/*
* network_conf.c: network XML handling
*
* Copyright (C) 2006-2016 Red Hat, Inc.
* Copyright (C) 2006-2008 Daniel P. Berrange
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library. If not, see
* .
*/
#include
#include
#include
#include
#include "virerror.h"
#include "datatypes.h"
#include "network_conf.h"
#include "netdev_vport_profile_conf.h"
#include "netdev_bandwidth_conf.h"
#include "netdev_vlan_conf.h"
#include "viralloc.h"
#include "virxml.h"
#include "viruuid.h"
#include "virbuffer.h"
#include "virfile.h"
#include "virstring.h"
#define VIR_FROM_THIS VIR_FROM_NETWORK
VIR_ENUM_IMPL(virNetworkForward,
VIR_NETWORK_FORWARD_LAST,
"none", "nat", "route", "open",
"bridge", "private", "vepa", "passthrough",
"hostdev",
);
VIR_ENUM_IMPL(virNetworkBridgeMACTableManager,
VIR_NETWORK_BRIDGE_MAC_TABLE_MANAGER_LAST,
"default", "kernel", "libvirt",
);
VIR_ENUM_DECL(virNetworkForwardHostdevDevice);
VIR_ENUM_IMPL(virNetworkForwardHostdevDevice,
VIR_NETWORK_FORWARD_HOSTDEV_DEVICE_LAST,
"none", "pci", "netdev",
);
VIR_ENUM_IMPL(virNetworkForwardDriverName,
VIR_NETWORK_FORWARD_DRIVER_NAME_LAST,
"default",
"kvm",
"vfio",
);
VIR_ENUM_IMPL(virNetworkTaint,
VIR_NETWORK_TAINT_LAST,
"hook-script",
);
VIR_ENUM_IMPL(virNetworkDHCPLeaseTimeUnit,
VIR_NETWORK_DHCP_LEASETIME_UNIT_LAST,
"seconds",
"minutes",
"hours",
);
static virClassPtr virNetworkXMLOptionClass;
static void
virNetworkXMLOptionDispose(void *obj G_GNUC_UNUSED)
{
return;
}
static int
virNetworkXMLOnceInit(void)
{
if (!VIR_CLASS_NEW(virNetworkXMLOption, virClassForObject()))
return -1;
return 0;
}
VIR_ONCE_GLOBAL_INIT(virNetworkXML);
virNetworkXMLOptionPtr
virNetworkXMLOptionNew(virXMLNamespacePtr xmlns)
{
virNetworkXMLOptionPtr xmlopt;
if (virNetworkXMLInitialize() < 0)
return NULL;
if (!(xmlopt = virObjectNew(virNetworkXMLOptionClass)))
return NULL;
if (xmlns)
xmlopt->ns = *xmlns;
return xmlopt;
}
static void
virPortGroupDefClear(virPortGroupDefPtr def)
{
VIR_FREE(def->name);
VIR_FREE(def->virtPortProfile);
virNetDevBandwidthFree(def->bandwidth);
virNetDevVlanClear(&def->vlan);
def->bandwidth = NULL;
}
static void
virNetworkForwardIfDefClear(virNetworkForwardIfDefPtr def)
{
if (def->type == VIR_NETWORK_FORWARD_HOSTDEV_DEVICE_NETDEV)
VIR_FREE(def->device.dev);
}
static void
virNetworkForwardPfDefClear(virNetworkForwardPfDefPtr def)
{
VIR_FREE(def->dev);
}
static void
virNetworkDHCPLeaseTimeDefClear(virNetworkDHCPLeaseTimeDefPtr lease)
{
VIR_FREE(lease);
}
static void
virNetworkDHCPHostDefClear(virNetworkDHCPHostDefPtr def)
{
VIR_FREE(def->mac);
VIR_FREE(def->id);
VIR_FREE(def->name);
VIR_FREE(def->lease);
}
static void
virNetworkIPDefClear(virNetworkIPDefPtr def)
{
VIR_FREE(def->family);
while (def->nranges)
virNetworkDHCPLeaseTimeDefClear(def->ranges[--def->nranges].lease);
VIR_FREE(def->ranges);
while (def->nhosts)
virNetworkDHCPHostDefClear(&def->hosts[--def->nhosts]);
VIR_FREE(def->hosts);
VIR_FREE(def->tftproot);
VIR_FREE(def->bootfile);
}
static void
virNetworkDNSTxtDefClear(virNetworkDNSTxtDefPtr def)
{
VIR_FREE(def->name);
VIR_FREE(def->value);
}
static void
virNetworkDNSHostDefClear(virNetworkDNSHostDefPtr def)
{
while (def->nnames)
VIR_FREE(def->names[--def->nnames]);
VIR_FREE(def->names);
}
static void
virNetworkDNSSrvDefClear(virNetworkDNSSrvDefPtr def)
{
VIR_FREE(def->domain);
VIR_FREE(def->service);
VIR_FREE(def->protocol);
VIR_FREE(def->target);
}
static void
virNetworkDNSForwarderClear(virNetworkDNSForwarderPtr def)
{
VIR_FREE(def->domain);
}
static void
virNetworkDNSDefClear(virNetworkDNSDefPtr def)
{
if (def->forwarders) {
while (def->nfwds)
virNetworkDNSForwarderClear(&def->forwarders[--def->nfwds]);
VIR_FREE(def->forwarders);
}
if (def->txts) {
while (def->ntxts)
virNetworkDNSTxtDefClear(&def->txts[--def->ntxts]);
VIR_FREE(def->txts);
}
if (def->hosts) {
while (def->nhosts)
virNetworkDNSHostDefClear(&def->hosts[--def->nhosts]);
VIR_FREE(def->hosts);
}
if (def->srvs) {
while (def->nsrvs)
virNetworkDNSSrvDefClear(&def->srvs[--def->nsrvs]);
VIR_FREE(def->srvs);
}
}
static void
virNetworkForwardDefClear(virNetworkForwardDefPtr def)
{
size_t i;
for (i = 0; i < def->npfs && def->pfs; i++)
virNetworkForwardPfDefClear(&def->pfs[i]);
VIR_FREE(def->pfs);
for (i = 0; i < def->nifs && def->ifs; i++)
virNetworkForwardIfDefClear(&def->ifs[i]);
VIR_FREE(def->ifs);
def->nifs = def->npfs = 0;
}
void
virNetworkDefFree(virNetworkDefPtr def)
{
size_t i;
if (!def)
return;
VIR_FREE(def->name);
VIR_FREE(def->bridge);
VIR_FREE(def->bridgeZone);
VIR_FREE(def->domain);
virNetworkForwardDefClear(&def->forward);
for (i = 0; i < def->nips && def->ips; i++)
virNetworkIPDefClear(&def->ips[i]);
VIR_FREE(def->ips);
for (i = 0; i < def->nroutes && def->routes; i++)
virNetDevIPRouteFree(def->routes[i]);
VIR_FREE(def->routes);
for (i = 0; i < def->nPortGroups && def->portGroups; i++)
virPortGroupDefClear(&def->portGroups[i]);
VIR_FREE(def->portGroups);
virNetworkDNSDefClear(&def->dns);
VIR_FREE(def->virtPortProfile);
virNetDevBandwidthFree(def->bandwidth);
virNetDevVlanClear(&def->vlan);
xmlFreeNode(def->metadata);
if (def->namespaceData && def->ns.free)
(def->ns.free)(def->namespaceData);
VIR_FREE(def);
}
/*
* virNetworkDefCopy:
* @def: NetworkDef to copy
* @flags: VIR_NETWORK_XML_INACTIVE if appropriate
*
* make a deep copy of the given NetworkDef
*
* Returns a new NetworkDef on success, or NULL on failure.
*/
virNetworkDefPtr
virNetworkDefCopy(virNetworkDefPtr def,
virNetworkXMLOptionPtr xmlopt,
unsigned int flags)
{
g_autofree char *xml = NULL;
if (!def) {
virReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("NULL NetworkDef"));
return NULL;
}
/* deep copy with a format/parse cycle */
if (!(xml = virNetworkDefFormat(def, xmlopt, flags)))
return NULL;
return virNetworkDefParseString(xml, xmlopt);
}
/* return ips[index], or NULL if there aren't enough ips */
virNetworkIPDefPtr
virNetworkDefGetIPByIndex(const virNetworkDef *def,
int family,
size_t n)
{
size_t i;
if (!def->ips || n >= def->nips)
return NULL;
if (family == AF_UNSPEC)
return &def->ips[n];
/* find the nth ip of type "family" */
for (i = 0; i < def->nips; i++) {
if (VIR_SOCKET_ADDR_IS_FAMILY(&def->ips[i].address, family)
&& (n-- <= 0)) {
return &def->ips[i];
}
}
/* failed to find enough of the right family */
return NULL;
}
/* return routes[index], or NULL if there aren't enough routes */
virNetDevIPRoutePtr
virNetworkDefGetRouteByIndex(const virNetworkDef *def,
int family,
size_t n)
{
size_t i;
if (!def->routes || n >= def->nroutes)
return NULL;
if (family == AF_UNSPEC)
return def->routes[n];
/* find the nth route of type "family" */
for (i = 0; i < def->nroutes; i++) {
virSocketAddrPtr addr = virNetDevIPRouteGetAddress(def->routes[i]);
if (VIR_SOCKET_ADDR_IS_FAMILY(addr, family)
&& (n-- <= 0)) {
return def->routes[i];
}
}
/* failed to find enough of the right family */
return NULL;
}
/* return number of 1 bits in netmask for the network's ipAddress,
* or -1 on error
*/
int
virNetworkIPDefPrefix(const virNetworkIPDef *def)
{
return virSocketAddrGetIPPrefix(&def->address,
&def->netmask,
def->prefix);
}
/* Fill in a virSocketAddr with the proper netmask for this
* definition, based on either the definition's netmask, or its
* prefix. Return -1 on error (and set the netmask family to AF_UNSPEC)
*/
int virNetworkIPDefNetmask(const virNetworkIPDef *def,
virSocketAddrPtr netmask)
{
if (VIR_SOCKET_ADDR_IS_FAMILY(&def->netmask, AF_INET)) {
*netmask = def->netmask;
return 0;
}
return virSocketAddrPrefixToNetmask(virNetworkIPDefPrefix(def), netmask,
VIR_SOCKET_ADDR_FAMILY(&def->address));
}
static int
virNetworkDHCPLeaseTimeDefParseXML(virNetworkDHCPLeaseTimeDefPtr *lease,
xmlNodePtr node)
{
virNetworkDHCPLeaseTimeDefPtr new_lease = NULL;
g_autofree char *expirystr = NULL;
g_autofree char *unitstr = NULL;
unsigned long expiry;
int unit = VIR_NETWORK_DHCP_LEASETIME_UNIT_MINUTES;
if (!(expirystr = virXMLPropString(node, "expiry")))
return 0;
if (virStrToLong_ul(expirystr, NULL, 10, &expiry) < 0)
return -1;
if ((unitstr = virXMLPropString(node, "unit"))) {
if ((unit = virNetworkDHCPLeaseTimeUnitTypeFromString(unitstr)) < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid unit: %s"), unitstr);
return -1;
}
}
/* infinite */
if (expiry > 0) {
/* This boundary check is related to dnsmasq man page settings:
* "The minimum lease time is two minutes." */
if ((unit == VIR_NETWORK_DHCP_LEASETIME_UNIT_SECONDS && expiry < 120) ||
(unit == VIR_NETWORK_DHCP_LEASETIME_UNIT_MINUTES && expiry < 2)) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("The minimum lease time should be greater "
"than 2 minutes"));
return -1;
}
}
new_lease = g_new0(virNetworkDHCPLeaseTimeDef, 1);
new_lease->expiry = expiry;
new_lease->unit = unit;
*lease = new_lease;
return 0;
}
static int
virNetworkDHCPRangeDefParseXML(const char *networkName,
virNetworkIPDefPtr ipdef,
xmlNodePtr node,
virNetworkDHCPRangeDefPtr range)
{
virSocketAddrRangePtr addr = &range->addr;
xmlNodePtr cur = node->children;
g_autofree char *start = NULL;
g_autofree char *end = NULL;
if (!(start = virXMLPropString(node, "start"))) {
virReportError(VIR_ERR_XML_ERROR,
_("Missing 'start' attribute in dhcp range for network '%s'"),
networkName);
return -1;
}
if (virSocketAddrParse(&addr->start, start, AF_UNSPEC) < 0)
return -1;
if (!(end = virXMLPropString(node, "end"))) {
virReportError(VIR_ERR_XML_ERROR,
_("Missing 'end' attribute in dhcp range for network '%s'"),
networkName);
return -1;
}
if (virSocketAddrParse(&addr->end, end, AF_UNSPEC) < 0)
return -1;
/* do a sanity check of the range */
if (virSocketAddrGetRange(&addr->start, &addr->end, &ipdef->address,
virNetworkIPDefPrefix(ipdef)) < 0)
return -1;
while (cur != NULL) {
if (cur->type == XML_ELEMENT_NODE &&
virXMLNodeNameEqual(cur, "lease")) {
if (virNetworkDHCPLeaseTimeDefParseXML(&range->lease, cur) < 0)
return -1;
}
cur = cur->next;
}
return 0;
}
static int
virNetworkDHCPHostDefParseXML(const char *networkName,
virNetworkIPDefPtr def,
xmlNodePtr node,
virNetworkDHCPHostDefPtr host,
bool partialOkay)
{
g_autofree char *mac = NULL;
g_autofree char *name = NULL;
g_autofree char *ip = NULL;
g_autofree char *id = NULL;
virMacAddr addr;
virSocketAddr inaddr;
xmlNodePtr cur = node->children;
mac = virXMLPropString(node, "mac");
if (mac != NULL) {
if (VIR_SOCKET_ADDR_IS_FAMILY(&def->address, AF_INET6)) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid to specify MAC address '%s' "
"in network '%s' IPv6 static host definition"),
mac, networkName);
return -1;
}
if (virMacAddrParse(mac, &addr) < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Cannot parse MAC address '%s' in network '%s'"),
mac, networkName);
return -1;
}
if (virMacAddrIsMulticast(&addr)) {
virReportError(VIR_ERR_XML_ERROR,
_("expected unicast mac address, found "
"multicast '%s' in network '%s'"),
(const char *)mac, networkName);
return -1;
}
}
id = virXMLPropString(node, "id");
if (id) {
char *cp = id + strspn(id, "0123456789abcdefABCDEF:");
if (*cp) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid character '%c' in id '%s' of network '%s'"),
*cp, id, networkName);
return -1;
}
}
name = virXMLPropString(node, "name");
if (name && (!g_ascii_isalpha(name[0]))) {
virReportError(VIR_ERR_XML_ERROR,
_("Cannot use host name '%s' in network '%s'"),
name, networkName);
return -1;
}
ip = virXMLPropString(node, "ip");
if (ip && (virSocketAddrParse(&inaddr, ip, AF_UNSPEC) < 0)) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid IP address in static host definition "
"for network '%s'"),
networkName);
return -1;
}
if (partialOkay) {
/* for search/match, you just need one of the three */
if (!(mac || name || ip)) {
virReportError(VIR_ERR_XML_ERROR,
_("At least one of name, mac, or ip attribute "
"must be specified for static host definition "
"in network '%s' "),
networkName);
return -1;
}
} else {
/* normal usage - you need at least name (IPv6) or one of MAC
* address or name (IPv4)
