAuthPtr auth ATTRIBUTE_UNUSED, int flags ATTRIBUTE_UNUSED) { uid_t uid = getuid(); @@ -2575,6 +2576,7 @@ static virNetworkPtr qemudNetworkLookupByName(virConnectPtr conn ATTRIBUTE_UNUSE static virDrvOpenStatus qemudOpenNetwork(virConnectPtr conn, xmlURIPtr uri ATTRIBUTE_UNUSED, + virConnectAuthPtr auth ATTRIBUTE_UNUSED, int flags ATTRIBUTE_UNUSED) { if (!qemu_driver) return VIR_DRV_OPEN_DECLINED; diff --git a/src/remote_internal.c b/src/remote_internal.c index 37167728e8..78e4524b47 100644 --- a/src/remote_internal.c +++ b/src/remote_internal.c @@ -286,7 +286,6 @@ remoteForkDaemon(virConnectPtr conn) } -/* Must not overlap with virDrvOpenFlags */ enum virDrvOpenRemoteFlags { VIR_DRV_OPEN_REMOTE_RO = (1 << 0), VIR_DRV_OPEN_REMOTE_UNIX = (1 << 1), @@ -295,8 +294,11 @@ enum virDrvOpenRemoteFlags { }; static int -doRemoteOpen (virConnectPtr conn, struct private_data *priv, - xmlURIPtr uri, int flags) +doRemoteOpen (virConnectPtr conn, + struct private_data *priv, + xmlURIPtr uri, + virConnectAuthPtr auth ATTRIBUTE_UNUSED, + int flags) { if (!uri || !uri->scheme) return VIR_DRV_OPEN_DECLINED; /* Decline - not a URL. */ @@ -779,7 +781,10 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, } static int -remoteOpen (virConnectPtr conn, xmlURIPtr uri, int flags) +remoteOpen (virConnectPtr conn, + xmlURIPtr uri, + virConnectAuthPtr auth, + int flags) { struct private_data *priv; int ret, rflags = 0; @@ -793,7 +798,7 @@ remoteOpen (virConnectPtr conn, xmlURIPtr uri, int flags) return VIR_DRV_OPEN_ERROR; } - if (flags & VIR_DRV_OPEN_RO) + if (flags & VIR_CONNECT_RO) rflags |= VIR_DRV_OPEN_REMOTE_RO; if (uri && @@ -814,7 +819,7 @@ remoteOpen (virConnectPtr conn, xmlURIPtr uri, int flags) memset(priv, 0, sizeof(struct private_data)); priv->magic = DEAD; priv->sock = -1; - ret = doRemoteOpen(conn, priv, uri, rflags); + ret = doRemoteOpen(conn, priv, uri, auth, rflags); if (ret != VIR_DRV_OPEN_SUCCESS) { conn->privateData = NULL; free(priv); @@ -2442,6 +2447,7 @@ remoteDomainInterfaceStats (virDomainPtr domain, const char *path, static int remoteNetworkOpen (virConnectPtr conn, xmlURIPtr uri, + virConnectAuthPtr auth, int flags) { if (inside_daemon) @@ -2468,14 +2474,14 @@ remoteNetworkOpen (virConnectPtr conn, error (conn, VIR_ERR_NO_MEMORY, "struct private_data"); return VIR_DRV_OPEN_ERROR; } - if (flags & VIR_DRV_OPEN_RO) + if (flags & VIR_CONNECT_RO) rflags |= VIR_DRV_OPEN_REMOTE_RO; rflags |= VIR_DRV_OPEN_REMOTE_UNIX; memset(priv, 0, sizeof(struct private_data)); priv->magic = DEAD; priv->sock = -1; - ret = doRemoteOpen(conn, priv, uri, rflags); + ret = doRemoteOpen(conn, priv, uri, auth, rflags); if (ret != VIR_DRV_OPEN_SUCCESS) { conn->networkPrivateData = NULL; free(priv); diff --git a/src/test.c b/src/test.c index 