Move the enum into secret_util, rename it to be just virSecretLookupType.
This includes quite a bit of collateral damage, but the goal is to remove
the "virStorage*" and replace with the virSecretLookupType so that it's
easier to to add new lookups that aren't necessarily storage pool related.
Signed-off-by: John Ferlan <jferlan(a)redhat.com>
---
While I was at it - I've been thinking "how" to make
virSecretGetSecretString
be even more generic so that it doesn't have the 'authdef'. Then I had an
epiphany on a Saturday morning and thought, well if we move the secretType
and "uuid/usage" union into their own structure, then the code doesn't
have
to know about 'authdef' and could pass a structure that would describe which
lookup (byUUID or byUsage) API to use...
This is also going to be used by the luks code when it needs to lookup a
new secret format... Probably will be usable in order to handle the tls
lookups as well!
cfg.mk | 2 +-
src/libxl/libxl_conf.c | 2 +-
src/qemu/qemu_domain.c | 4 ++--
src/secret/secret_util.c | 18 +++++++++---------
src/secret/secret_util.h | 22 ++++++++++++++++++++--
src/storage/storage_backend_iscsi.c | 7 ++++---
src/storage/storage_backend_rbd.c | 3 ++-
src/util/virstoragefile.c | 33 +++++++++++++++++----------------
src/util/virstoragefile.h | 17 +++--------------
tests/qemuargv2xmltest.c | 4 ++--
10 files changed, 61 insertions(+), 51 deletions(-)
diff --git a/cfg.mk b/cfg.mk
index a7b7266..0529a4e 100644
--- a/cfg.mk
+++ b/cfg.mk
@@ -780,7 +780,7 @@
mid_dirs=access|conf|cpu|locking|logging|network|node_device|rpc|security|storag
sc_prohibit_cross_inclusion:
@for dir in $(cross_dirs); do \
case $$dir in \
- util/) safe="util";; \
+ util/) safe="(util|secret)";; \
access/ | conf/) safe="($$dir|conf|util)";; \
locking/) safe="($$dir|util|conf|rpc)";; \
cpu/| network/| node_device/| rpc/| security/| storage/) \
diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c
index a64b4c1..b3f78f0 100644
--- a/src/libxl/libxl_conf.c
+++ b/src/libxl/libxl_conf.c
@@ -1033,7 +1033,7 @@ libxlMakeNetworkDiskSrc(virStorageSourcePtr src, char **srcstr)
if (!(conn = virConnectOpen("xen:///system")))
goto cleanup;
- if (virSecretGetSecretString(conn, src->auth,
+ if (virSecretGetSecretString(conn, &src->auth->secdef,
VIR_SECRET_USAGE_TYPE_CEPH,
&secret, &secretlen) < 0)
goto cleanup;
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index c21465d..a871d3e 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -829,7 +829,7 @@ qemuDomainSecretPlainSetup(virConnectPtr conn,
if (protocol == VIR_STORAGE_NET_PROTOCOL_RBD)
secretType = VIR_SECRET_USAGE_TYPE_CEPH;
- return virSecretGetSecretString(conn, authdef, secretType,
+ return virSecretGetSecretString(conn, &authdef->secdef, secretType,
&secinfo->s.plain.secret,
&secinfo->s.plain.secretlen);
}
@@ -902,7 +902,7 @@ qemuDomainSecretAESSetup(virConnectPtr conn,
goto cleanup;
/* Grab the unencoded secret */
- if (virSecretGetSecretString(conn, authdef, secretType,
+ if (virSecretGetSecretString(conn, &authdef->secdef, secretType,
&secret, &secretlen) < 0)
goto cleanup;
diff --git a/src/secret/secret_util.c b/src/secret/secret_util.c
index cda8ae6..bda22c9 100644
--- a/src/secret/secret_util.c
+++ b/src/secret/secret_util.c
@@ -37,12 +37,12 @@ VIR_LOG_INIT("secret.secret_util");
/* virSecretGetSecretString:
* @conn: Pointer to the connection driver to make secret driver call
- * @authdef: Pointer to the disk storage authentication
- * @secretUsageType: Type of secret usage for authdef lookup
+ * @secdef: Pointer to a storage type def for uuid/usage lookup
+ * @secretUsageType: Type of secret usage for usage lookup
* @secret: returned secret as a sized stream of unsigned chars
* @secret_size: Return size of the secret - either raw text or base64
*
- * Lookup the secret for the authdef usage type and return it as raw text.
+ * Lookup the secret for the usage type and return it as raw text.
* It is up to the caller to encode the secret further.
