conf: Move <disk> authdef validation

Rather than checking during XML processing, move the checks for correct and valid auth into virDomainDiskDefParseValidate. This will introduce virDomainDiskSourceDefParseAuthValidate to validate that the authdef stored for the virStorageSource is valid. This can then be expanded to service backingStore sources as well. Alter the message text slightly as well to distinguish between an unknown name and an incorrectly used name. Since type is not a mandatory field, add the NULLSTR() around the output of the unknown error. NB, a config using unknown formatting would fail virschematest since it only accepts 'iscsi' and 'ceph' as "valid" types.
2025-02-02 18:05:20 +00:00 · 2017-09-13 11:00:28 -04:00 · 2017-09-13 11:00:28 -04:00 · c09c93cf57
commit c09c93cf57
parent fbad3ed0fa
1 changed files with 33 additions and 32 deletions
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@ -8499,6 +8499,36 @@ virDomainDiskDefGeometryParse(virDomainDiskDefPtr def,
 }


+static int
+virDomainDiskSourceDefParseAuthValidate(const virStorageSource *src)
+{
+    virStorageAuthDefPtr authdef = src->auth;
+    int actUsage;
+
+    if (src->type != VIR_STORAGE_TYPE_NETWORK || !authdef)
+        return 0;
+
+    if ((actUsage = virSecretUsageTypeFromString(authdef->secrettype)) < 0) {
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                       _("unknown secret type '%s'"),
+                       NULLSTR(authdef->secrettype));
+        return -1;
+    }
+
+    if ((src->protocol == VIR_STORAGE_NET_PROTOCOL_ISCSI &&
+         actUsage != VIR_SECRET_USAGE_TYPE_ISCSI) ||
+        (src->protocol == VIR_STORAGE_NET_PROTOCOL_RBD &&
+         actUsage != VIR_SECRET_USAGE_TYPE_CEPH)) {
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                       _("invalid secret type '%s'"),
+                       virSecretUsageTypeToString(actUsage));
+        return -1;
+    }
+
+    return 0;
+}
+
+
 static int
 virDomainDiskDefParseValidate(const virDomainDiskDef *def)
 {
@ -8572,6 +8602,9 @@ virDomainDiskDefParseValidate(const virDomainDiskDef *def)
        }
    }

+    if (virDomainDiskSourceDefParseAuthValidate(def->src) < 0)
+        return -1;
+
    return 0;
 }

@ -8731,8 +8764,6 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt,
    char *vendor = NULL;
    char *product = NULL;
    char *domain_name = NULL;
-    int expected_secret_usage = -1;
-    int auth_secret_usage = -1;

    if (!(def = virDomainDiskDefNew(xmlopt)))
        return NULL;
@ -8776,13 +8807,6 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt,

            source = true;

-            if (def->src->type == VIR_STORAGE_TYPE_NETWORK) {
-                if (def->src->protocol == VIR_STORAGE_NET_PROTOCOL_ISCSI)
-                    expected_secret_usage = VIR_SECRET_USAGE_TYPE_ISCSI;
-                else if (def->src->protocol == VIR_STORAGE_NET_PROTOCOL_RBD)
-                    expected_secret_usage = VIR_SECRET_USAGE_TYPE_CEPH;
-            }
-
            startupPolicy = virXMLPropString(cur, "startupPolicy");

        } else if (!target &&
@ -8840,17 +8864,6 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt,
                   virXMLNodeNameEqual(cur, "auth")) {
            if (!(authdef = virStorageAuthDefParse(node->doc, cur)))
                goto error;
-            /* Disk volume types won't have the secrettype filled in until
-             * after virStorageTranslateDiskSourcePool is run
-             */
-            if (def->src->type != VIR_STORAGE_TYPE_VOLUME &&
-                (auth_secret_usage =
-                 virSecretUsageTypeFromString(authdef->secrettype)) < 0) {
-                virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
-                               _("invalid secret type %s"),
-                               authdef->secrettype);
-                goto error;
-            }
        } else if (virXMLNodeNameEqual(cur, "iotune")) {
            if (virDomainDiskDefIotuneParse(def, ctxt) < 0)
                goto error;
@ -8914,18 +8927,6 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt,
        }
    }

-    /* Disk volume types will have authentication information handled in
-     * virStorageTranslateDiskSourcePool
-     */
-    if (def->src->type != VIR_STORAGE_TYPE_VOLUME &&
-        auth_secret_usage != -1 && auth_secret_usage != expected_secret_usage) {
-        virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("invalid secret type '%s'"),
-                       virSecretUsageTypeToString(auth_secret_usage));
-        goto error;
-    }
-
-
    /* Only CDROM and Floppy devices are allowed missing source path
     * to indicate no media present. LUN is for raw access CD-ROMs
     * that are not attached to a physical device presently */