External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-10-03 04:45:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

rpc: Introduce virNetServerSetClientAuthenticated

Browse Source 
Combine virNetServerClientSetAuth(client,
VIR_NET_SERVER_SERVICE_AUTH_NONE) and virNetServerTrackCompletedAuth
into one new function named virNetServerSetClientAuthenticated.

After using this new function the function
virNetServerTrackCompletedAuth was superfluous and is therefore
removed. In addition, it is not very common that a
'{{function}}' (virNetServerTrackCompletedAuth) does more than just
the locking compared to
'{{function}}Locked' (virNetServerTrackCompletedAuthLocked).

virNetServerTrackPendingAuth was already superfluous and therefore
it's also removed.

Signed-off-by: Marc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: Stefan Zimmermann <stzi@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
This commit is contained in:
Marc Hartmayer 2017-12-21 15:29:04 +01:00 committed by John Ferlan
parent 0eaa59dce1
commit f1d8251972
6 changed files with 35 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
daemon/remote.c
View File

@ -3268,8 +3268,7 @@ remoteDispatchAuthList(virNetServerPtr server,
(long long) callerPid, (int) callerUid) < 0)
goto cleanup;
VIR_INFO("Bypass polkit auth for privileged client %s", ident);
virNetServerClientSetAuth(client, VIR_NET_SERVER_SERVICE_AUTH_NONE);
virNetServerTrackCompletedAuth(server);
virNetServerSetClientAuthenticated(server, client);
auth = VIR_NET_SERVER_SERVICE_AUTH_NONE;
VIR_FREE(ident);
}
@ -3412,8 +3411,7 @@ remoteSASLFinish(virNetServerPtr server,
if (!(clnt_identity = virNetServerClientGetIdentity(client)))
goto error;
virNetServerClientSetAuth(client, VIR_NET_SERVER_SERVICE_AUTH_NONE);
virNetServerTrackCompletedAuth(server);
virNetServerSetClientAuthenticated(server, client);
virNetServerClientSetSASLSession(client, priv->sasl);
virIdentitySetSASLUserName(clnt_identity, identity);
@ -3736,8 +3734,7 @@ remoteDispatchAuthPolkit(virNetServerPtr server,
action, (long long) callerPid, callerUid);
ret->complete = 1;
virNetServerClientSetAuth(client, VIR_NET_SERVER_SERVICE_AUTH_NONE);
virNetServerTrackCompletedAuth(server);
virNetServerSetClientAuthenticated(server, client);
virMutexUnlock(&priv->lock);
return 0;

5
src/libvirt_remote.syms
View File

@ -116,9 +116,8 @@ virNetServerNewPostExecRestart;
virNetServerNextClientID;
virNetServerPreExecRestart;
virNetServerProcessClients;
virNetServerSetClientAuthenticated;
virNetServerStart;
virNetServerTrackCompletedAuth;
virNetServerTrackPendingAuth;
virNetServerUpdateServices;
@ -152,7 +151,7 @@ virNetServerClientRemoteAddrStringSASL;
virNetServerClientRemoteAddrStringURI;
virNetServerClientRemoveFilter;
virNetServerClientSendMessage;
virNetServerClientSetAuth;
virNetServerClientSetAuthLocked;
virNetServerClientSetCloseHook;
virNetServerClientSetDispatcher;
virNetServerClientSetReadonly;

41
src/rpc/virnetserver.c
View File

@ -737,6 +737,29 @@ int virNetServerSetTLSContext(virNetServerPtr srv,
#endif
/**
* virNetServerSetClientAuthenticated:
* @srv: server must be unlocked
* @client: client must be unlocked
*
* Mark @client as authenticated and tracks on @srv that the
* authentication of this @client has been completed. Also it checks
* the limits of @srv.
*/
void
virNetServerSetClientAuthenticated(virNetServerPtr srv,
virNetServerClientPtr client)
{
virObjectLock(srv);
virObjectLock(client);
virNetServerClientSetAuthLocked(client, VIR_NET_SERVER_SERVICE_AUTH_NONE);
virNetServerTrackCompletedAuthLocked(srv);
virNetServerCheckLimits(srv);
virObjectUnlock(client);
virObjectUnlock(srv);
}
static void
virNetServerUpdateServicesLocked(virNetServerPtr srv,
bool enabled)
@ -814,24 +837,6 @@ virNetServerTrackCompletedAuthLocked(virNetServerPtr srv)
return --srv->nclients_unauth;
}
size_t virNetServerTrackPendingAuth(virNetServerPtr srv)
{
size_t ret;
virObjectLock(srv);
ret = virNetServerTrackPendingAuthLocked(srv);
virObjectUnlock(srv);
return ret;
}
size_t virNetServerTrackCompletedAuth(virNetServerPtr srv)
{
size_t ret;
virObjectLock(srv);
ret = virNetServerTrackCompletedAuthLocked(srv);
virNetServerCheckLimits(srv);
virObjectUnlock(srv);
return ret;
}
bool
virNetServerHasClients(virNetServerPtr srv)

3
src/rpc/virnetserver.h
View File

@ -73,13 +73,12 @@ int virNetServerSetTLSContext(virNetServerPtr srv,
virNetTLSContextPtr tls);
# endif
size_t virNetServerTrackPendingAuth(virNetServerPtr srv);
size_t virNetServerTrackCompletedAuth(virNetServerPtr srv);
int virNetServerAddClient(virNetServerPtr srv,
virNetServerClientPtr client);
bool virNetServerHasClients(virNetServerPtr srv);
void virNetServerProcessClients(virNetServerPtr srv);
void virNetServerSetClientAuthenticated(virNetServerPtr srv, virNetServerClientPtr client);
void virNetServerUpdateServices(virNetServerPtr srv, bool enabled);

8
src/rpc/virnetserverclient.c
View File

@ -639,13 +639,15 @@ int virNetServerClientGetAuth(virNetServerClientPtr client)
return auth;
}
void virNetServerClientSetAuth(virNetServerClientPtr client, int auth)
void
virNetServerClientSetAuthLocked(virNetServerClientPtr client,
int auth)
{
virObjectLock(client);
client->auth = auth;
virObjectUnlock(client);
}
bool virNetServerClientGetReadonly(virNetServerClientPtr client)
{
bool readonly;

2
src/rpc/virnetserverclient.h
View File

@ -79,7 +79,7 @@ void virNetServerClientRemoveFilter(virNetServerClientPtr client,
int filterID);
int virNetServerClientGetAuth(virNetServerClientPtr client);
void virNetServerClientSetAuth(virNetServerClientPtr client, int auth);
void virNetServerClientSetAuthLocked(virNetServerClientPtr client, int auth);
bool virNetServerClientGetReadonly(virNetServerClientPtr client);
void virNetServerClientSetReadonly(virNetServerClientPtr client, bool readonly);
unsigned long long virNetServerClientGetID(virNetServerClientPtr client);