9:20 a.m.
Update virNetServerClientCreateIdentity and virIdentityGetSystem
to use the new typesafe APIs for setting identity attributes
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
src/rpc/virnetserverclient.c | 115 ++++++++++---------------------------------
src/util/viridentity.c | 79 ++++++++---------------------
2 files changed, 46 insertions(+), 148 deletions(-)
diff --git a/src/rpc/virnetserverclient.c b/src/rpc/virnetserverclient.c
index 3493ef5..c6ef84c 100644
--- a/src/rpc/virnetserverclient.c
+++ b/src/rpc/virnetserverclient.c
@@ -653,21 +653,14 @@ int virNetServerClientGetUNIXIdentity(virNetServerClientPtr client,
static virIdentityPtr
virNetServerClientCreateIdentity(virNetServerClientPtr client)
{
- char *processid = NULL;
- char *processtime = NULL;
char *username = NULL;
- char *userid = NULL;
char *groupname = NULL;
- char *groupid = NULL;
-#if WITH_SASL
- char *saslname = NULL;
-#endif
-#if WITH_GNUTLS
- char *x509dname = NULL;
-#endif
char *seccontext = NULL;
virIdentityPtr ret = NULL;
+ if (!(ret = virIdentityNew()))
+ goto error;
+
if (client->sock && virNetSocketIsLocal(client->sock)) {
gid_t gid;
uid_t uid;
@@ -676,116 +669,60 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
if (virNetSocketGetUNIXIdentity(client->sock,
&uid, &gid, &pid,
×tamp) < 0)
- goto cleanup;
+ goto error;
if (!(username = virGetUserName(uid)))
- goto cleanup;
- if (virAsprintf(&userid, "%d", (int)uid) < 0)
- goto cleanup;
+ goto error;
+ if (virIdentitySetUNIXUserName(ret, username) < 0)
+ goto error;
+ if (virIdentitySetUNIXUserID(ret, uid) < 0)
+ goto error;
+
if (!(groupname = virGetGroupName(gid)))
- goto cleanup;
- if (virAsprintf(&groupid, "%d", (int)gid) < 0)
- goto cleanup;
- if (virAsprintf(&processid, "%llu",
- (unsigned long long)pid) < 0)
- goto cleanup;
- if (virAsprintf(&processtime, "%llu",
- timestamp) < 0)
- goto cleanup;
+ goto error;
+ if (virIdentitySetUNIXGroupName(ret, groupname) < 0)
+ goto error;
+ if (virIdentitySetUNIXGroupID(ret, gid) < 0)
+ goto error;
+
+ if (virIdentitySetUNIXProcessID(ret, pid) < 0)
+ goto error;
+ if (virIdentitySetUNIXProcessTime(ret, timestamp) < 0)
+ goto error;
}
#if WITH_SASL
if (client->sasl) {
const char *identity = virNetSASLSessionGetIdentity(client->sasl);
- if (VIR_STRDUP(saslname, identity) < 0)
- goto cleanup;
+ if (virIdentitySetSASLUserName(ret, identity) < 0)
+ goto error;
}
#endif
#if WITH_GNUTLS
if (client->tls) {
const char *identity = virNetTLSSessionGetX509DName(client->tls);
- if (VIR_STRDUP(x509dname, identity) < 0)
- goto cleanup;
+ if (virIdentitySetX509DName(ret, identity) < 0)
+ goto error;
}
#endif
if (client->sock &&
virNetSocketGetSELinuxContext(client->sock, &seccontext) < 0)
- goto cleanup;
-
- if (!(ret = virIdentityNew()))
- goto cleanup;
-
- if (username &&
- virIdentitySetAttr(ret,
- VIR_IDENTITY_ATTR_UNIX_USER_NAME,
- username) < 0)
- goto error;
- if (userid &&
- virIdentitySetAttr(ret,
- VIR_IDENTITY_ATTR_UNIX_USER_ID,
- userid) < 0)
- goto error;
- if (groupname &&
- virIdentitySetAttr(ret,
- VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
- groupname) < 0)
- goto error;
- if (groupid &&
- virIdentitySetAttr(ret,
- VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
- groupid) < 0)
- goto error;
- if (processid &&
- virIdentitySetAttr(ret,
- VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
- processid) < 0)
- goto error;
- if (processtime &&
- virIdentitySetAttr(ret,
- VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME,
- processtime) < 0)
goto error;
-#if WITH_SASL
- if (saslname &&
- virIdentitySetAttr(ret,
- VIR_IDENTITY_ATTR_SASL_USER_NAME,
- saslname) < 0)