*/
if (VIR_SOCKET_ADDR_IS_FAMILY(&def->address, AF_INET6)) {
if (!(id || name)) {
virReportError(VIR_ERR_XML_ERROR,
_("Static host definition in IPv6 network '%s' "
"must have id or name attribute"),
networkName);
return -1;
}
} else if (!(mac || name)) {
virReportError(VIR_ERR_XML_ERROR,
_("Static host definition in IPv4 network '%s' "
"must have mac or name attribute"),
networkName);
return -1;
}
if (!ip) {
virReportError(VIR_ERR_XML_ERROR,
_("Missing IP address in static host definition "
"for network '%s'"),
networkName);
return -1;
}
}
while (cur != NULL) {
if (cur->type == XML_ELEMENT_NODE &&
virXMLNodeNameEqual(cur, "lease")) {
if (virNetworkDHCPLeaseTimeDefParseXML(&host->lease, cur) < 0)
return -1;
}
cur = cur->next;
}
host->mac = g_steal_pointer(&mac);
host->id = g_steal_pointer(&id);
host->name = g_steal_pointer(&name);
if (ip)
host->ip = inaddr;
return 0;
}
static int
virNetworkDHCPDefParseXML(const char *networkName,
xmlNodePtr node,
virNetworkIPDefPtr def)
{
int ret = -1;
xmlNodePtr cur;
virNetworkDHCPRangeDef range;
virNetworkDHCPHostDef host;
memset(&range, 0, sizeof(range));
memset(&host, 0, sizeof(host));
cur = node->children;
while (cur != NULL) {
if (cur->type == XML_ELEMENT_NODE &&
virXMLNodeNameEqual(cur, "range")) {
if (virNetworkDHCPRangeDefParseXML(networkName, def, cur, &range) < 0)
goto cleanup;
if (VIR_APPEND_ELEMENT(def->ranges, def->nranges, range) < 0)
goto cleanup;
} else if (cur->type == XML_ELEMENT_NODE &&
virXMLNodeNameEqual(cur, "host")) {
if (virNetworkDHCPHostDefParseXML(networkName, def, cur,
&host, false) < 0)
goto cleanup;
if (VIR_APPEND_ELEMENT(def->hosts, def->nhosts, host) < 0)
goto cleanup;
} else if (VIR_SOCKET_ADDR_IS_FAMILY(&def->address, AF_INET) &&
cur->type == XML_ELEMENT_NODE &&
virXMLNodeNameEqual(cur, "bootp")) {
g_autofree char *file = NULL;
g_autofree char *server = NULL;
virSocketAddr inaddr;
memset(&inaddr, 0, sizeof(inaddr));
if (!(file = virXMLPropString(cur, "file"))) {
cur = cur->next;
continue;
}
server = virXMLPropString(cur, "server");
if (server &&
virSocketAddrParse(&inaddr, server, AF_UNSPEC) < 0) {
goto cleanup;
}
def->bootfile = g_steal_pointer(&file);
def->bootserver = inaddr;
}
cur = cur->next;
}
ret = 0;
cleanup:
virNetworkDHCPHostDefClear(&host);
return ret;
}
static int
virNetworkDNSHostDefParseXML(const char *networkName,
xmlNodePtr node,
virNetworkDNSHostDefPtr def,
bool partialOkay)
{
xmlNodePtr cur;
g_autofree char *ip = NULL;
if (!(ip = virXMLPropString(node, "ip")) && !partialOkay) {
virReportError(VIR_ERR_XML_DETAIL,
_("Missing IP address in network '%s' DNS HOST record"),
networkName);
goto error;
}
if (ip && (virSocketAddrParse(&def->ip, ip, AF_UNSPEC) < 0)) {
virReportError(VIR_ERR_XML_DETAIL,
_("Invalid IP address in network '%s' DNS HOST record"),
networkName);
goto error;
}
cur = node->children;
while (cur != NULL) {
if (cur->type == XML_ELEMENT_NODE &&
virXMLNodeNameEqual(cur, "hostname")) {
if (cur->children != NULL) {
g_autofree char *name = virXMLNodeContentString(cur);
if (!name)
goto error;
if (!name[0]) {
virReportError(VIR_ERR_XML_DETAIL,
_("Missing hostname in network '%s' DNS HOST record"),
networkName);
goto error;
}
if (VIR_APPEND_ELEMENT(def->names, def->nnames, name) < 0)
goto error;
}
}
cur = cur->next;
}
if (def->nnames == 0 && !partialOkay) {
virReportError(VIR_ERR_XML_DETAIL,
_("Missing hostname in network '%s' DNS HOST record"),
networkName);
goto error;
}
if (!VIR_SOCKET_ADDR_VALID(&def->ip) && def->nnames == 0) {
virReportError(VIR_ERR_XML_DETAIL,
_("Missing ip and hostname in network '%s' DNS HOST record"),
networkName);
goto error;
}
return 0;
error:
virNetworkDNSHostDefClear(def);
return -1;
}
/* This includes all characters used in the names of current
* /etc/services and /etc/protocols files (on Fedora 20), except ".",
* which we can't allow because it would conflict with the use of "."
* as a field separator in the SRV record, there appears to be no way
* to escape it in, and the protocols/services that use "." in the
* name are obscure and unlikely to be used anyway.
*/
#define PROTOCOL_CHARS \
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" \
"-+/"
#define SERVICE_CHARS \
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" \
"_-+/*"
static int
virNetworkDNSSrvDefParseXML(const char *networkName,
xmlNodePtr node,
xmlXPathContextPtr ctxt,
virNetworkDNSSrvDefPtr def,
bool partialOkay)
{
int ret;
VIR_XPATH_NODE_AUTORESTORE(ctxt)
ctxt->node = node;
if (!(def->service = virXMLPropString(node, "service")) && !partialOkay) {
virReportError(VIR_ERR_XML_DETAIL,
_("missing required service attribute in DNS SRV record "
"of network '%s'"), networkName);
goto error;
}
if (def->service) {
if (strlen(def->service) > DNS_RECORD_LENGTH_SRV) {
virReportError(VIR_ERR_XML_DETAIL,
_("service attribute '%s' in network '%s' is too long, "
"limit is %d bytes"),
def->service, networkName, DNS_RECORD_LENGTH_SRV);
goto error;
}
if (strspn(def->service, SERVICE_CHARS) < strlen(def->service)) {
virReportError(VIR_ERR_XML_DETAIL,
_("invalid character in service attribute '%s' "
"in DNS SRV record of network '%s'"),
def->service, networkName);
goto error;
}
}
if (!(def->protocol = virXMLPropString(node, "protocol")) && !partialOkay) {
virReportError(VIR_ERR_XML_DETAIL,
_("missing required protocol attribute "
"in DNS SRV record '%s' of network '%s'"),
def->service, networkName);
goto error;
}
if (def->protocol &&
strspn(def->protocol, PROTOCOL_CHARS) < strlen(def->protocol)) {
virReportError(VIR_ERR_XML_DETAIL,
_("invalid character in protocol attribute '%s' "
"in DNS SRV record of network '%s'"),
def->protocol, networkName);
goto error;
}
/* Following attributes are optional */
def->domain = virXMLPropString(node, "domain");
def->target = virXMLPropString(node, "target");
ret = virXPathUInt("string(./@port)", ctxt, &def->port);
if (ret >= 0 && !def->target) {
virReportError(VIR_ERR_XML_DETAIL,
_("DNS SRV port attribute not permitted without "
"target for service '%s' in network '%s'"),
def->service, networkName);
goto error;
}
if (ret == -2 || (ret >= 0 && (def->port < 1 || def->port > 65535))) {
virReportError(VIR_ERR_XML_DETAIL,
_("invalid DNS SRV port attribute "
"for service '%s' in network '%s'"),
def->service, networkName);
goto error;
}
ret = virXPathUInt("string(./@priority)", ctxt, &def->priority);
if (ret >= 0 && !def->target) {
virReportError(VIR_ERR_XML_DETAIL,
_("DNS SRV priority attribute not permitted without "
"target for service '%s' in network '%s'"),
def->service, networkName);
goto error;
}
if (ret == -2 || (ret >= 0 && def->priority > 65535)) {
virReportError(VIR_ERR_XML_DETAIL,
_("Invalid DNS SRV priority attribute "
"for service '%s' in network '%s'"),
def->service, networkName);
goto error;
}
ret = virXPathUInt("string(./@weight)", ctxt, &def->weight);
if (ret >= 0 && !def->target) {
virReportError(VIR_ERR_XML_DETAIL,
_("DNS SRV weight attribute not permitted without "
"target for service '%s' in network '%s'"),
def->service, networkName);
goto error;
}
if (ret == -2 || (ret >= 0 && def->weight > 65535)) {
virReportError(VIR_ERR_XML_DETAIL,
_("invalid DNS SRV weight attribute "
"for service '%s' in network '%s'"),
def->service, networkName);
goto error;
}
return 0;
error:
virNetworkDNSSrvDefClear(def);
return -1;
}
static int
virNetworkDNSTxtDefParseXML(const char *networkName,
xmlNodePtr node,
virNetworkDNSTxtDefPtr def,
bool partialOkay)
{
const char *bad = " ,";
if (!(def->name = virXMLPropString(node, "name"))) {
virReportError(VIR_ERR_XML_DETAIL,
_("missing required name attribute in DNS TXT record "
"of network %s"), networkName);
goto error;
}
if (strcspn(def->name, bad) != strlen(def->name)) {
virReportError(VIR_ERR_XML_DETAIL,
_("prohibited character in DNS TXT record "
"name '%s' of network %s"), def->name, networkName);
goto error;
}
if (!(def->value = virXMLPropString(node, "value")) && !partialOkay) {
virReportError(VIR_ERR_XML_DETAIL,
_("missing required value attribute in DNS TXT record "
"named '%s' of network %s"), def->name, networkName);
goto error;
}
if (!(def->name || def->value)) {
virReportError(VIR_ERR_XML_DETAIL,
_("Missing required name or value "
"in DNS TXT record of network %s"), networkName);
goto error;
}
return 0;
error:
virNetworkDNSTxtDefClear(def);
return -1;
}
static int
virNetworkDNSDefParseXML(const char *networkName,
xmlNodePtr node,
xmlXPathContextPtr ctxt,
virNetworkDNSDefPtr def)
{
g_autofree xmlNodePtr *hostNodes = NULL;
g_autofree xmlNodePtr *srvNodes = NULL;
g_autofree xmlNodePtr *txtNodes = NULL;
g_autofree xmlNodePtr *fwdNodes = NULL;
g_autofree char *forwardPlainNames = NULL;
g_autofree char *enable = NULL;
int nhosts, nsrvs, ntxts, nfwds;
size_t i;
VIR_XPATH_NODE_AUTORESTORE(ctxt)
ctxt->node = node;
enable = virXPathString("string(./@enable)", ctxt);
if (enable) {
def->enable = virTristateBoolTypeFromString(enable);
if (def->enable <= 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid dns enable setting '%s' "
"in network '%s'"),
enable, networkName);
return -1;
}
}
forwardPlainNames = virXPathString("string(./@forwardPlainNames)", ctxt);
if (forwardPlainNames) {
def->forwardPlainNames = virTristateBoolTypeFromString(forwardPlainNames);
if (def->forwardPlainNames <= 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid dns forwardPlainNames setting '%s' "
"in network '%s'"),
forwardPlainNames, networkName);
return -1;
}
}
nfwds = virXPathNodeSet("./forwarder", ctxt, &fwdNodes);
if (nfwds < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("invalid element found in of network %s"),
networkName);
return -1;
}
if (nfwds > 0) {
def->forwarders = g_new0(virNetworkDNSForwarder, nfwds);
for (i = 0; i < nfwds; i++) {
g_autofree char *addr = virXMLPropString(fwdNodes[i], "addr");
if (addr && virSocketAddrParse(&def->forwarders[i].addr,
addr, AF_UNSPEC) < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid forwarder IP address '%s' "
"in network '%s'"),
addr, networkName);
return -1;
}
def->forwarders[i].domain = virXMLPropString(fwdNodes[i], "domain");
if (!(addr || def->forwarders[i].domain)) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("Invalid forwarder element, must contain "
"at least one of addr or domain"));
return -1;
}
def->nfwds++;
}
}
nhosts = virXPathNodeSet("./host", ctxt, &hostNodes);
if (nhosts < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("invalid element found in of network %s"),
networkName);
return -1;
}
if (nhosts > 0) {
def->hosts = g_new0(virNetworkDNSHostDef, nhosts);
for (i = 0; i < nhosts; i++) {
if (virNetworkDNSHostDefParseXML(networkName, hostNodes[i],
&def->hosts[def->nhosts], false) < 0) {
return -1;
}
def->nhosts++;
}
}
nsrvs = virXPathNodeSet("./srv", ctxt, &srvNodes);
if (nsrvs < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("invalid element found in of network %s"),
networkName);
return -1;
}
if (nsrvs > 0) {
def->srvs = g_new0(virNetworkDNSSrvDef, nsrvs);
for (i = 0; i < nsrvs; i++) {
if (virNetworkDNSSrvDefParseXML(networkName, srvNodes[i], ctxt,
&def->srvs[def->nsrvs], false) < 0) {
return -1;
}
def->nsrvs++;
}
}
ntxts = virXPathNodeSet("./txt", ctxt, &txtNodes);
if (ntxts < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("invalid element found in of network %s"),
networkName);
return -1;
}
if (ntxts > 0) {
def->txts = g_new0(virNetworkDNSTxtDef, ntxts);
for (i = 0; i < ntxts; i++) {
if (virNetworkDNSTxtDefParseXML(networkName, txtNodes[i],
&def->txts[def->ntxts], false) < 0) {
return -1;
}
def->ntxts++;
}
}
if (def->enable == VIR_TRISTATE_BOOL_NO &&
(nfwds || nhosts || nsrvs || ntxts)) {
virReportError(VIR_ERR_XML_ERROR,
_("Extra data in disabled network '%s'"),
networkName);
return -1;
}
return 0;
}
static int
virNetworkIPDefParseXML(const char *networkName,
xmlNodePtr node,
xmlXPathContextPtr ctxt,
virNetworkIPDefPtr def)
{
/*
* virNetworkIPDef object is already allocated as part of an array.