*
* Returns 0 on success, -1 on failure. On success the memory in secret
@@ -50,7 +50,7 @@ VIR_LOG_INIT("secret.secret_util");
*/
int
virSecretGetSecretString(virConnectPtr conn,
- virStorageAuthDefPtr authdef,
+ virSecretLookupTypeDefPtr secdef,
virSecretUsageType secretUsageType,
uint8_t **secret,
size_t *secret_size)
@@ -58,14 +58,14 @@ virSecretGetSecretString(virConnectPtr conn,
virSecretPtr sec = NULL;
int ret = -1;
- switch (authdef->secretType) {
- case VIR_STORAGE_SECRET_TYPE_UUID:
- sec = conn->secretDriver->secretLookupByUUID(conn,
authdef->secret.uuid);
+ switch (secdef->type) {
+ case VIR_SECRET_LOOKUP_TYPE_UUID:
+ sec = conn->secretDriver->secretLookupByUUID(conn, secdef->u.uuid);
break;
- case VIR_STORAGE_SECRET_TYPE_USAGE:
+ case VIR_SECRET_LOOKUP_TYPE_USAGE:
sec = conn->secretDriver->secretLookupByUsage(conn, secretUsageType,
- authdef->secret.usage);
+ secdef->u.usage);
break;
}
diff --git a/src/secret/secret_util.h b/src/secret/secret_util.h
index 88ccbff..7d6b058 100644
--- a/src/secret/secret_util.h
+++ b/src/secret/secret_util.h
@@ -24,10 +24,28 @@
# include "internal.h"
# include "virjson.h"
-# include "virstoragefile.h"
+
+typedef enum {
+ VIR_SECRET_LOOKUP_TYPE_NONE,
+ VIR_SECRET_LOOKUP_TYPE_UUID,
+ VIR_SECRET_LOOKUP_TYPE_USAGE,
+
+ VIR_SECRET_LOOKUP_TYPE_LAST
+} virSecretLookupType;
+
+typedef struct _virSecretLookupTypeDef virSecretLookupTypeDef;
+typedef virSecretLookupTypeDef *virSecretLookupTypeDefPtr;
+struct _virSecretLookupTypeDef {
+ int type; /* virSecretLookupType */
+ union {
+ unsigned char uuid[VIR_UUID_BUFLEN];
+ char *usage;
+ } u;
+
+};
int virSecretGetSecretString(virConnectPtr conn,
- virStorageAuthDefPtr authdef,
+ virSecretLookupTypeDefPtr secdef,
virSecretUsageType secretUsageType,
uint8_t **ret_secret,
size_t *ret_secret_size)
diff --git a/src/storage/storage_backend_iscsi.c b/src/storage/storage_backend_iscsi.c
index 999b610..af4b627 100644
--- a/src/storage/storage_backend_iscsi.c
+++ b/src/storage/storage_backend_iscsi.c
@@ -286,8 +286,8 @@ virStorageBackendISCSISetAuth(const char *portal,
if (!authdef || authdef->authType == VIR_STORAGE_AUTH_TYPE_NONE)
return 0;
- VIR_DEBUG("username='%s' authType=%d secretType=%d",
- authdef->username, authdef->authType, authdef->secretType);
+ VIR_DEBUG("username='%s' authType=%d secdef.type=%d",
+ authdef->username, authdef->authType, authdef->secdef.type);
if (authdef->authType != VIR_STORAGE_AUTH_TYPE_CHAP) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("iscsi pool only supports 'chap' auth
type"));
@@ -301,7 +301,8 @@ virStorageBackendISCSISetAuth(const char *portal,
return -1;
}
- if (virSecretGetSecretString(conn, authdef, VIR_SECRET_USAGE_TYPE_ISCSI,
+ if (virSecretGetSecretString(conn, &authdef->secdef,
+ VIR_SECRET_USAGE_TYPE_ISCSI,
&secret_value, &secret_size) < 0)
goto cleanup;
diff --git a/src/storage/storage_backend_rbd.c b/src/storage/storage_backend_rbd.c
index 34005ce..4ecdd15 100644
--- a/src/storage/storage_backend_rbd.c
+++ b/src/storage/storage_backend_rbd.c
@@ -86,7 +86,8 @@ virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDStatePtr ptr,
return -1;
}
- if (virSecretGetSecretString(conn, authdef, VIR_SECRET_USAGE_TYPE_CEPH,
+ if (virSecretGetSecretString(conn, &authdef->secdef,
+ VIR_SECRET_USAGE_TYPE_CEPH,
&secret_value, &secret_value_size) < 0)
goto cleanup;
diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c
index d2da9e7..54940a0 100644
--- a/src/util/virstoragefile.c
+++ b/src/util/virstoragefile.c
@@ -1506,8 +1506,8 @@ virStorageAuthDefFree(virStorageAuthDefPtr authdef)
VIR_FREE(authdef->username);
