Commit Graph

10 Commits

Author SHA1 Message Date
Michal Privoznik
7f93905e45 nss: handle leases with infinite expiry time
After v6.3.0-rc1~64 a lease can have infinite expiry time. This
means that the expiration time will appear as a value of zero.
Do the expiration check only if the expiration time is not zero.

Fixes: 97a0aa2467
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-01-04 15:33:31 +01:00
Michal Privoznik
de1ac5930a Don't pass NULL to yajl_free()
Unfortunately, yajl_free() is not NOP on NULL. It really does
expect a valid pointer. Therefore, check whether the pointer we
want to pass to it is NULL or not.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-03-30 16:11:13 +02:00
Michal Privoznik
d7dd4e1f89 nss: Don't fail on empty files
Before we rewrote nss plugin so that it doesn't use libvirt's
internal functions it used virLeaseReadCustomLeaseFile() to parse
.status files. After the rewrite it's using read() + yajl_parse()
+ yajl_complete_parse(). There's one catch though,
virLeaseReadCustomLeaseFile() skipped over empty files.

An empty .status file is created when a network is started. This
is because we configure dnsmasq to use our leasehelper. So the
first thing it does it calls it as follows:

  DNSMASQ_INTERFACE=virbr0 /usr/libexec/libvirt_leaseshelper init

which causes the leasehelper to create empty virbr0.status file.
If there is only one libvirt network then that is no problem -
there are no other .status files to parse anyway. But if there
are two or more networks then the first empty .status file causes
whole parsing process and subsequently the whole name lookup
process to fail.

Fixes: v5.7.0-rc1~343

Reported-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2019-11-28 15:37:41 +01:00
Michal Privoznik
b62ef64216 nss: Compare addresses iff their family matches
When parsing leases file, appendAddr() is called to append parsed
tuple (address, expiry time, family) into an array. Whilst doing
so, the array is searched for possible duplicate. This is done by
comparing each item of the array by passed @family: if @family is
AF_INET then the item is viewed as IPv4 address. Similarly, if
@family is AF_INET6 then the item is viewed as IPv6 address. This
is not exactly right - the array can contain addresses of both
families and thus the address family of each item of the array
must be considered.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2019-09-30 12:25:26 +02:00
Michal Privoznik
0dc84c347a nss: Don't leak memory on parse error
If yajl_parse() fails, we try to print an error message. For
that, yajl_get_error() is used. However, its documentation say
that caller is also responsible for freeing the memory it
allocates by using yajl_free_error().

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-09 12:17:19 +02:00
Michal Privoznik
8be0ab638d nss: Don't stop parsing on unexpected key
Due to latest rewrite of NSS module, we are doing yajl parsing
ourselves. This means, we had to introduce couple of callback
that yajl calls. According to its documentation, a callback can
cancel parsing if it returns a zero value. Well, we do just that
in the string callback (findLeasesParserString()). If the JSON
file we are parsing contains a key that we are not interested in,
zero is returned meaning stop all parsing. This is not correct,
because the JSON file can contain some other keys which are not
harmful for our address translation (e.g. 'client-id').

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-09 12:17:19 +02:00
Daniel P. Berrangé
8242ce4f45 tools: avoid accidentally using files from gnulib
The AM_CPPFLAGS setting includes the gnulib headers, which
means we can get some replacement functions defined. Since
virt-login-shell and the NSS module intentionally don't link
to gnulib, these replacement functions causes link failures.

This was seen cross-compiling on Debian for example:

virt-login-shell.o: In function `main':
/builds/libvirt/libvirt/build/tools/../../tools/virt-login-shell.c:81: undefined reference to `rpl_strerror'
/builds/libvirt/libvirt/build/tools/../../tools/virt-login-shell.c:66: undefined reference to `rpl_strerror'
/builds/libvirt/libvirt/build/tools/../../tools/virt-login-shell.c:75: undefined reference to `rpl_strerror'

The only way to avoid these replacement gnulib headers is
to drop the -Ignulib/lib flags. We do still want to use
gnulib for configmake.h and intprops.h, but those can be
included via their full path.

We must also stop using internal.h, since that expects
-Ignulib/lib to be on the include path in order to resolve
the verify.h header.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-08 13:32:02 +01:00
Daniel P. Berrangé
8ee34c4ca8 nss: remove last usages of libvirt headers
Use the plain libc APIs to avoid a dependancy on the main libvirt
code from the nss module.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 16:54:02 +01:00
Daniel P. Berrangé
bb7c531911 nss: directly use getnameinfo/getaddrinfo
Use the plain libc socket APIs to avoid a dependancy on the main
libvirt code from the nss module.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 16:54:02 +01:00
Daniel P. Berrangé
18a4b2479a nss: custom parser for loading .leases file
The .leases file is currently loaded using the virLease class,
which in turn uses the virJSON parsing code. This pulls in a
heap of libvirt code (logging, hash tables, etc) which we do
not wish to depend on.

This uses the yajl parser code directly, so the only dep is
yajl and plain libc functions.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-07 16:54:02 +01:00