* On failure clear it out, but don't free it.
*/
VIR_XPATH_NODE_AUTORESTORE(ctxt)
xmlNodePtr dhcp;
g_autofree char *address = NULL;
g_autofree char *netmask = NULL;
g_autofree char *localPtr = NULL;
unsigned long prefix = 0;
int prefixRc;
int ret = -1;
ctxt->node = node;
/* grab raw data from XML */
def->family = virXPathString("string(./@family)", ctxt);
address = virXPathString("string(./@address)", ctxt);
if (!address) {
virReportError(VIR_ERR_XML_ERROR,
_("Missing required address attribute in network '%s'"),
networkName);
goto cleanup;
}
if (virSocketAddrParse(&def->address, address, AF_UNSPEC) < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid address '%s' in network '%s'"),
address, networkName);
goto cleanup;
}
netmask = virXPathString("string(./@netmask)", ctxt);
if (netmask &&
(virSocketAddrParse(&def->netmask, netmask, AF_UNSPEC) < 0)) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid netmask '%s' in network '%s'"),
netmask, networkName);
goto cleanup;
}
prefixRc = virXPathULong("string(./@prefix)", ctxt, &prefix);
if (prefixRc == -2) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid ULong value specified for prefix in definition of network '%s'"),
networkName);
goto cleanup;
}
if (prefixRc < 0)
def->prefix = 0;
else
def->prefix = prefix;
localPtr = virXPathString("string(./@localPtr)", ctxt);
if (localPtr) {
def->localPTR = virTristateBoolTypeFromString(localPtr);
if (def->localPTR <= 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid localPtr value '%s' in network '%s'"),
localPtr, networkName);
goto cleanup;
}
}
/* validate address, etc. for each family */
if ((def->family == NULL) || (STREQ(def->family, "ipv4"))) {
if (!(VIR_SOCKET_ADDR_IS_FAMILY(&def->address, AF_INET) ||
VIR_SOCKET_ADDR_IS_FAMILY(&def->address, AF_UNSPEC))) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("%s family specified for non-IPv4 address '%s' in network '%s'"),
def->family == NULL? "no" : "ipv4", address, networkName);
goto cleanup;
}
if (netmask) {
if (!VIR_SOCKET_ADDR_IS_FAMILY(&def->netmask, AF_INET)) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("Invalid netmask '%s' for address '%s' "
"in network '%s' (both must be IPv4)"),
netmask, address, networkName);
goto cleanup;
}
if (def->prefix > 0) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("Network '%s' IP address cannot have "
"both a prefix and a netmask"), networkName);
goto cleanup;
}
} else if (def->prefix > 32) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("Invalid IPv4 prefix '%lu' in network '%s'"),
prefix, networkName);
goto cleanup;
}
} else if (STREQ(def->family, "ipv6")) {
if (!VIR_SOCKET_ADDR_IS_FAMILY(&def->address, AF_INET6)) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("Family 'ipv6' specified for non-IPv6 address '%s' in network '%s'"),
address, networkName);
goto cleanup;
}
if (netmask) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("netmask not allowed for IPv6 address '%s' in network '%s'"),
address, networkName);
goto cleanup;
}
if (def->prefix > 128) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("Invalid IPv6 prefix '%lu' in network '%s'"),
prefix, networkName);
goto cleanup;
}
} else {
virReportError(VIR_ERR_XML_ERROR,
_("Unrecognized family '%s' in network '%s'"),
def->family, networkName);
goto cleanup;
}
if ((dhcp = virXPathNode("./dhcp[1]", ctxt)) &&
virNetworkDHCPDefParseXML(networkName, dhcp, def) < 0)
goto cleanup;
if (virXPathNode("./tftp[1]", ctxt)) {
if (!VIR_SOCKET_ADDR_IS_FAMILY(&def->address, AF_INET)) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("Unsupported element in an IPv6 element "
"in network '%s'"),
networkName);
goto cleanup;
}
def->tftproot = virXPathString("string(./tftp[1]/@root)", ctxt);
}
ret = 0;
cleanup:
if (ret < 0)
virNetworkIPDefClear(def);
return ret;
}
int
virNetworkPortOptionsParseXML(xmlXPathContextPtr ctxt,
virTristateBool *isolatedPort)
{
g_autofree char *str = NULL;
int tmp = VIR_TRISTATE_BOOL_ABSENT;
if ((str = virXPathString("string(./port/@isolated)", ctxt))) {
if ((tmp = virTristateBoolTypeFromString(str)) <= 0) {
virReportError(VIR_ERR_XML_ERROR,
_("unknown port isolated value '%s'"), str);
return -1;
}
}
*isolatedPort = tmp;
return 0;
}
static int
virNetworkPortGroupParseXML(virPortGroupDefPtr def,
xmlNodePtr node,
xmlXPathContextPtr ctxt)
{
/*
* virPortGroupDef object is already allocated as part of an array.
* On failure clear it out, but don't free it.
*/
VIR_XPATH_NODE_AUTORESTORE(ctxt)
xmlNodePtr virtPortNode;
xmlNodePtr vlanNode;
xmlNodePtr bandwidth_node;
g_autofree char *isDefault = NULL;
g_autofree char *trustGuestRxFilters = NULL;
int ret = -1;
ctxt->node = node;
/* grab raw data from XML */
def->name = virXPathString("string(./@name)", ctxt);
if (!def->name) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("Missing required name attribute in portgroup"));
goto cleanup;
}
isDefault = virXPathString("string(./@default)", ctxt);
def->isDefault = isDefault && STRCASEEQ(isDefault, "yes");
trustGuestRxFilters
= virXPathString("string(./@trustGuestRxFilters)", ctxt);
if (trustGuestRxFilters) {
if ((def->trustGuestRxFilters
= virTristateBoolTypeFromString(trustGuestRxFilters)) <= 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid trustGuestRxFilters setting '%s' "
"in portgroup"), trustGuestRxFilters);
goto cleanup;
}
}
virtPortNode = virXPathNode("./virtualport", ctxt);
if (virtPortNode &&
(!(def->virtPortProfile = virNetDevVPortProfileParse(virtPortNode, 0)))) {
goto cleanup;
}
bandwidth_node = virXPathNode("./bandwidth", ctxt);
if (bandwidth_node &&
virNetDevBandwidthParse(&def->bandwidth, NULL, bandwidth_node, false) < 0)
goto cleanup;
vlanNode = virXPathNode("./vlan", ctxt);
if (vlanNode && virNetDevVlanParse(vlanNode, ctxt, &def->vlan) < 0)
goto cleanup;
ret = 0;
cleanup:
if (ret < 0)
virPortGroupDefClear(def);
return ret;
}
static int
virNetworkForwardNatDefParseXML(const char *networkName,
xmlNodePtr node,
xmlXPathContextPtr ctxt,
virNetworkForwardDefPtr def)
{
int nNatAddrs, nNatPorts;
g_autofree xmlNodePtr *natAddrNodes = NULL;
g_autofree xmlNodePtr *natPortNodes = NULL;
g_autofree char *addrStart = NULL;
g_autofree char *addrEnd = NULL;
g_autofree char *ipv6 = NULL;
VIR_XPATH_NODE_AUTORESTORE(ctxt)
ctxt->node = node;
if (def->type != VIR_NETWORK_FORWARD_NAT) {
virReportError(VIR_ERR_XML_ERROR,
_("The element can only be used when 'mode' is 'nat' in network %s"),
networkName);
return -1;
}
ipv6 = virXMLPropString(node, "ipv6");
if (ipv6) {
int natIPv6;
if ((natIPv6 = virTristateBoolTypeFromString(ipv6)) <= 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid ipv6 setting '%s' "
"in network '%s' NAT"),
ipv6, networkName);
return -1;
}
def->natIPv6 = natIPv6;
}
/* addresses for SNAT */
nNatAddrs = virXPathNodeSet("./address", ctxt, &natAddrNodes);
if (nNatAddrs < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("invalid element found in of "
"network %s"), networkName);
return -1;
} else if (nNatAddrs > 1) {
virReportError(VIR_ERR_XML_ERROR,
_("Only one element is allowed in in "
" in network %s"), networkName);
return -1;
} else if (nNatAddrs == 1) {
addrStart = virXMLPropString(*natAddrNodes, "start");
if (addrStart == NULL) {
virReportError(VIR_ERR_XML_ERROR,
_("missing 'start' attribute in element in in "
" in network %s"), networkName);
return -1;
}
addrEnd = virXMLPropString(*natAddrNodes, "end");
if (addrEnd == NULL) {
virReportError(VIR_ERR_XML_ERROR,
_("missing 'end' attribute in element in in "
" in network %s"), networkName);
return -1;
}
}
if (addrStart && virSocketAddrParse(&def->addr.start, addrStart, AF_INET) < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Bad ipv4 start address '%s' in in in "
"network '%s'"), addrStart, networkName);
return -1;
}
if (addrEnd && virSocketAddrParse(&def->addr.end, addrEnd, AF_INET) < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Bad ipv4 end address '%s' in in in "
"network '%s'"), addrEnd, networkName);
return -1;
}
if (addrStart && addrEnd) {
/* verify that start <= end */
if (virSocketAddrGetRange(&def->addr.start, &def->addr.end, NULL, 0) < 0)
return -1;
} else {
if (addrStart) {
virReportError(VIR_ERR_XML_ERROR,
_("Only start address '%s' specified in in "
" in network '%s'"),
addrStart, networkName);
return -1;
}
if (addrEnd) {
virReportError(VIR_ERR_XML_ERROR,
_("Only end address '%s' specified in in "
" in network '%s'"),
addrEnd, networkName);
return -1;
}
}
/* ports for SNAT and MASQUERADE */
nNatPorts = virXPathNodeSet("./port", ctxt, &natPortNodes);
if (nNatPorts < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("invalid element found in of "
"network %s"), networkName);
return -1;
} else if (nNatPorts > 1) {
virReportError(VIR_ERR_XML_ERROR,
_("Only one element is allowed in in "
" in network %s"), networkName);
return -1;
} else if (nNatPorts == 1) {
if (virXPathUInt("string(./port[1]/@start)", ctxt, &def->port.start) < 0
|| def->port.start > 65535) {
virReportError(VIR_ERR_XML_DETAIL,
_("Missing or invalid 'start' attribute in "
"in in in network %s"),
networkName);
return -1;
}
if (virXPathUInt("string(./port[1]/@end)", ctxt, &def->port.end) < 0
|| def->port.end > 65535 || def->port.end < def->port.start) {
virReportError(VIR_ERR_XML_DETAIL,
_("Missing or invalid 'end' attribute in in "
" in in network %s"), networkName);
return -1;
}
}
return 0;
}
static int
virNetworkForwardDefParseXML(const char *networkName,
xmlNodePtr node,
xmlXPathContextPtr ctxt,
virNetworkForwardDefPtr def)
{
size_t i, j;
int nForwardIfs, nForwardAddrs, nForwardPfs, nForwardNats;
g_autofree xmlNodePtr *forwardIfNodes = NULL;
g_autofree xmlNodePtr *forwardPfNodes = NULL;
g_autofree xmlNodePtr *forwardAddrNodes = NULL;
g_autofree xmlNodePtr *forwardNatNodes = NULL;
g_autofree char *forwardDev = NULL;
g_autofree char *forwardManaged = NULL;
g_autofree char *forwardDriverName = NULL;
g_autofree char *type = NULL;
VIR_XPATH_NODE_AUTORESTORE(ctxt)
ctxt->node = node;
if (!(type = virXPathString("string(./@mode)", ctxt))) {
def->type = VIR_NETWORK_FORWARD_NAT;
} else {
if ((def->type = virNetworkForwardTypeFromString(type)) < 0) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("unknown forwarding type '%s'"), type);
return -1;
}
}
forwardManaged = virXPathString("string(./@managed)", ctxt);
if (forwardManaged != NULL &&
STRCASEEQ(forwardManaged, "yes")) {
def->managed = true;
}
forwardDriverName = virXPathString("string(./driver/@name)", ctxt);
if (forwardDriverName) {
int driverName
= virNetworkForwardDriverNameTypeFromString(forwardDriverName);
if (driverName <= 0) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("Unknown forward "
"in network %s"),
forwardDriverName, networkName);
return -1;
}
def->driverName = driverName;
}
/* bridge and hostdev modes can use a pool of physical interfaces */
nForwardIfs = virXPathNodeSet("./interface", ctxt, &forwardIfNodes);
if (nForwardIfs < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("invalid element found in of network %s"),
networkName);
return -1;
}
nForwardAddrs = virXPathNodeSet("./address", ctxt, &forwardAddrNodes);
if (nForwardAddrs < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("invalid element found in of network %s"),
networkName);
return -1;
}
nForwardPfs = virXPathNodeSet("./pf", ctxt, &forwardPfNodes);
if (nForwardPfs < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("invalid element found in of network %s"),
networkName);
return -1;
}
nForwardNats = virXPathNodeSet("./nat", ctxt, &forwardNatNodes);
if (nForwardNats < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("invalid element found in of network %s"),
networkName);
return -1;
} else if (nForwardNats > 1) {
virReportError(VIR_ERR_XML_ERROR,
_("Only one element is allowed in of network %s"),
networkName);
return -1;
} else if (nForwardNats == 1) {
if (virNetworkForwardNatDefParseXML(networkName,
*forwardNatNodes,
ctxt, def) < 0)
return -1;
}
forwardDev = virXPathString("string(./@dev)", ctxt);
if (forwardDev && (nForwardAddrs > 0 || nForwardPfs > 0)) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("the 'dev' attribute cannot be used when "
" or sub-elements are present "
"in network %s"));
return -1;
}
if (nForwardIfs > 0 || forwardDev) {
def->ifs = g_new0(virNetworkForwardIfDef, MAX(nForwardIfs, 1));
if (forwardDev) {
def->ifs[0].device.dev = g_steal_pointer(&forwardDev);
def->ifs[0].type = VIR_NETWORK_FORWARD_HOSTDEV_DEVICE_NETDEV;
def->nifs++;
}
/* parse each */
for (i = 0; i < nForwardIfs; i++) {
g_autofree char *forwardDevi = virXMLPropString(forwardIfNodes[i], "dev");
if (!forwardDevi) {
virReportError(VIR_ERR_XML_ERROR,
_("Missing required dev attribute in "
" element of network %s"),
networkName);
return -1;
}
if ((i == 0) && (def->nifs == 1)) {
/* both and are
* present. If they don't match, it's an error.