010ea1555e..e7f069cfa1 100644 --- a/src/test.c +++ b/src/test.c @@ -882,6 +882,7 @@ static int getNetworkIndex(virNetworkPtr network) { static int testOpen(virConnectPtr conn, xmlURIPtr uri, + virConnectAuthPtr auth ATTRIBUTE_UNUSED, int flags ATTRIBUTE_UNUSED) { int ret; @@ -1644,6 +1645,7 @@ static int testDomainSetSchedulerParams(virDomainPtr domain, static virDrvOpenStatus testOpenNetwork(virConnectPtr conn, xmlURIPtr uri ATTRIBUTE_UNUSED, + virConnectAuthPtr auth ATTRIBUTE_UNUSED, int flags ATTRIBUTE_UNUSED) { if (STRNEQ(conn->driver->name, "Test")) return VIR_DRV_OPEN_DECLINED; diff --git a/src/xen_internal.c b/src/xen_internal.c index e2cb9c2f34..58ac67767c 100644 --- a/src/xen_internal.c +++ b/src/xen_internal.c @@ -2058,6 +2058,7 @@ xenHypervisorInit(void) int xenHypervisorOpen(virConnectPtr conn, xmlURIPtr uri ATTRIBUTE_UNUSED, + virConnectAuthPtr auth ATTRIBUTE_UNUSED, int flags ATTRIBUTE_UNUSED) { int ret; diff --git a/src/xen_internal.h b/src/xen_internal.h index e83e459b30..b2fd24f73d 100644 --- a/src/xen_internal.h +++ b/src/xen_internal.h @@ -31,6 +31,7 @@ char * int xenHypervisorOpen (virConnectPtr conn, xmlURIPtr uri, + virConnectAuthPtr auth, int flags); int xenHypervisorClose (virConnectPtr conn); int xenHypervisorGetVersion (virConnectPtr conn, diff --git a/src/xen_unified.c b/src/xen_unified.c index c38b11d693..520424c811 100644 --- a/src/xen_unified.c +++ b/src/xen_unified.c @@ -219,7 +219,7 @@ done: */ static int -xenUnifiedOpen (virConnectPtr conn, xmlURIPtr uri, int flags) +xenUnifiedOpen (virConnectPtr conn, xmlURIPtr uri, virConnectAuthPtr auth, int flags) { int i, j; xenUnifiedPrivatePtr priv; @@ -274,7 +274,7 @@ xenUnifiedOpen (virConnectPtr conn, xmlURIPtr uri, int flags) #ifdef ENABLE_DEBUG fprintf (stderr, "libvirt: xenUnifiedOpen: trying Xen sub-driver %d\n", i); #endif - if (drivers[i]->open (conn, uri, flags) == VIR_DRV_OPEN_SUCCESS) + if (drivers[i]->open (conn, uri, auth, flags) == VIR_DRV_OPEN_SUCCESS) priv->opened[i] = 1; #ifdef ENABLE_DEBUG fprintf (stderr, "libvirt: xenUnifiedOpen: Xen sub-driver %d open %s\n", diff --git a/src/xend_internal.c b/src/xend_internal.c index 295f8d09e2..9efd0e114c 100644 --- a/src/xend_internal.c +++ b/src/xend_internal.c @@ -235,7 +235,7 @@ do_connect(virConnectPtr xend) * is rather normal, this should fallback to the proxy (or * remote) mechanism. */ - if ((getuid() == 0) || (xend->flags & VIR_DRV_OPEN_RO)) { + if ((getuid() == 0) || (xend->flags & VIR_CONNECT_RO)) { virXendError(xend, VIR_ERR_INTERNAL_ERROR, "failed to connect to xend"); } @@ -2042,7 +2042,9 @@ error: * Returns 0 in case of success, -1 in case of error. */ int -xenDaemonOpen(virConnectPtr conn, xmlURIPtr uri, +xenDaemonOpen(virConnectPtr conn, + xmlURIPtr uri, + virConnectAuthPtr auth