Don't invoke callback with unsupported credential types

This commit is contained in:
Daniel P. Berrange 2007-12-15 17:15:12 +00:00
parent cc8e4ff318
commit a11494fd52
3 changed files with 28 additions and 5 deletions

View File

@ -1,3 +1,10 @@
Sat Dec 15 12:12:14 EST 2007 Daniel P. Berrange <berrange@redhat.com>
* src/libvirt.c: Return error code if passed unsupported
credential types.
* src/remote_internal.c: Don't run callback if it doesn't
support the VIR_CRED_EXTERNAL credential type
Fri Dec 14 16:50:14 CET 2007 Daniel Veillard <veillard@redhat.com> Fri Dec 14 16:50:14 CET 2007 Daniel Veillard <veillard@redhat.com>
* src/xm_internal.c: patch from Saori Fukuta to fix setting * src/xm_internal.c: patch from Saori Fukuta to fix setting

View File

@ -104,6 +104,9 @@ static int virConnectAuthCallbackDefault(virConnectCredentialPtr cred,
if (!bufptr) if (!bufptr)
return -1; return -1;
break; break;
default:
return -1;
} }
if (STREQ(bufptr, "") && cred[i].defresult) if (STREQ(bufptr, "") && cred[i].defresult)

View File

@ -3520,6 +3520,7 @@ remoteAuthPolkit (virConnectPtr conn, struct private_data *priv, int in_open,
virConnectAuthPtr auth) virConnectAuthPtr auth)
{ {
remote_auth_polkit_ret ret; remote_auth_polkit_ret ret;
int i, allowcb = 0;
virConnectCredential cred = { virConnectCredential cred = {
VIR_CRED_EXTERNAL, VIR_CRED_EXTERNAL,
conn->flags & VIR_CONNECT_RO ? "org.libvirt.unix.monitor" : "org.libvirt.unix.manage", conn->flags & VIR_CONNECT_RO ? "org.libvirt.unix.monitor" : "org.libvirt.unix.manage",
@ -3530,12 +3531,24 @@ remoteAuthPolkit (virConnectPtr conn, struct private_data *priv, int in_open,
}; };
remoteDebug(priv, "Client initialize PolicyKit authentication"); remoteDebug(priv, "Client initialize PolicyKit authentication");
for (i = 0 ; i < auth->ncredtype ; i++) {
if (auth->credtype[i] == VIR_CRED_EXTERNAL)
allowcb = 1;
}
/* Run the authentication callback */ /* Run the authentication callback */
if (auth && auth->cb && (*(auth->cb))(&cred, 1, auth->cbdata) < 0) { if (allowcb) {
if (auth && auth->cb &&
(*(auth->cb))(&cred, 1, auth->cbdata) < 0) {
__virRaiseError (in_open ? NULL : conn, NULL, NULL, VIR_FROM_REMOTE, __virRaiseError (in_open ? NULL : conn, NULL, NULL, VIR_FROM_REMOTE,
VIR_ERR_AUTH_FAILED, VIR_ERR_ERROR, NULL, NULL, NULL, 0, 0, VIR_ERR_AUTH_FAILED, VIR_ERR_ERROR, NULL, NULL, NULL, 0, 0,
"Failed to collect auth credentials"); "Failed to collect auth credentials");
return -1; return -1;
} else {
remoteDebug(priv, "No auth callback provided for PolicyKit");
}
} else {
remoteDebug(priv, "Client auth callback does not support PolicyKit");
} }
memset (&ret, 0, sizeof ret); memset (&ret, 0, sizeof ret);