*/
if (STRNEQ(forwardDevi, def->ifs[0].device.dev)) {
virReportError(VIR_ERR_XML_ERROR,
_(" must match first "
" in network %s"),
def->ifs[0].device.dev,
forwardDevi, networkName);
return -1;
}
continue;
}
for (j = 0; j < i; j++) {
if (STREQ_NULLABLE(def->ifs[j].device.dev, forwardDevi)) {
virReportError(VIR_ERR_XML_ERROR,
_("interface '%s' can only be "
"listed once in network %s"),
forwardDevi, networkName);
return -1;
}
}
def->ifs[i].device.dev = g_steal_pointer(&forwardDevi);
def->ifs[i].type = VIR_NETWORK_FORWARD_HOSTDEV_DEVICE_NETDEV;
def->nifs++;
}
} else if (nForwardAddrs > 0) {
def->ifs = g_new0(virNetworkForwardIfDef, nForwardAddrs);
for (i = 0; i < nForwardAddrs; i++) {
g_autofree char *addrType = NULL;
if (!(addrType = virXMLPropString(forwardAddrNodes[i], "type"))) {
virReportError(VIR_ERR_XML_ERROR,
_("missing address type in network %s"),
networkName);
return -1;
}
if ((def->ifs[i].type = virNetworkForwardHostdevDeviceTypeFromString(addrType)) < 0) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("unknown address type '%s' in network %s"),
addrType, networkName);
return -1;
}
switch (def->ifs[i].type) {
case VIR_NETWORK_FORWARD_HOSTDEV_DEVICE_PCI:
{
virPCIDeviceAddressPtr addr = &def->ifs[i].device.pci;
if (virPCIDeviceAddressParseXML(forwardAddrNodes[i], addr) < 0)
return -1;
for (j = 0; j < i; j++) {
if (virPCIDeviceAddressEqual(addr, &def->ifs[j].device.pci)) {
virReportError(VIR_ERR_XML_ERROR,
_("PCI device '%04x:%02x:%02x.%x' can "
"only be listed once in network %s"),
addr->domain, addr->bus,
addr->slot, addr->function,
networkName);
return -1;
}
}
break;
}
/* Add USB case here if we ever find a reason to support it */
default:
virReportError(VIR_ERR_XML_ERROR,
_("unsupported address type '%s' in network %s"),
addrType, networkName);
return -1;
}
def->nifs++;
}
} else if (nForwardPfs > 1) {
virReportError(VIR_ERR_XML_ERROR,
_("Only one element is allowed in of network %s"),
networkName);
return -1;
} else if (nForwardPfs == 1) {
def->pfs = g_new0(virNetworkForwardPfDef, nForwardPfs);
forwardDev = virXMLPropString(*forwardPfNodes, "dev");
if (!forwardDev) {
virReportError(VIR_ERR_XML_ERROR,
_("Missing required dev attribute "
"in element of network '%s'"),
networkName);
return -1;
}
def->pfs->dev = g_steal_pointer(&forwardDev);
def->npfs++;
}
return 0;
}
virNetworkDefPtr
virNetworkDefParseXML(xmlXPathContextPtr ctxt,
virNetworkXMLOptionPtr xmlopt)
{
g_autoptr(virNetworkDef) def = NULL;
g_autofree char *uuid = NULL;
g_autofree char *localOnly = NULL;
g_autofree char *stp = NULL;
g_autofree char *stpDelay = NULL;
g_autofree char *macTableManager = NULL;
g_autofree char *macAddr = NULL;
g_autofree char *mtuSize = NULL;
g_autofree xmlNodePtr *ipNodes = NULL;
g_autofree xmlNodePtr *routeNodes = NULL;
g_autofree xmlNodePtr *portGroupNodes = NULL;
int nips, nPortGroups, nRoutes;
xmlNodePtr dnsNode = NULL;
xmlNodePtr virtPortNode = NULL;
xmlNodePtr forwardNode = NULL;
g_autofree char *ipv6nogwStr = NULL;
g_autofree char *trustGuestRxFilters = NULL;
VIR_XPATH_NODE_AUTORESTORE(ctxt)
xmlNodePtr bandwidthNode = NULL;
xmlNodePtr vlanNode;
xmlNodePtr metadataNode = NULL;
def = g_new0(virNetworkDef, 1);
/* Extract network name */
def->name = virXPathString("string(./name[1])", ctxt);
if (!def->name) {
virReportError(VIR_ERR_NO_NAME, NULL);
return NULL;
}
if (virXMLCheckIllegalChars("name", def->name, "/") < 0)
return NULL;
/* Extract network uuid */
uuid = virXPathString("string(./uuid[1])", ctxt);
if (!uuid) {
if (virUUIDGenerate(def->uuid) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("Failed to generate UUID"));
return NULL;
}
} else {
if (virUUIDParse(uuid, def->uuid) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("malformed uuid element"));
return NULL;
}
def->uuid_specified = true;
}
/* check if definitions with no IPv6 gateway addresses is to
* allow guest-to-guest communications.
*/
ipv6nogwStr = virXPathString("string(./@ipv6)", ctxt);
if (ipv6nogwStr) {
if (virStringParseYesNo(ipv6nogwStr, &def->ipv6nogw) < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid ipv6 setting '%s' in network '%s'"),
ipv6nogwStr, def->name);
return NULL;
}
}
trustGuestRxFilters
= virXPathString("string(./@trustGuestRxFilters)", ctxt);
if (trustGuestRxFilters) {
if ((def->trustGuestRxFilters
= virTristateBoolTypeFromString(trustGuestRxFilters)) <= 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid trustGuestRxFilters setting '%s' "
"in network '%s'"),
trustGuestRxFilters, def->name);
return NULL;
}
}
/* Parse network domain information */
def->domain = virXPathString("string(./domain[1]/@name)", ctxt);
localOnly = virXPathString("string(./domain[1]/@localOnly)", ctxt);
if (localOnly) {
def->domainLocalOnly = virTristateBoolTypeFromString(localOnly);
if (def->domainLocalOnly <= 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid domain localOnly setting '%s' "
"in network '%s'"),
localOnly, def->name);
return NULL;
}
}
if ((bandwidthNode = virXPathNode("./bandwidth", ctxt)) &&
virNetDevBandwidthParse(&def->bandwidth, NULL, bandwidthNode, false) < 0)
return NULL;
vlanNode = virXPathNode("./vlan", ctxt);
if (vlanNode && virNetDevVlanParse(vlanNode, ctxt, &def->vlan) < 0)
return NULL;
if (virNetworkPortOptionsParseXML(ctxt, &def->isolatedPort) < 0)
return NULL;
/* Parse bridge information */
def->bridge = virXPathString("string(./bridge[1]/@name)", ctxt);
def->bridgeZone = virXPathString("string(./bridge[1]/@zone)", ctxt);
stp = virXPathString("string(./bridge[1]/@stp)", ctxt);
def->stp = (stp && STREQ(stp, "off")) ? false : true;
stpDelay = virXPathString("string(./bridge[1]/@delay)", ctxt);
if (stpDelay) {
if (virStrToLong_ulp(stpDelay, NULL, 10, &def->delay) < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid delay value in network '%s'"),
def->name);
return NULL;
}
}
macTableManager = virXPathString("string(./bridge[1]/@macTableManager)", ctxt);
if (macTableManager) {
if ((def->macTableManager
= virNetworkBridgeMACTableManagerTypeFromString(macTableManager)) <= 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid macTableManager setting '%s' "
"in network '%s'"), macTableManager, def->name);
return NULL;
}
}
macAddr = virXPathString("string(./mac[1]/@address)", ctxt);
if (macAddr) {
if (virMacAddrParse(macAddr, &def->mac) < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid bridge mac address '%s' in network '%s'"),
macAddr, def->name);
return NULL;
}
if (virMacAddrIsMulticast(&def->mac)) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid multicast bridge mac address '%s' in network '%s'"),
macAddr, def->name);
return NULL;
}
def->mac_specified = true;
}
mtuSize = virXPathString("string(./mtu/@size)", ctxt);
if (mtuSize) {
if (virStrToLong_ui(mtuSize, NULL, 10, &def->mtu) < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid mtu size '%s' in network '%s'"),
mtuSize, def->name);
return NULL;
}
}
dnsNode = virXPathNode("./dns", ctxt);
if (dnsNode != NULL &&
virNetworkDNSDefParseXML(def->name, dnsNode, ctxt, &def->dns) < 0) {
return NULL;
}
virtPortNode = virXPathNode("./virtualport", ctxt);
if (virtPortNode &&
(!(def->virtPortProfile = virNetDevVPortProfileParse(virtPortNode,
VIR_VPORT_XML_REQUIRE_TYPE)))) {
return NULL;
}
nPortGroups = virXPathNodeSet("./portgroup", ctxt, &portGroupNodes);
if (nPortGroups < 0)
return NULL;
if (nPortGroups > 0) {
size_t i;
/* allocate array to hold all the portgroups */
def->portGroups = g_new0(virPortGroupDef, nPortGroups);
/* parse each portgroup */
for (i = 0; i < nPortGroups; i++) {
if (virNetworkPortGroupParseXML(&def->portGroups[i],
portGroupNodes[i],
ctxt) < 0)
return NULL;
def->nPortGroups++;
}
}
nips = virXPathNodeSet("./ip", ctxt, &ipNodes);
if (nips < 0)
return NULL;
if (nips > 0) {
size_t i;
/* allocate array to hold all the addrs */
def->ips = g_new0(virNetworkIPDef, nips);
/* parse each addr */
for (i = 0; i < nips; i++) {
if (virNetworkIPDefParseXML(def->name,
ipNodes[i],
ctxt,
&def->ips[i]) < 0)
return NULL;
def->nips++;
}
}
nRoutes = virXPathNodeSet("./route", ctxt, &routeNodes);
if (nRoutes < 0)
return NULL;
if (nRoutes > 0) {
size_t i;
/* allocate array to hold all the route definitions */
def->routes = g_new0(virNetDevIPRoutePtr, nRoutes);
/* parse each definition */
for (i = 0; i < nRoutes; i++) {
virNetDevIPRoutePtr route = NULL;
if (!(route = virNetDevIPRouteParseXML(def->name,
routeNodes[i],
ctxt)))
return NULL;
def->routes[i] = route;
def->nroutes++;
}
/* now validate the correctness of any static route gateways specified
*
* note: the parameters within each definition are verified/assumed valid;
* the question being asked and answered here is if the specified gateway
* is directly reachable from this bridge.
*/
nRoutes = def->nroutes;
nips = def->nips;
for (i = 0; i < nRoutes; i++) {
size_t j;
virSocketAddr testAddr, testGw;
bool addrMatch;
virNetDevIPRoutePtr gwdef = def->routes[i];
virSocketAddrPtr gateway = virNetDevIPRouteGetGateway(gwdef);
addrMatch = false;
for (j = 0; j < nips; j++) {
virNetworkIPDefPtr def2 = &def->ips[j];
int prefix;
if (VIR_SOCKET_ADDR_FAMILY(gateway)
!= VIR_SOCKET_ADDR_FAMILY(&def2->address)) {
continue;
}
prefix = virNetworkIPDefPrefix(def2);
virSocketAddrMaskByPrefix(&def2->address, prefix, &testAddr);
virSocketAddrMaskByPrefix(gateway, prefix, &testGw);
if (VIR_SOCKET_ADDR_VALID(&testAddr) &&
VIR_SOCKET_ADDR_VALID(&testGw) &&
virSocketAddrEqual(&testAddr, &testGw)) {
addrMatch = true;
break;
}
}
if (!addrMatch) {
g_autofree char *gw = virSocketAddrFormat(gateway);
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("unreachable static route gateway '%s' specified for network '%s'"),
gw, def->name);
return NULL;
}
}
}
forwardNode = virXPathNode("./forward", ctxt);
if (forwardNode &&
virNetworkForwardDefParseXML(def->name, forwardNode, ctxt, &def->forward) < 0) {
return NULL;
}
/* Validate some items in the main NetworkDef that need to align
* with the chosen forward mode.