ATTRIBUTE_UNUSED, int flags ATTRIBUTE_UNUSED) { int ret; diff --git a/src/xend_internal.h b/src/xend_internal.h index 00b312d7df..606fb7508f 100644 --- a/src/xend_internal.h +++ b/src/xend_internal.h @@ -183,7 +183,7 @@ char *xenDaemonDomainDumpXMLByName(virConnectPtr xend, char *xend_parse_domain_sexp(virConnectPtr conn, char *root, int xendConfigVersion); /* refactored ones */ -int xenDaemonOpen(virConnectPtr conn, xmlURIPtr uri, int flags); +int xenDaemonOpen(virConnectPtr conn, xmlURIPtr uri, virConnectAuthPtr auth, int flags); int xenDaemonClose(virConnectPtr conn); int xenDaemonGetVersion(virConnectPtr conn, unsigned long *hvVer); int xenDaemonNodeGetInfo(virConnectPtr conn, virNodeInfoPtr info); diff --git a/src/xm_internal.c b/src/xm_internal.c index a9dab4f4eb..43263d74b1 100644 --- a/src/xm_internal.c +++ b/src/xm_internal.c @@ -472,7 +472,9 @@ static int xenXMConfigCacheRefresh (virConnectPtr conn) { */ int xenXMOpen (virConnectPtr conn ATTRIBUTE_UNUSED, - xmlURIPtr uri ATTRIBUTE_UNUSED, int flags ATTRIBUTE_UNUSED) + xmlURIPtr uri ATTRIBUTE_UNUSED, + virConnectAuthPtr auth ATTRIBUTE_UNUSED, + int flags ATTRIBUTE_UNUSED) { if (configCache == NULL) { configCache = virHashCreate(50); diff --git a/src/xm_internal.h b/src/xm_internal.h index 5cc13fd4b4..bdb5bb768e 100644 --- a/src/xm_internal.h +++ b/src/xm_internal.h @@ -36,7 +36,7 @@ extern "C" { extern struct xenUnifiedDriver xenXMDriver; int xenXMInit (void); -int xenXMOpen(virConnectPtr conn, xmlURIPtr uri, int flags); +int xenXMOpen(virConnectPtr conn, xmlURIPtr uri, virConnectAuthPtr auth, int flags); int xenXMClose(virConnectPtr conn); const char *xenXMGetType(virConnectPtr conn); int xenXMDomainGetInfo(virDomainPtr domain, virDomainInfoPtr info); diff --git a/src/xs_internal.c b/src/xs_internal.c index a2d42bf3a0..391803e3cf 100644 --- a/src/xs_internal.c +++ b/src/xs_internal.c @@ -326,6 +326,7 @@ virConnectCheckStoreID(virConnectPtr conn, int id) int xenStoreOpen(virConnectPtr conn, xmlURIPtr uri ATTRIBUTE_UNUSED, + virConnectAuthPtr auth ATTRIBUTE_UNUSED, int flags ATTRIBUTE_UNUSED) { xenUnifiedPrivatePtr priv = (xenUnifiedPrivatePtr) conn->privateData; @@ -333,7 +334,7 @@ xenStoreOpen(virConnectPtr conn, #ifdef PROXY priv->xshandle = xs_daemon_open_readonly(); #else - if (flags & VIR_DRV_OPEN_RO) + if (flags & VIR_CONNECT_RO) priv->xshandle = xs_daemon_open_readonly(); else priv->xshandle = xs_daemon_open(); diff --git a/src/xs_internal.h b/src/xs_internal.h index e87805d312..a17a904848 100644 --- a/src/xs_internal.h +++ b/src/xs_internal.h @@ -22,6 +22,7 @@ int xenStoreInit (void); int xenStoreOpen (virConnectPtr conn, xmlURIPtr uri, + virConnectAuthPtr auth, int flags); int xenStoreClose (virConnectPtr conn); int xenStoreGetDomainInfo (virDomainPtr domain,