/*
* secret_util.c: secret related utility functions
*
* Copyright (C) 2016 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library. If not, see
* .
*
*/
#include
#include "secret_util.h"
#include "viralloc.h"
#include "virerror.h"
#include "virlog.h"
#include "virobject.h"
#include "viruuid.h"
#include "base64.h"
#include "datatypes.h"
#define VIR_FROM_THIS VIR_FROM_SECRET
VIR_LOG_INIT("secret.secret_util");
/* virSecretGetSecretString:
* @conn: Pointer to the connection driver to make secret driver call
* @scheme: Unique enough string for error message to help determine cause
* @encoded: Whether the returned secret needs to be base64 encoded
* @authdef: Pointer to the disk storage authentication
* @secretUsageType: Type of secret usage for authdef lookup
*
* Lookup the secret for the authdef usage type and return it either as
* raw text or encoded based on the caller's need.
*
* Returns a pointer to memory that needs to be cleared and free'd after
* usage or NULL on error.
*/
char *
virSecretGetSecretString(virConnectPtr conn,
const char *scheme,
bool encoded,
virStorageAuthDefPtr authdef,
virSecretUsageType secretUsageType)
{
size_t secret_size;
virSecretPtr sec = NULL;
char *secret = NULL;
char uuidStr[VIR_UUID_STRING_BUFLEN];
/* look up secret */
switch (authdef->secretType) {
case VIR_STORAGE_SECRET_TYPE_UUID:
sec = virSecretLookupByUUID(conn, authdef->secret.uuid);
virUUIDFormat(authdef->secret.uuid, uuidStr);
break;
case VIR_STORAGE_SECRET_TYPE_USAGE:
sec = virSecretLookupByUsage(conn, secretUsageType,
authdef->secret.usage);
break;
}
if (!sec) {
if (authdef->secretType == VIR_STORAGE_SECRET_TYPE_UUID) {
virReportError(VIR_ERR_NO_SECRET,
_("%s no secret matches uuid '%s'"),
scheme, uuidStr);
} else {
virReportError(VIR_ERR_NO_SECRET,
_("%s no secret matches usage value '%s'"),
scheme, authdef->secret.usage);
}
goto cleanup;
}
secret = (char *)conn->secretDriver->secretGetValue(sec, &secret_size, 0,
VIR_SECRET_GET_VALUE_INTERNAL_CALL);
if (!secret) {
if (authdef->secretType == VIR_STORAGE_SECRET_TYPE_UUID) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("could not get value of the secret for "
"username '%s' using uuid '%s'"),
authdef->username, uuidStr);
} else {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("could not get value of the secret for "
"username '%s' using usage value '%s'"),
authdef->username, authdef->secret.usage);
}
goto cleanup;
}
if (encoded) {
char *base64 = NULL;
base64_encode_alloc(secret, secret_size, &base64);
VIR_FREE(secret);
if (!base64) {
virReportOOMError();
goto cleanup;
}
secret = base64;
}
cleanup:
virObjectUnref(sec);
return secret;
}