*/
switch ((virNetworkForwardType) def->forward.type) {
case VIR_NETWORK_FORWARD_NONE:
break;
case VIR_NETWORK_FORWARD_ROUTE:
case VIR_NETWORK_FORWARD_NAT:
case VIR_NETWORK_FORWARD_OPEN:
/* It's pointless to specify L3 forwarding without specifying
* the network we're on.
*/
if (def->nips == 0) {
virReportError(VIR_ERR_XML_ERROR,
_("%s forwarding requested, "
"but no IP address provided for network '%s'"),
virNetworkForwardTypeToString(def->forward.type),
def->name);
return NULL;
}
if (def->forward.nifs > 1) {
virReportError(VIR_ERR_XML_ERROR,
_("multiple forwarding interfaces specified "
"for network '%s', only one is supported"),
def->name);
return NULL;
}
if (def->forward.type == VIR_NETWORK_FORWARD_OPEN && def->forward.nifs) {
/* an open network by definition can't place any restrictions
* on what traffic is allowed or where it goes, so specifying
* a forwarding device is nonsensical.
*/
virReportError(VIR_ERR_XML_ERROR,
_("forward dev not allowed for "
"network '%s' with forward mode='%s'"),
def->name,
virNetworkForwardTypeToString(def->forward.type));
return NULL;
}
break;
case VIR_NETWORK_FORWARD_PRIVATE:
case VIR_NETWORK_FORWARD_VEPA:
case VIR_NETWORK_FORWARD_PASSTHROUGH:
case VIR_NETWORK_FORWARD_HOSTDEV:
if (def->bridge) {
virReportError(VIR_ERR_XML_ERROR,
_("bridge name not allowed in %s mode (network '%s')"),
virNetworkForwardTypeToString(def->forward.type),
def->name);
return NULL;
}
if (def->bridgeZone) {
virReportError(VIR_ERR_XML_ERROR,
_("bridge zone not allowed in %s mode (network '%s')"),
virNetworkForwardTypeToString(def->forward.type),
def->name);
return NULL;
}
if (def->macTableManager) {
virReportError(VIR_ERR_XML_ERROR,
_("bridge macTableManager setting not allowed "
"in %s mode (network '%s')"),
virNetworkForwardTypeToString(def->forward.type),
def->name);
return NULL;
}
G_GNUC_FALLTHROUGH;
case VIR_NETWORK_FORWARD_BRIDGE:
if (def->delay || stp || def->bridgeZone) {
virReportError(VIR_ERR_XML_ERROR,
_("bridge delay/stp/zone options only allowed in "
"route, nat, and isolated mode, not in %s "
"(network '%s')"),
virNetworkForwardTypeToString(def->forward.type),
def->name);
return NULL;
}
if (def->bridge && (def->forward.nifs || def->forward.npfs)) {
virReportError(VIR_ERR_XML_ERROR,
_("A network with forward mode='%s' can specify "
"a bridge name or a forward dev, but not "
"both (network '%s')"),
virNetworkForwardTypeToString(def->forward.type),
def->name);
return NULL;
}
break;
case VIR_NETWORK_FORWARD_LAST:
default:
virReportEnumRangeError(virNetworkForwardType, def->forward.type);
return NULL;
}
if (def->mtu) {
switch ((virNetworkForwardType) def->forward.type) {
case VIR_NETWORK_FORWARD_NONE:
case VIR_NETWORK_FORWARD_NAT:
case VIR_NETWORK_FORWARD_ROUTE:
case VIR_NETWORK_FORWARD_OPEN:
break;
case VIR_NETWORK_FORWARD_BRIDGE:
case VIR_NETWORK_FORWARD_PRIVATE:
case VIR_NETWORK_FORWARD_VEPA:
case VIR_NETWORK_FORWARD_PASSTHROUGH:
case VIR_NETWORK_FORWARD_HOSTDEV:
virReportError(VIR_ERR_XML_ERROR,
_("mtu size only allowed in open, route, nat, "
"and isolated mode, not in %s (network '%s')"),
virNetworkForwardTypeToString(def->forward.type),
def->name);
return NULL;
case VIR_NETWORK_FORWARD_LAST:
default:
virReportEnumRangeError(virNetworkForwardType, def->forward.type);
return NULL;
}
}
/* Extract custom metadata */
if ((metadataNode = virXPathNode("./metadata[1]", ctxt)) != NULL) {
def->metadata = xmlCopyNode(metadataNode, 1);
virXMLNodeSanitizeNamespaces(def->metadata);
}
if (xmlopt)
def->ns = xmlopt->ns;
if (def->ns.parse) {
if (virXMLNamespaceRegister(ctxt, &def->ns) < 0)
return NULL;
if ((def->ns.parse)(ctxt, &def->namespaceData) < 0)
return NULL;
}
return g_steal_pointer(&def);
}
static virNetworkDefPtr
virNetworkDefParse(const char *xmlStr,
const char *filename,
virNetworkXMLOptionPtr xmlopt)
{
g_autoptr(xmlDoc) xml = NULL;
virNetworkDefPtr def = NULL;
int keepBlanksDefault = xmlKeepBlanksDefault(0);
if ((xml = virXMLParse(filename, xmlStr, _("(network_definition)"))))
def = virNetworkDefParseNode(xml, xmlDocGetRootElement(xml), xmlopt);
xmlKeepBlanksDefault(keepBlanksDefault);
return def;
}
virNetworkDefPtr
virNetworkDefParseString(const char *xmlStr,
virNetworkXMLOptionPtr xmlopt)
{
return virNetworkDefParse(xmlStr, NULL, xmlopt);
}
virNetworkDefPtr
virNetworkDefParseFile(const char *filename,
virNetworkXMLOptionPtr xmlopt)
{
return virNetworkDefParse(NULL, filename, xmlopt);
}
virNetworkDefPtr
virNetworkDefParseNode(xmlDocPtr xml,
xmlNodePtr root,
virNetworkXMLOptionPtr xmlopt)
{
g_autoptr(xmlXPathContext) ctxt = NULL;
if (!virXMLNodeNameEqual(root, "network")) {
virReportError(VIR_ERR_XML_ERROR,
_("unexpected root element <%s>, "
"expecting "),
root->name);
return NULL;
}
if (!(ctxt = virXMLXPathContextNew(xml)))
return NULL;
ctxt->node = root;
return virNetworkDefParseXML(ctxt, xmlopt);
}
static int
virNetworkDNSDefFormat(virBufferPtr buf,
const virNetworkDNSDef *def)
{
size_t i, j;
if (!(def->enable || def->forwardPlainNames || def->nfwds || def->nhosts ||
def->nsrvs || def->ntxts))
return 0;
virBufferAddLit(buf, "enable) {
const char *fwd = virTristateBoolTypeToString(def->enable);
if (!fwd) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Unknown enable type %d in network"),
def->enable);
return -1;
}
virBufferAsprintf(buf, " enable='%s'", fwd);
}
if (def->forwardPlainNames) {
const char *fwd = virTristateBoolTypeToString(def->forwardPlainNames);
if (!fwd) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Unknown forwardPlainNames type %d in network"),
def->forwardPlainNames);
return -1;
}
virBufferAsprintf(buf, " forwardPlainNames='%s'", fwd);
}
if (!(def->nfwds || def->nhosts || def->nsrvs || def->ntxts)) {
virBufferAddLit(buf, "/>\n");
return 0;
}
virBufferAddLit(buf, ">\n");
virBufferAdjustIndent(buf, 2);
for (i = 0; i < def->nfwds; i++) {
virBufferAddLit(buf, "forwarders[i].domain) {
virBufferEscapeString(buf, " domain='%s'",
def->forwarders[i].domain);
}
if (VIR_SOCKET_ADDR_VALID(&def->forwarders[i].addr)) {
g_autofree char *addr = virSocketAddrFormat(&def->forwarders[i].addr);
if (!addr)
return -1;
virBufferAsprintf(buf, " addr='%s'", addr);
}
virBufferAddLit(buf, "/>\n");
}
for (i = 0; i < def->ntxts; i++) {
virBufferEscapeString(buf, "txts[i].name);
virBufferEscapeString(buf, "value='%s'/>\n", def->txts[i].value);
}
for (i = 0; i < def->nsrvs; i++) {
if (def->srvs[i].service && def->srvs[i].protocol) {
virBufferEscapeString(buf, "srvs[i].service);
virBufferEscapeString(buf, "protocol='%s'", def->srvs[i].protocol);
if (def->srvs[i].domain)
virBufferEscapeString(buf, " domain='%s'", def->srvs[i].domain);
if (def->srvs[i].target)
virBufferEscapeString(buf, " target='%s'", def->srvs[i].target);
if (def->srvs[i].port)
virBufferAsprintf(buf, " port='%d'", def->srvs[i].port);
if (def->srvs[i].priority)
virBufferAsprintf(buf, " priority='%d'", def->srvs[i].priority);
if (def->srvs[i].weight)
virBufferAsprintf(buf, " weight='%d'", def->srvs[i].weight);
virBufferAddLit(buf, "/>\n");
}
}
if (def->nhosts) {
for (i = 0; i < def->nhosts; i++) {
g_autofree char *ip = virSocketAddrFormat(&def->hosts[i].ip);
virBufferAsprintf(buf, "\n", ip);
virBufferAdjustIndent(buf, 2);
for (j = 0; j < def->hosts[i].nnames; j++)
virBufferEscapeString(buf, "%s\n",
def->hosts[i].names[j]);
virBufferAdjustIndent(buf, -2);
virBufferAddLit(buf, "\n");
}
}
virBufferAdjustIndent(buf, -2);
virBufferAddLit(buf, "\n");
return 0;
}
static int
virNetworkIPDefFormat(virBufferPtr buf,
const virNetworkIPDef *def)
{
virBufferAddLit(buf, "family)
virBufferAsprintf(buf, " family='%s'", def->family);
if (VIR_SOCKET_ADDR_VALID(&def->address)) {
g_autofree char *addr = virSocketAddrFormat(&def->address);
if (!addr)
return -1;
virBufferAsprintf(buf, " address='%s'", addr);
}
if (VIR_SOCKET_ADDR_VALID(&def->netmask)) {
g_autofree char *addr = virSocketAddrFormat(&def->netmask);
if (!addr)
return -1;
virBufferAsprintf(buf, " netmask='%s'", addr);
}
if (def->prefix > 0)
virBufferAsprintf(buf, " prefix='%u'", def->prefix);
if (def->localPTR) {
virBufferAsprintf(buf, " localPtr='%s'",
virTristateBoolTypeToString(def->localPTR));
}
virBufferAddLit(buf, ">\n");
virBufferAdjustIndent(buf, 2);
if (def->tftproot) {
virBufferEscapeString(buf, "\n",
def->tftproot);
}
if ((def->nranges || def->nhosts)) {
size_t i;
virBufferAddLit(buf, "\n");
virBufferAdjustIndent(buf, 2);
for (i = 0; i < def->nranges; i++) {
virSocketAddrRange addr = def->ranges[i].addr;
virNetworkDHCPLeaseTimeDefPtr lease = def->ranges[i].lease;
g_autofree char *saddr = NULL;
g_autofree char *eaddr = NULL;
if (!(saddr = virSocketAddrFormat(&addr.start)))
return -1;
if (!(eaddr = virSocketAddrFormat(&addr.end)))
return -1;
virBufferAsprintf(buf, "\n");
virBufferAdjustIndent(buf, 2);
if (!lease->expiry) {
virBufferAddLit(buf, "\n");
} else {
virBufferAsprintf(buf, "\n",
lease->expiry,
virNetworkDHCPLeaseTimeUnitTypeToString(lease->unit));
}
virBufferAdjustIndent(buf, -2);
virBufferAddLit(buf, "\n");
} else {
virBufferAddLit(buf, "/>\n");
}
}
for (i = 0; i < def->nhosts; i++) {
virNetworkDHCPLeaseTimeDefPtr lease = def->hosts[i].lease;
virBufferAddLit(buf, "hosts[i].mac)
virBufferAsprintf(buf, " mac='%s'", def->hosts[i].mac);
if (def->hosts[i].id)
virBufferAsprintf(buf, " id='%s'", def->hosts[i].id);
if (def->hosts[i].name)
virBufferAsprintf(buf, " name='%s'", def->hosts[i].name);
if (VIR_SOCKET_ADDR_VALID(&def->hosts[i].ip)) {
g_autofree char *ipaddr = virSocketAddrFormat(&def->hosts[i].ip);
if (!ipaddr)
return -1;
virBufferAsprintf(buf, " ip='%s'", ipaddr);
}
if (lease) {
virBufferAddLit(buf, ">\n");
virBufferAdjustIndent(buf, 2);
if (!lease->expiry) {
virBufferAddLit(buf, "\n");
} else {
virBufferAsprintf(buf, "\n",
lease->expiry,
virNetworkDHCPLeaseTimeUnitTypeToString(lease->unit));
}
virBufferAdjustIndent(buf, -2);
virBufferAddLit(buf, "\n");
} else {
virBufferAddLit(buf, "/>\n");
}
}
if (def->bootfile) {
virBufferEscapeString(buf, "bootfile);
if (VIR_SOCKET_ADDR_VALID(&def->bootserver)) {
g_autofree char *ipaddr = virSocketAddrFormat(&def->bootserver);
if (!ipaddr)
return -1;
virBufferEscapeString(buf, " server='%s'", ipaddr);
}
virBufferAddLit(buf, "/>\n");
}
virBufferAdjustIndent(buf, -2);
virBufferAddLit(buf, "\n");
}
virBufferAdjustIndent(buf, -2);
virBufferAddLit(buf, "\n");
return 0;
}
void
virNetworkPortOptionsFormat(virTristateBool isolatedPort,
virBufferPtr buf)
{
if (isolatedPort != VIR_TRISTATE_BOOL_ABSENT)
virBufferAsprintf(buf, "\n",
virTristateBoolTypeToString(isolatedPort));
}
static int
virPortGroupDefFormat(virBufferPtr buf,
const virPortGroupDef *def)
{
virBufferAsprintf(buf, "name);
if (def->isDefault)
virBufferAddLit(buf, " default='yes'");
if (def->trustGuestRxFilters)
virBufferAsprintf(buf, " trustGuestRxFilters='%s'",
virTristateBoolTypeToString(def->trustGuestRxFilters));
virBufferAddLit(buf, ">\n");
virBufferAdjustIndent(buf, 2);
if (virNetDevVlanFormat(&def->vlan, buf) < 0)
return -1;
if (virNetDevVPortProfileFormat(def->virtPortProfile, buf) < 0)
return -1;
virNetDevBandwidthFormat(def->bandwidth, 0, buf);
virBufferAdjustIndent(buf, -2);
virBufferAddLit(buf, "\n");
return 0;
}
static int
virNetworkForwardNatDefFormat(virBufferPtr buf,
const virNetworkForwardDef *fwd)
{
g_autofree char *addrStart = NULL;
g_autofree char *addrEnd = NULL;
if (VIR_SOCKET_ADDR_VALID(&fwd->addr.start)) {
addrStart = virSocketAddrFormat(&fwd->addr.start);
if (!addrStart)
return -1;
}
if (VIR_SOCKET_ADDR_VALID(&fwd->addr.end)) {
addrEnd = virSocketAddrFormat(&fwd->addr.end);
if (!addrEnd)
return -1;
}
if (!addrEnd && !addrStart && !fwd->port.start && !fwd->port.end && !fwd->natIPv6)
return 0;
virBufferAddLit(buf, "natIPv6)
virBufferAsprintf(buf, " ipv6='%s'", virTristateBoolTypeToString(fwd->natIPv6));
if (!addrEnd && !addrStart && !fwd->port.start && !fwd->port.end) {
virBufferAddLit(buf, "/>\n");
return 0;
}
virBufferAddLit(buf, ">\n");
virBufferAdjustIndent(buf, 2);
if (addrStart) {
virBufferAsprintf(buf, "\n");
}
if (fwd->port.start || fwd->port.end) {
virBufferAsprintf(buf, "port.start);
if (fwd->port.end)
virBufferAsprintf(buf, " end='%d'", fwd->port.end);
virBufferAddLit(buf, "/>\n");
}
virBufferAdjustIndent(buf, -2);
virBufferAddLit(buf, "\n");
return 0;
}
int
virNetworkDefFormatBuf(virBufferPtr buf,
const virNetworkDef *def,
virNetworkXMLOptionPtr xmlopt G_GNUC_UNUSED,
unsigned int flags)
{
const unsigned char *uuid;
char uuidstr[VIR_UUID_STRING_BUFLEN];
size_t i;
bool shortforward;
bool hasbridge = false;
virBufferAddLit(buf, "namespaceData && def->ns.format)
virXMLNamespaceFormatNS(buf, &def->ns);
if (!(flags & VIR_NETWORK_XML_INACTIVE) && (def->connections > 0))
virBufferAsprintf(buf, " connections='%d'", def->connections);
if (def->ipv6nogw)
virBufferAddLit(buf, " ipv6='yes'");
if (def->trustGuestRxFilters)
virBufferAsprintf(buf, " trustGuestRxFilters='%s'",
virTristateBoolTypeToString(def->trustGuestRxFilters));
virBufferAddLit(buf, ">\n");
virBufferAdjustIndent(buf, 2);
virBufferEscapeString(buf, "%s\n", def->name);
uuid = def->uuid;
virUUIDFormat(uuid, uuidstr);
virBufferAsprintf(buf, "%s\n", uuidstr);
if (def->metadata) {
g_autoptr(xmlBuffer) xmlbuf = NULL;
int oldIndentTreeOutput = xmlIndentTreeOutput;
/* Indentation on output requires that we previously set
* xmlKeepBlanksDefault to 0 when parsing; also, libxml does 2
* spaces per level of indentation of intermediate elements,
* but no leading indentation before the starting element.