- goto error;
-#endif
-#if WITH_GNUTLS
- if (x509dname &&
- virIdentitySetAttr(ret,
- VIR_IDENTITY_ATTR_X509_DISTINGUISHED_NAME,
- x509dname) < 0)
- goto error;
-#endif
if (seccontext &&
- virIdentitySetAttr(ret,
- VIR_IDENTITY_ATTR_SELINUX_CONTEXT,
- seccontext) < 0)
+ virIdentitySetSELinuxContext(ret, seccontext) < 0)
goto error;
cleanup:
VIR_FREE(username);
- VIR_FREE(userid);
VIR_FREE(groupname);
- VIR_FREE(groupid);
- VIR_FREE(processid);
- VIR_FREE(processtime);
VIR_FREE(seccontext);
-#if WITH_SASL
- VIR_FREE(saslname);
-#endif
-#if WITH_GNUTLS
- VIR_FREE(x509dname);
-#endif
return ret;
error:
virObjectUnref(ret);
- ret = NULL;
+ ret = 0;
goto cleanup;
}
diff --git a/src/util/viridentity.c b/src/util/viridentity.c
index 68ccab9..6f3baee 100644
--- a/src/util/viridentity.c
+++ b/src/util/viridentity.c
@@ -135,38 +135,38 @@ int virIdentitySetCurrent(virIdentityPtr ident)
virIdentityPtr virIdentityGetSystem(void)
{
char *username = NULL;
- char *userid = NULL;
char *groupname = NULL;
- char *groupid = NULL;
- char *seccontext = NULL;
+ unsigned long long startTime;
virIdentityPtr ret = NULL;
#if WITH_SELINUX
security_context_t con;
#endif
- char *processid = NULL;
- unsigned long long timestamp;
- char *processtime = NULL;
- if (virAsprintf(&processid, "%llu",
- (unsigned long long)getpid()) < 0)
- goto cleanup;
+ if (!(ret = virIdentityNew()))
+ goto error;
- if (virProcessGetStartTime(getpid(), ×tamp) < 0)
- goto cleanup;
+ if (virIdentitySetUNIXProcessID(ret, getpid()) < 0)
+ goto error;
- if (timestamp != 0 &&
- virAsprintf(&processtime, "%llu", timestamp) < 0)
- goto cleanup;
+ if (virProcessGetStartTime(getpid(), &startTime) < 0)
+ goto error;
+ if (startTime != 0 &&
+ virIdentitySetUNIXProcessTime(ret, startTime) < 0)
+ goto error;
if (!(username = virGetUserName(geteuid())))
goto cleanup;
- if (virAsprintf(&userid, "%d", (int)geteuid()) < 0)
- goto cleanup;
+ if (virIdentitySetUNIXUserName(ret, username) < 0)
+ goto error;
+ if (virIdentitySetUNIXUserID(ret, getuid()) < 0)
+ goto error;
if (!(groupname = virGetGroupName(getegid())))
goto cleanup;
- if (virAsprintf(&groupid, "%d", (int)getegid()) < 0)
- goto cleanup;
+ if (virIdentitySetUNIXGroupName(ret, groupname) < 0)
+ goto error;
+ if (virIdentitySetUNIXGroupID(ret, getgid()) < 0)
+ goto error;
#if WITH_SELINUX
if (is_selinux_enabled() > 0) {
@@ -175,56 +175,17 @@ virIdentityPtr virIdentityGetSystem(void)
_("Unable to lookup SELinux process
context"));
goto cleanup;
}
- if (VIR_STRDUP(seccontext, con) < 0) {
+ if (virIdentitySetSELinuxContext(ret, con) < 0) {
freecon(con);
- goto cleanup;
+ goto error;
}
freecon(con);
}
#endif
- if (!(ret = virIdentityNew()))
- goto cleanup;
-
- if (virIdentitySetAttr(ret,
- VIR_IDENTITY_ATTR_UNIX_USER_NAME,
- username) < 0)
- goto error;
- if (virIdentitySetAttr(ret,
- VIR_IDENTITY_ATTR_UNIX_USER_ID,
- userid) < 0)
- goto error;
- if (virIdentitySetAttr(ret,
- VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
- groupname) < 0)
- goto error;
- if (virIdentitySetAttr(ret,
- VIR_IDENTITY_ATTR_UNIX_GROUP_ID,
- groupid) < 0)
- goto error;
- if (seccontext &&
- virIdentitySetAttr(ret,
- VIR_IDENTITY_ATTR_SELINUX_CONTEXT,
- seccontext) < 0)
- goto error;
- if (virIdentitySetAttr(ret,
- VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
- processid) < 0)
- goto error;
- if (processtime &&
- virIdentitySetAttr(ret,
- VIR_IDENTITY_ATTR_UNIX_PROCESS_TIME,
- processtime) < 0)
- goto error;
-
cleanup:
VIR_FREE(username);
- VIR_FREE(userid);
VIR_FREE(groupname);
- VIR_FREE(groupid);
- VIR_FREE(seccontext);
- VIR_FREE(processid);
- VIR_FREE(processtime);
return ret;
error:
--
1.9.3