* Thankfully, libxml maps what looks like globals into
* thread-local uses, so we are thread-safe. */
xmlIndentTreeOutput = 1;
if (!(xmlbuf = xmlBufferCreate())) {
virReportOOMError();
return -1;
}
if (xmlNodeDump(xmlbuf, def->metadata->doc, def->metadata,
virBufferGetIndent(buf) / 2, 1) < 0) {
xmlIndentTreeOutput = oldIndentTreeOutput;
return -1;
}
virBufferAsprintf(buf, "%s\n", (char *) xmlBufferContent(xmlbuf));
xmlIndentTreeOutput = oldIndentTreeOutput;
}
if (def->forward.type != VIR_NETWORK_FORWARD_NONE) {
const char *dev = NULL;
const char *mode = virNetworkForwardTypeToString(def->forward.type);
if (!def->forward.npfs)
dev = virNetworkDefForwardIf(def, 0);
if (!mode) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Unknown forward type %d in network '%s'"),
def->forward.type, def->name);
return -1;
}
virBufferAddLit(buf, "forward.type == VIR_NETWORK_FORWARD_HOSTDEV) {
if (def->forward.managed)
virBufferAddLit(buf, " managed='yes'");
else
virBufferAddLit(buf, " managed='no'");
}
shortforward = !(def->forward.nifs || def->forward.npfs
|| VIR_SOCKET_ADDR_VALID(&def->forward.addr.start)
|| VIR_SOCKET_ADDR_VALID(&def->forward.addr.end)
|| def->forward.port.start
|| def->forward.port.end
|| (def->forward.driverName
!= VIR_NETWORK_FORWARD_DRIVER_NAME_DEFAULT)
|| def->forward.natIPv6);
virBufferAsprintf(buf, "%s>\n", shortforward ? "/" : "");
virBufferAdjustIndent(buf, 2);
if (def->forward.driverName
!= VIR_NETWORK_FORWARD_DRIVER_NAME_DEFAULT) {
const char *driverName
= virNetworkForwardDriverNameTypeToString(def->forward.driverName);
if (!driverName) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("unexpected hostdev driver name type %d "),
def->forward.driverName);
return -1;
}
virBufferAsprintf(buf, "\n", driverName);
}
if (def->forward.type == VIR_NETWORK_FORWARD_NAT) {
if (virNetworkForwardNatDefFormat(buf, &def->forward) < 0)
return -1;
}
/* For now, hard-coded to at most 1 forward.pfs */
if (def->forward.npfs)
virBufferEscapeString(buf, "\n",
def->forward.pfs[0].dev);
if (def->forward.nifs &&
(!def->forward.npfs || !(flags & VIR_NETWORK_XML_INACTIVE))) {
for (i = 0; i < def->forward.nifs; i++) {
if (def->forward.ifs[i].type == VIR_NETWORK_FORWARD_HOSTDEV_DEVICE_NETDEV) {
virBufferEscapeString(buf, "forward.ifs[i].device.dev);
if (!(flags & VIR_NETWORK_XML_INACTIVE) &&
(def->forward.ifs[i].connections > 0)) {
virBufferAsprintf(buf, " connections='%d'",
def->forward.ifs[i].connections);
}
virBufferAddLit(buf, "/>\n");
} else {
if (def->forward.ifs[i].type == VIR_NETWORK_FORWARD_HOSTDEV_DEVICE_PCI) {
virPCIDeviceAddressFormat(buf,
def->forward.ifs[i].device.pci,
true);
}
}
}
}
virBufferAdjustIndent(buf, -2);
if (!shortforward)
virBufferAddLit(buf, "\n");
}
switch ((virNetworkForwardType) def->forward.type) {
case VIR_NETWORK_FORWARD_NONE:
case VIR_NETWORK_FORWARD_NAT:
case VIR_NETWORK_FORWARD_ROUTE:
case VIR_NETWORK_FORWARD_OPEN:
hasbridge = true;
break;
case VIR_NETWORK_FORWARD_BRIDGE:
case VIR_NETWORK_FORWARD_PRIVATE:
case VIR_NETWORK_FORWARD_VEPA:
case VIR_NETWORK_FORWARD_PASSTHROUGH:
case VIR_NETWORK_FORWARD_HOSTDEV:
break;
case VIR_NETWORK_FORWARD_LAST:
default:
virReportEnumRangeError(virNetworkForwardType, def->forward.type);
return -1;
}
if (hasbridge || def->bridge || def->macTableManager) {
virBufferAddLit(buf, "bridge);
virBufferEscapeString(buf, " zone='%s'", def->bridgeZone);
if (hasbridge)
virBufferAsprintf(buf, " stp='%s' delay='%ld'",
def->stp ? "on" : "off", def->delay);
if (def->macTableManager) {
virBufferAsprintf(buf, " macTableManager='%s'",
virNetworkBridgeMACTableManagerTypeToString(def->macTableManager));
}
virBufferAddLit(buf, "/>\n");
}
if (def->mtu)
virBufferAsprintf(buf, "\n", def->mtu);
if (def->mac_specified) {
char macaddr[VIR_MAC_STRING_BUFLEN];
virMacAddrFormat(&def->mac, macaddr);
virBufferAsprintf(buf, "\n", macaddr);
}
if (def->domain) {
virBufferAsprintf(buf, "domain);
/* default to "no", but don't format it in the XML */
if (def->domainLocalOnly) {
const char *local = virTristateBoolTypeToString(def->domainLocalOnly);
if (!local) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Unknown localOnly type %d in network"),
def->domainLocalOnly);
return -1;
}
virBufferAsprintf(buf, " localOnly='%s'", local);
}
virBufferAddLit(buf, "/>\n");
}
if (virNetworkDNSDefFormat(buf, &def->dns) < 0)
return -1;
if (virNetDevVlanFormat(&def->vlan, buf) < 0)
return -1;
if (virNetDevBandwidthFormat(def->bandwidth, 0, buf) < 0)
return -1;
virNetworkPortOptionsFormat(def->isolatedPort, buf);
for (i = 0; i < def->nips; i++) {
if (virNetworkIPDefFormat(buf, &def->ips[i]) < 0)
return -1;
}
for (i = 0; i < def->nroutes; i++) {
if (virNetDevIPRouteFormat(buf, def->routes[i]) < 0)
return -1;
}
if (virNetDevVPortProfileFormat(def->virtPortProfile, buf) < 0)
return -1;
for (i = 0; i < def->nPortGroups; i++)
if (virPortGroupDefFormat(buf, &def->portGroups[i]) < 0)
return -1;
if (def->namespaceData && def->ns.format) {
if ((def->ns.format)(buf, def->namespaceData) < 0)
return -1;
}
virBufferAdjustIndent(buf, -2);
virBufferAddLit(buf, "\n");
return 0;
}
char *
virNetworkDefFormat(const virNetworkDef *def,
virNetworkXMLOptionPtr xmlopt,
unsigned int flags)
{
g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER;
if (virNetworkDefFormatBuf(&buf, def, xmlopt, flags) < 0)
return NULL;
return virBufferContentAndReset(&buf);
}
const char *
virNetworkDefForwardIf(const virNetworkDef *def,
size_t n)
{
return ((def->forward.ifs && (def->forward.nifs > n) &&
def->forward.ifs[n].type == VIR_NETWORK_FORWARD_HOSTDEV_DEVICE_NETDEV)
? def->forward.ifs[n].device.dev : NULL);
}
virPortGroupDefPtr
virPortGroupFindByName(virNetworkDefPtr net,
const char *portgroup)
{
size_t i;
for (i = 0; i < net->nPortGroups; i++) {
if (portgroup) {
if (STREQ(portgroup, net->portGroups[i].name))
return &net->portGroups[i];
} else {
if (net->portGroups[i].isDefault)
return &net->portGroups[i];
}
}
return NULL;
}
int
virNetworkSaveXML(const char *configDir,
virNetworkDefPtr def,
const char *xml)
{
char uuidstr[VIR_UUID_STRING_BUFLEN];
g_autofree char *configFile = NULL;
if ((configFile = virNetworkConfigFile(configDir, def->name)) == NULL)
return -1;
if (virFileMakePath(configDir) < 0) {
virReportSystemError(errno,
_("cannot create config directory '%s'"),
configDir);
return -1;
}
virUUIDFormat(def->uuid, uuidstr);
return virXMLSaveFile(configFile,
virXMLPickShellSafeComment(def->name, uuidstr),
"net-edit", xml);
}
int
virNetworkSaveConfig(const char *configDir,
virNetworkDefPtr def,
virNetworkXMLOptionPtr xmlopt)
{
g_autofree char *xml = NULL;
if (!(xml = virNetworkDefFormat(def, xmlopt, VIR_NETWORK_XML_INACTIVE)))
return -1;
if (virNetworkSaveXML(configDir, def, xml))
return -1;
return 0;
}
char *
virNetworkConfigFile(const char *dir,
const char *name)
{
return g_strdup_printf("%s/%s.xml", dir, name);
}
void
virNetworkSetBridgeMacAddr(virNetworkDefPtr def)
{
if (!def->mac_specified) {
/* if the bridge doesn't have a mac address explicitly defined,
* autogenerate a random one.
*/
virMacAddrGenerate((unsigned char[]){ 0x52, 0x54, 0 },
&def->mac);
def->mac_specified = true;
}
}
/* NetworkObj backend of the virNetworkUpdate API */
static void
virNetworkDefUpdateNoSupport(virNetworkDefPtr def, const char *section)
{
virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
_("can't update '%s' section of network '%s'"),
section, def->name);
}
static void
virNetworkDefUpdateUnknownCommand(unsigned int command)
{
virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
_("unrecognized network update command code %d"), command);
}
static int
virNetworkDefUpdateCheckElementName(virNetworkDefPtr def,
xmlNodePtr node,
const char *section)
{
if (!virXMLNodeNameEqual(node, section)) {
virReportError(VIR_ERR_XML_ERROR,
_("unexpected element <%s>, expecting <%s>, "
"while updating network '%s'"),
node->name, section, def->name);
return -1;
}
return 0;
}
static int
virNetworkDefUpdateBridge(virNetworkDefPtr def,
unsigned int command G_GNUC_UNUSED,
int parentIndex G_GNUC_UNUSED,
xmlXPathContextPtr ctxt G_GNUC_UNUSED,
/* virNetworkUpdateFlags */
unsigned int fflags G_GNUC_UNUSED)
{
virNetworkDefUpdateNoSupport(def, "bridge");
return -1;
}
static int
virNetworkDefUpdateDomain(virNetworkDefPtr def,
unsigned int command G_GNUC_UNUSED,
int parentIndex G_GNUC_UNUSED,
xmlXPathContextPtr ctxt G_GNUC_UNUSED,
/* virNetworkUpdateFlags */
unsigned int fflags G_GNUC_UNUSED)
{
virNetworkDefUpdateNoSupport(def, "domain");
return -1;
}
static int
virNetworkDefUpdateIP(virNetworkDefPtr def,
unsigned int command G_GNUC_UNUSED,
int parentIndex G_GNUC_UNUSED,
xmlXPathContextPtr ctxt G_GNUC_UNUSED,
/* virNetworkUpdateFlags */
unsigned int fflags G_GNUC_UNUSED)
{
virNetworkDefUpdateNoSupport(def, "ip");
return -1;
}
static virNetworkIPDefPtr
virNetworkIPDefByIndex(virNetworkDefPtr def, int parentIndex)
{
virNetworkIPDefPtr ipdef = NULL;
size_t i;
/* first find which ip element's dhcp host list to work on */
if (parentIndex >= 0) {
ipdef = virNetworkDefGetIPByIndex(def, AF_UNSPEC, parentIndex);
if (!(ipdef)) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("couldn't update dhcp host entry - no "
"element found at index %d in network '%s'"),
parentIndex, def->name);
}
return ipdef;
}
/* -1 means "find the most appropriate", which in this case
* means the one and only that has element
*/
for (i = 0;
(ipdef = virNetworkDefGetIPByIndex(def, AF_UNSPEC, i));
i++) {
if (ipdef->nranges || ipdef->nhosts)
break;
}
if (!ipdef) {
ipdef = virNetworkDefGetIPByIndex(def, AF_INET, 0);
if (!ipdef)
ipdef = virNetworkDefGetIPByIndex(def, AF_INET6, 0);
}
if (!ipdef) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("couldn't update dhcp host entry - no "
"element found in network '%s'"), def->name);
}
return ipdef;
}
static int
virNetworkDefUpdateCheckMultiDHCP(virNetworkDefPtr def,
virNetworkIPDefPtr ipdef)
{
int family = VIR_SOCKET_ADDR_FAMILY(&ipdef->address);
size_t i;
virNetworkIPDefPtr ip;
for (i = 0; (ip = virNetworkDefGetIPByIndex(def, family, i)); i++) {
if (ip != ipdef) {
if (ip->nranges || ip->nhosts) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("dhcp is supported only for a "
"single %s address on each network"),
(family == AF_INET) ? "IPv4" : "IPv6");
return -1;
}
}
}
return 0;
}
static int
virNetworkDefUpdateIPDHCPHost(virNetworkDefPtr def,
unsigned int command,
int parentIndex,
xmlXPathContextPtr ctxt,
/* virNetworkUpdateFlags */
unsigned int fflags G_GNUC_UNUSED)
{
size_t i;
int ret = -1;
virNetworkIPDefPtr ipdef = virNetworkIPDefByIndex(def, parentIndex);
virNetworkDHCPHostDef host;
bool partialOkay = (command == VIR_NETWORK_UPDATE_COMMAND_DELETE);
memset(&host, 0, sizeof(host));
if (virNetworkDefUpdateCheckElementName(def, ctxt->node, "host") < 0)
goto cleanup;
/* ipdef is the ip element that needs its host array updated */
if (!ipdef)
goto cleanup;
if (virNetworkDHCPHostDefParseXML(def->name, ipdef, ctxt->node,
&host, partialOkay) < 0)
goto cleanup;
if (!partialOkay &&
VIR_SOCKET_ADDR_FAMILY(&ipdef->address)
!= VIR_SOCKET_ADDR_FAMILY(&host.ip)) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
_("the address family of a host entry IP must match "
"the address family of the dhcp element's parent"));
goto cleanup;
}
if (command == VIR_NETWORK_UPDATE_COMMAND_MODIFY) {
/* search for the entry with this (ip|mac|name),
* and update the IP+(mac|name) */
for (i = 0; i < ipdef->nhosts; i++) {
if ((host.mac && ipdef->hosts[i].mac &&
!virMacAddrCompare(host.mac, ipdef->hosts[i].mac)) ||
(VIR_SOCKET_ADDR_VALID(&host.ip) &&
virSocketAddrEqual(&host.ip, &ipdef->hosts[i].ip)) ||
(host.name &&
STREQ_NULLABLE(host.name, ipdef->hosts[i].name))) {
break;
}
}
if (i == ipdef->nhosts) {
g_autofree char *ip = virSocketAddrFormat(&host.ip);
virReportError(VIR_ERR_OPERATION_INVALID,
_("couldn't locate an existing dhcp host entry with "
"\"mac='%s'\" \"name='%s'\" \"ip='%s'\" in"
" network '%s'"),
host.mac ? host.mac : _("unknown"), host.name,
ip ? ip : _("unknown"), def->name);
goto cleanup;
}
/* clear the existing hosts entry, move the new one in its place,
* then clear out the extra copy to get rid of the duplicate pointers
* to its data (mac and name strings).
*/
virNetworkDHCPHostDefClear(&ipdef->hosts[i]);
ipdef->hosts[i] = host;
memset(&host, 0, sizeof(host));
} else if ((command == VIR_NETWORK_UPDATE_COMMAND_ADD_FIRST) ||
(command == VIR_NETWORK_UPDATE_COMMAND_ADD_LAST)) {
if (virNetworkDefUpdateCheckMultiDHCP(def, ipdef) < 0)
goto cleanup;
/* log error if an entry with same name/address/ip already exists */
for (i = 0; i < ipdef->nhosts; i++) {
if ((host.mac && ipdef->hosts[i].mac &&
!virMacAddrCompare(host.mac, ipdef->hosts[i].mac)) ||
(host.name &&
STREQ_NULLABLE(host.name, ipdef->hosts[i].name)) ||
(VIR_SOCKET_ADDR_VALID(&host.ip) &&
virSocketAddrEqual(&host.ip, &ipdef->hosts[i].ip))) {
g_autofree char *ip = virSocketAddrFormat(&host.ip);
virReportError(VIR_ERR_OPERATION_INVALID,
_("there is an existing dhcp host entry in "
"network '%s' that matches "
"\"\""),
def->name, host.mac ? host.mac : _("unknown"),
host.name, ip ? ip : _("unknown"));
goto cleanup;
}
}
/* add to beginning/end of list */
if (VIR_INSERT_ELEMENT(ipdef->hosts,
command == VIR_NETWORK_UPDATE_COMMAND_ADD_FIRST
? 0 : ipdef->nhosts,
ipdef->nhosts, host) < 0)
goto cleanup;
} else if (command == VIR_NETWORK_UPDATE_COMMAND_DELETE) {
/* find matching entry - all specified attributes must match */
for (i = 0; i < ipdef->nhosts; i++) {
if ((!host.mac || !ipdef->hosts[i].mac ||
!virMacAddrCompare(host.mac, ipdef->hosts[i].mac)) &&
(!host.name ||
STREQ_NULLABLE(host.name, ipdef->hosts[i].name)) &&
(!VIR_SOCKET_ADDR_VALID(&host.ip) ||
virSocketAddrEqual(&host.ip, &ipdef->hosts[i].ip))) {
break;
}
}
if (i == ipdef->nhosts) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("couldn't locate a matching dhcp host entry "
"in network '%s'"), def->name);
goto cleanup;
}
/* remove it */
virNetworkDHCPHostDefClear(&ipdef->hosts[i]);
VIR_DELETE_ELEMENT(ipdef->hosts, i, ipdef->nhosts);
} else {
virNetworkDefUpdateUnknownCommand(command);
goto cleanup;
}
ret = 0;
cleanup:
virNetworkDHCPHostDefClear(&host);
return ret;
}
static int
virNetworkDefUpdateIPDHCPRange(virNetworkDefPtr def,
unsigned int command,
int parentIndex,
xmlXPathContextPtr ctxt,
/* virNetworkUpdateFlags */
unsigned int fflags G_GNUC_UNUSED)
{
size_t i;
virNetworkIPDefPtr ipdef = virNetworkIPDefByIndex(def, parentIndex);
virNetworkDHCPRangeDef range;
memset(&range, 0, sizeof(range));
if (virNetworkDefUpdateCheckElementName(def, ctxt->node, "range") < 0)
return -1;
/* ipdef is the ip element that needs its range array updated */
if (!ipdef)
return -1;
/* parse the xml into a virSocketAddrRange */
if (command == VIR_NETWORK_UPDATE_COMMAND_MODIFY) {
virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
_("dhcp ranges cannot be modified, "
"only added or deleted"));
return -1;
}
if (virNetworkDHCPRangeDefParseXML(def->name, ipdef, ctxt->node, &range) < 0)
return -1;
if (VIR_SOCKET_ADDR_FAMILY(&ipdef->address)
!= VIR_SOCKET_ADDR_FAMILY(&range.addr.start)) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
_("the address family of a dhcp range must match "
"the address family of the dhcp element's parent"));
return -1;
}
/* check if an entry with same name/address/ip already exists */
for (i = 0; i < ipdef->nranges; i++) {
virSocketAddrRange addr = ipdef->ranges[i].addr;
if (virSocketAddrEqual(&range.addr.start, &addr.start) &&
virSocketAddrEqual(&range.addr.end, &addr.end)) {
break;
}
}
if ((command == VIR_NETWORK_UPDATE_COMMAND_ADD_FIRST) ||
(command == VIR_NETWORK_UPDATE_COMMAND_ADD_LAST)) {
if (virNetworkDefUpdateCheckMultiDHCP(def, ipdef) < 0)
return -1;
if (i < ipdef->nranges) {
g_autofree char *startip = virSocketAddrFormat(&range.addr.start);
g_autofree char *endip = virSocketAddrFormat(&range.addr.end);
virReportError(VIR_ERR_OPERATION_INVALID,
_("there is an existing dhcp range entry in "
"network '%s' that matches "
"\"\""),
def->name,
startip ? startip : "unknown",
endip ? endip : "unknown");
return -1;
}
/* add to beginning/end of list */
if (VIR_INSERT_ELEMENT(ipdef->ranges,
command == VIR_NETWORK_UPDATE_COMMAND_ADD_FIRST
? 0 : ipdef->nranges,
ipdef->nranges, range) < 0)
return -1;
} else if (command == VIR_NETWORK_UPDATE_COMMAND_DELETE) {
if (i == ipdef->nranges) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("couldn't locate a matching dhcp range entry "
"in network '%s'"), def->name);
return -1;
}
/* remove it */
/* NB: nothing to clear from a RangeDef that's being freed */
VIR_DELETE_ELEMENT(ipdef->ranges, i, ipdef->nranges);
} else {
virNetworkDefUpdateUnknownCommand(command);
return -1;
}
return 0;
}
static int
virNetworkDefUpdateForward(virNetworkDefPtr def,
unsigned int command G_GNUC_UNUSED,
int parentIndex G_GNUC_UNUSED,
xmlXPathContextPtr ctxt G_GNUC_UNUSED,
/* virNetworkUpdateFlags */
unsigned int fflags G_GNUC_UNUSED)
{
virNetworkDefUpdateNoSupport(def, "forward");
return -1;
}
static int
virNetworkDefUpdateForwardInterface(virNetworkDefPtr def,
unsigned int command,
int parentIndex G_GNUC_UNUSED,
xmlXPathContextPtr ctxt,
/* virNetworkUpdateFlags */
unsigned int fflags G_GNUC_UNUSED)
{
size_t i;
int ret = -1;
virNetworkForwardIfDef iface;
memset(&iface, 0, sizeof(iface));
if (virNetworkDefUpdateCheckElementName(def, ctxt->node, "interface") < 0)
goto cleanup;
if (command == VIR_NETWORK_UPDATE_COMMAND_MODIFY) {
virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
_("forward interface entries cannot be modified, "
"only added or deleted"));
goto cleanup;
}
/* parsing this is so simple that it doesn't have its own function */
iface.type = VIR_NETWORK_FORWARD_HOSTDEV_DEVICE_NETDEV;
if (!(iface.device.dev = virXMLPropString(ctxt->node, "dev"))) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("missing dev attribute in element"));
goto cleanup;
}
/* check if an with same dev name already exists */
for (i = 0; i < def->forward.nifs; i++) {
if (def->forward.ifs[i].type
== VIR_NETWORK_FORWARD_HOSTDEV_DEVICE_NETDEV &&
STREQ(iface.device.dev, def->forward.ifs[i].device.dev))
break;
}
if ((command == VIR_NETWORK_UPDATE_COMMAND_ADD_FIRST) ||
(command == VIR_NETWORK_UPDATE_COMMAND_ADD_LAST)) {
if (i < def->forward.nifs) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("there is an existing interface entry "
"in network '%s' that matches "
"\"\""),
def->name, iface.device.dev);
goto cleanup;
}
/* add to beginning/end of list */
if (VIR_INSERT_ELEMENT(def->forward.ifs,
command == VIR_NETWORK_UPDATE_COMMAND_ADD_FIRST
? 0 : def->forward.nifs,
def->forward.nifs, iface) < 0)
goto cleanup;
} else if (command == VIR_NETWORK_UPDATE_COMMAND_DELETE) {
if (i == def->forward.nifs) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("couldn't find an interface entry "
"in network '%s' matching "),
def->name, iface.device.dev);
goto cleanup;
}
/* fail if the interface is being used */
if (def->forward.ifs[i].connections > 0) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("unable to delete interface '%s' "
"in network '%s'. It is currently being used "
" by %d domains."),
iface.device.dev, def->name,
def->forward.ifs[i].connections);
goto cleanup;
}
/* remove it */
virNetworkForwardIfDefClear(&def->forward.ifs[i]);
VIR_DELETE_ELEMENT(def->forward.ifs, i, def->forward.nifs);
} else {
virNetworkDefUpdateUnknownCommand(command);
goto cleanup;
}
ret = 0;
cleanup:
virNetworkForwardIfDefClear(&iface);
return ret;
}
static int
virNetworkDefUpdateForwardPF(virNetworkDefPtr def,
unsigned int command G_GNUC_UNUSED,
int parentIndex G_GNUC_UNUSED,
xmlXPathContextPtr ctxt G_GNUC_UNUSED,
/* virNetworkUpdateFlags */
unsigned int fflags G_GNUC_UNUSED)
{
virNetworkDefUpdateNoSupport(def, "forward pf");
return -1;
}
static int
virNetworkDefUpdatePortGroup(virNetworkDefPtr def,
unsigned int command,
int parentIndex G_GNUC_UNUSED,
xmlXPathContextPtr ctxt,
/* virNetworkUpdateFlags */
unsigned int fflags G_GNUC_UNUSED)
{
size_t i;
int foundName = -1, foundDefault = -1;
int ret = -1;
virPortGroupDef portgroup;
memset(&portgroup, 0, sizeof(portgroup));
if (virNetworkDefUpdateCheckElementName(def, ctxt->node, "portgroup") < 0)
goto cleanup;
if (virNetworkPortGroupParseXML(&portgroup, ctxt->node, ctxt) < 0)
goto cleanup;
/* check if a portgroup with same name already exists */
for (i = 0; i < def->nPortGroups; i++) {
if (STREQ(portgroup.name, def->portGroups[i].name))
foundName = i;
if (def->portGroups[i].isDefault)
foundDefault = i;
}
if (foundName == -1 &&
((command == VIR_NETWORK_UPDATE_COMMAND_MODIFY) ||
(command == VIR_NETWORK_UPDATE_COMMAND_DELETE))) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("couldn't find a portgroup entry "
"in network '%s' matching "),
def->name, portgroup.name);
goto cleanup;
} else if (foundName >= 0 &&
((command == VIR_NETWORK_UPDATE_COMMAND_ADD_FIRST) ||
(command == VIR_NETWORK_UPDATE_COMMAND_ADD_LAST))) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("there is an existing portgroup entry in "
"network '%s' that matches "
"\"\""),
def->name, portgroup.name);
goto cleanup;
}
/* if there is already a different default, we can't make this
* one the default.
*/
if (command != VIR_NETWORK_UPDATE_COMMAND_DELETE &&
portgroup.isDefault &&
foundDefault >= 0 && foundDefault != foundName) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("a different portgroup entry in "
"network '%s' is already set as the default. "
"Only one default is allowed."),
def->name);
goto cleanup;
}
if (command == VIR_NETWORK_UPDATE_COMMAND_MODIFY) {
/* replace existing entry */
virPortGroupDefClear(&def->portGroups[foundName]);
def->portGroups[foundName] = portgroup;
memset(&portgroup, 0, sizeof(portgroup));
} else if ((command == VIR_NETWORK_UPDATE_COMMAND_ADD_FIRST) ||
(command == VIR_NETWORK_UPDATE_COMMAND_ADD_LAST)) {
/* add to beginning/end of list */
if (VIR_INSERT_ELEMENT(def->portGroups,
command == VIR_NETWORK_UPDATE_COMMAND_ADD_FIRST
? 0 : def->nPortGroups,
def->nPortGroups, portgroup) < 0)
goto cleanup;
} else if (command == VIR_NETWORK_UPDATE_COMMAND_DELETE) {
/* remove it */
virPortGroupDefClear(&def->portGroups[foundName]);
VIR_DELETE_ELEMENT(def->portGroups, foundName, def->nPortGroups);
} else {
virNetworkDefUpdateUnknownCommand(command);
goto cleanup;
}
ret = 0;
cleanup:
virPortGroupDefClear(&portgroup);
return ret;
}
static int
virNetworkDefUpdateDNSHost(virNetworkDefPtr def,
unsigned int command G_GNUC_UNUSED,
int parentIndex G_GNUC_UNUSED,
xmlXPathContextPtr ctxt G_GNUC_UNUSED,
/* virNetworkUpdateFlags */
unsigned int fflags G_GNUC_UNUSED)
{
size_t i, j, k;
int foundIdx = -1, ret = -1;
virNetworkDNSDefPtr dns = &def->dns;
virNetworkDNSHostDef host;
bool isAdd = (command == VIR_NETWORK_UPDATE_COMMAND_ADD_FIRST ||
command == VIR_NETWORK_UPDATE_COMMAND_ADD_LAST);
int foundCt = 0;
memset(&host, 0, sizeof(host));
if (command == VIR_NETWORK_UPDATE_COMMAND_MODIFY) {
virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
_("DNS HOST records cannot be modified, "
"only added or deleted"));
goto cleanup;
}
if (virNetworkDefUpdateCheckElementName(def, ctxt->node, "host") < 0)
goto cleanup;
if (virNetworkDNSHostDefParseXML(def->name, ctxt->node, &host, !isAdd) < 0)
goto cleanup;
for (i = 0; i < dns->nhosts; i++) {
bool foundThisTime = false;
if (virSocketAddrEqual(&host.ip, &dns->hosts[i].ip))
foundThisTime = true;
for (j = 0; j < host.nnames && !foundThisTime; j++) {
for (k = 0; k < dns->hosts[i].nnames && !foundThisTime; k++) {
if (STREQ(host.names[j], dns->hosts[i].names[k]))
foundThisTime = true;
}
}
if (foundThisTime) {
foundCt++;
foundIdx = i;
}
}
if (isAdd) {
if (foundCt > 0) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("there is already at least one DNS HOST "
"record with a matching field in network %s"),
def->name);
goto cleanup;
}
/* add to beginning/end of list */
if (VIR_INSERT_ELEMENT(dns->hosts,
command == VIR_NETWORK_UPDATE_COMMAND_ADD_FIRST
? 0 : dns->nhosts, dns->nhosts, host) < 0)
goto cleanup;
} else if (command == VIR_NETWORK_UPDATE_COMMAND_DELETE) {
if (foundCt == 0) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("couldn't locate a matching DNS HOST "
"record in network %s"), def->name);
goto cleanup;
}
if (foundCt > 1) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("multiple matching DNS HOST records were "
"found in network %s"), def->name);
goto cleanup;
}
/* remove it */
virNetworkDNSHostDefClear(&dns->hosts[foundIdx]);
VIR_DELETE_ELEMENT(dns->hosts, foundIdx, dns->nhosts);
} else {
virNetworkDefUpdateUnknownCommand(command);
goto cleanup;
}
ret = 0;
cleanup:
virNetworkDNSHostDefClear(&host);
return ret;
}
static int
virNetworkDefUpdateDNSSrv(virNetworkDefPtr def,
unsigned int command G_GNUC_UNUSED,
int parentIndex G_GNUC_UNUSED,
xmlXPathContextPtr ctxt G_GNUC_UNUSED,
/* virNetworkUpdateFlags */
unsigned int fflags G_GNUC_UNUSED)
{
size_t i;
int foundIdx = -1, ret = -1;
virNetworkDNSDefPtr dns = &def->dns;
virNetworkDNSSrvDef srv;
bool isAdd = (command == VIR_NETWORK_UPDATE_COMMAND_ADD_FIRST ||
command == VIR_NETWORK_UPDATE_COMMAND_ADD_LAST);
int foundCt = 0;
memset(&srv, 0, sizeof(srv));
if (command == VIR_NETWORK_UPDATE_COMMAND_MODIFY) {
virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
_("DNS SRV records cannot be modified, "
"only added or deleted"));
goto cleanup;
}
if (virNetworkDefUpdateCheckElementName(def, ctxt->node, "srv") < 0)
goto cleanup;
if (virNetworkDNSSrvDefParseXML(def->name, ctxt->node, ctxt, &srv, !isAdd) < 0)
goto cleanup;
for (i = 0; i < dns->nsrvs; i++) {
if ((!srv.domain || STREQ_NULLABLE(srv.domain, dns->srvs[i].domain)) &&
(!srv.service || STREQ_NULLABLE(srv.service, dns->srvs[i].service)) &&
(!srv.protocol || STREQ_NULLABLE(srv.protocol, dns->srvs[i].protocol)) &&
(!srv.target || STREQ_NULLABLE(srv.target, dns->srvs[i].target))) {
foundCt++;
foundIdx = i;
}
}
if (isAdd) {
if (foundCt > 0) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("there is already at least one DNS SRV "
"record matching all specified fields in network %s"),
def->name);
goto cleanup;
}
/* add to beginning/end of list */
if (VIR_INSERT_ELEMENT(dns->srvs,
command == VIR_NETWORK_UPDATE_COMMAND_ADD_FIRST
? 0 : dns->nsrvs, dns->nsrvs, srv) < 0)
goto cleanup;
} else if (command == VIR_NETWORK_UPDATE_COMMAND_DELETE) {
if (foundCt == 0) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("couldn't locate a matching DNS SRV "
"record in network %s"), def->name);
goto cleanup;
}
if (foundCt > 1) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("multiple DNS SRV records matching all specified "
"fields were found in network %s"), def->name);
goto cleanup;
}
/* remove it */
virNetworkDNSSrvDefClear(&dns->srvs[foundIdx]);
VIR_DELETE_ELEMENT(dns->srvs, foundIdx, dns->nsrvs);
} else {
virNetworkDefUpdateUnknownCommand(command);
goto cleanup;
}
ret = 0;
cleanup:
virNetworkDNSSrvDefClear(&srv);
return ret;
}
static int
virNetworkDefUpdateDNSTxt(virNetworkDefPtr def,
unsigned int command G_GNUC_UNUSED,
int parentIndex G_GNUC_UNUSED,
xmlXPathContextPtr ctxt G_GNUC_UNUSED,
/* virNetworkUpdateFlags */
unsigned int fflags G_GNUC_UNUSED)
{
int foundIdx, ret = -1;
virNetworkDNSDefPtr dns = &def->dns;
virNetworkDNSTxtDef txt;
bool isAdd = (command == VIR_NETWORK_UPDATE_COMMAND_ADD_FIRST ||
command == VIR_NETWORK_UPDATE_COMMAND_ADD_LAST);
memset(&txt, 0, sizeof(txt));
if (command == VIR_NETWORK_UPDATE_COMMAND_MODIFY) {
virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
_("DNS TXT records cannot be modified, "
"only added or deleted"));
goto cleanup;
}
if (virNetworkDefUpdateCheckElementName(def, ctxt->node, "txt") < 0)
goto cleanup;
if (virNetworkDNSTxtDefParseXML(def->name, ctxt->node, &txt, !isAdd) < 0)
goto cleanup;
for (foundIdx = 0; foundIdx < dns->ntxts; foundIdx++) {
if (STREQ(txt.name, dns->txts[foundIdx].name))
break;
}
if (isAdd) {
if (foundIdx < dns->ntxts) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("there is already a DNS TXT record "
"with name '%s' in network %s"),
txt.name, def->name);
goto cleanup;
}
/* add to beginning/end of list */
if (VIR_INSERT_ELEMENT(dns->txts,
command == VIR_NETWORK_UPDATE_COMMAND_ADD_FIRST
? 0 : dns->ntxts, dns->ntxts, txt) < 0)
goto cleanup;
} else if (command == VIR_NETWORK_UPDATE_COMMAND_DELETE) {
if (foundIdx == dns->ntxts) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("couldn't locate a matching DNS TXT "
"record in network %s"), def->name);
goto cleanup;
}
/* remove it */
virNetworkDNSTxtDefClear(&dns->txts[foundIdx]);
VIR_DELETE_ELEMENT(dns->txts, foundIdx, dns->ntxts);
} else {
virNetworkDefUpdateUnknownCommand(command);
goto cleanup;
}
ret = 0;
cleanup:
virNetworkDNSTxtDefClear(&txt);
return ret;
}
int
virNetworkDefUpdateSection(virNetworkDefPtr def,
unsigned int command, /* virNetworkUpdateCommand */
unsigned int section, /* virNetworkUpdateSection */
int parentIndex,
const char *xml,
unsigned int flags) /* virNetworkUpdateFlags */
{
g_autoptr(xmlDoc) doc = NULL;
g_autoptr(xmlXPathContext) ctxt = NULL;
if (!(doc = virXMLParseStringCtxt(xml, _("network_update_xml"), &ctxt)))
return -1;
switch (section) {
case VIR_NETWORK_SECTION_BRIDGE:
return virNetworkDefUpdateBridge(def, command, parentIndex, ctxt, flags);
case VIR_NETWORK_SECTION_DOMAIN:
return virNetworkDefUpdateDomain(def, command, parentIndex, ctxt, flags);
case VIR_NETWORK_SECTION_IP:
return virNetworkDefUpdateIP(def, command, parentIndex, ctxt, flags);
case VIR_NETWORK_SECTION_IP_DHCP_HOST:
return virNetworkDefUpdateIPDHCPHost(def, command,
parentIndex, ctxt, flags);
case VIR_NETWORK_SECTION_IP_DHCP_RANGE:
return virNetworkDefUpdateIPDHCPRange(def, command,
parentIndex, ctxt, flags);
case VIR_NETWORK_SECTION_FORWARD:
return virNetworkDefUpdateForward(def, command,
parentIndex, ctxt, flags);
case VIR_NETWORK_SECTION_FORWARD_INTERFACE:
return virNetworkDefUpdateForwardInterface(def, command,
parentIndex, ctxt, flags);
case VIR_NETWORK_SECTION_FORWARD_PF:
return virNetworkDefUpdateForwardPF(def, command,
parentIndex, ctxt, flags);
case VIR_NETWORK_SECTION_PORTGROUP:
return virNetworkDefUpdatePortGroup(def, command,
parentIndex, ctxt, flags);
case VIR_NETWORK_SECTION_DNS_HOST:
return virNetworkDefUpdateDNSHost(def, command,
parentIndex, ctxt, flags);
case VIR_NETWORK_SECTION_DNS_TXT:
return virNetworkDefUpdateDNSTxt(def, command, parentIndex, ctxt, flags);
case VIR_NETWORK_SECTION_DNS_SRV:
return virNetworkDefUpdateDNSSrv(def, command, parentIndex, ctxt, flags);
default:
virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
_("can't update unrecognized section of network"));
break;
}
return -1;
}