VIR_FREE(authdef->secrettype);
- if (authdef->secretType == VIR_STORAGE_SECRET_TYPE_USAGE)
- VIR_FREE(authdef->secret.usage);
+ if (authdef->secdef.type == VIR_SECRET_LOOKUP_TYPE_USAGE)
+ VIR_FREE(authdef->secdef.u.usage);
VIR_FREE(authdef);
}
@@ -1526,11 +1526,12 @@ virStorageAuthDefCopy(const virStorageAuthDef *src)
if (VIR_STRDUP(ret->secrettype, src->secrettype) < 0)
goto error;
ret->authType = src->authType;
- ret->secretType = src->secretType;
- if (ret->secretType == VIR_STORAGE_SECRET_TYPE_UUID) {
- memcpy(ret->secret.uuid, src->secret.uuid, sizeof(ret->secret.uuid));
- } else if (ret->secretType == VIR_STORAGE_SECRET_TYPE_USAGE) {
- if (VIR_STRDUP(ret->secret.usage, src->secret.usage) < 0)
+ ret->secdef.type = src->secdef.type;
+ if (ret->secdef.type == VIR_SECRET_LOOKUP_TYPE_UUID) {
+ memcpy(ret->secdef.u.uuid, src->secdef.u.uuid,
+ sizeof(ret->secdef.u.uuid));
+ } else if (ret->secdef.type == VIR_SECRET_LOOKUP_TYPE_USAGE) {
+ if (VIR_STRDUP(ret->secdef.u.usage, src->secdef.u.usage) < 0)
goto error;
}
return ret;
@@ -1573,16 +1574,16 @@ virStorageAuthDefParseSecret(xmlXPathContextPtr ctxt,
}
if (uuid) {
- if (virUUIDParse(uuid, authdef->secret.uuid) < 0) {
+ if (virUUIDParse(uuid, authdef->secdef.u.uuid) < 0) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("invalid auth secret uuid"));
goto cleanup;
}
- authdef->secretType = VIR_STORAGE_SECRET_TYPE_UUID;
+ authdef->secdef.type = VIR_SECRET_LOOKUP_TYPE_UUID;
} else {
- authdef->secret.usage = usage;
+ authdef->secdef.u.usage = usage;
usage = NULL;
- authdef->secretType = VIR_STORAGE_SECRET_TYPE_USAGE;
+ authdef->secdef.type = VIR_SECRET_LOOKUP_TYPE_USAGE;
}
ret = 0;
@@ -1625,7 +1626,7 @@ virStorageAuthDefParseXML(xmlXPathContextPtr ctxt)
VIR_FREE(authtype);
}
- authdef->secretType = VIR_STORAGE_SECRET_TYPE_NONE;
+ authdef->secdef.type = VIR_SECRET_LOOKUP_TYPE_NONE;
if (virStorageAuthDefParseSecret(ctxt, authdef) < 0)
goto error;
@@ -1680,12 +1681,12 @@ virStorageAuthDefFormat(virBufferPtr buf,
else
virBufferAddLit(buf, "<secret");
- if (authdef->secretType == VIR_STORAGE_SECRET_TYPE_UUID) {
- virUUIDFormat(authdef->secret.uuid, uuidstr);
+ if (authdef->secdef.type == VIR_SECRET_LOOKUP_TYPE_UUID) {
+ virUUIDFormat(authdef->secdef.u.uuid, uuidstr);
virBufferAsprintf(buf, " uuid='%s'/>\n", uuidstr);
- } else if (authdef->secretType == VIR_STORAGE_SECRET_TYPE_USAGE) {
+ } else if (authdef->secdef.type == VIR_SECRET_LOOKUP_TYPE_USAGE) {
virBufferEscapeString(buf, " usage='%s'/>\n",
- authdef->secret.usage);
+ authdef->secdef.u.usage);
} else {
virBufferAddLit(buf, "/>\n");
}
diff --git a/src/util/virstoragefile.h b/src/util/virstoragefile.h
index b88e715..b4ad42e 100644
--- a/src/util/virstoragefile.h
+++ b/src/util/virstoragefile.h
@@ -1,7 +1,7 @@
/*
* virstoragefile.h: file utility functions for FS storage backend
*
- * Copyright (C) 2007-2009, 2012-2014 Red Hat, Inc.
+ * Copyright (C) 2007-2009, 2012-2016 Red Hat, Inc.
* Copyright (C) 2007-2008 Daniel P. Berrange
*
* This library is free software; you can redistribute it and/or
@@ -28,6 +28,7 @@
# include "virseclabel.h"
# include "virstorageencryption.h"
# include "virutil.h"
+# include "secret/secret_util.h"
/* Minimum header size required to probe all known formats with
* virStorageFileProbeFormat, or obtain metadata from a known format.
@@ -201,25 +202,13 @@ typedef enum {
} virStorageAuthType;
VIR_ENUM_DECL(virStorageAuth)
-typedef enum {
- VIR_STORAGE_SECRET_TYPE_NONE,
- VIR_STORAGE_SECRET_TYPE_UUID,
- VIR_STORAGE_SECRET_TYPE_USAGE,
-
- VIR_STORAGE_SECRET_TYPE_LAST
-} virStorageSecretType;
-
typedef struct _virStorageAuthDef virStorageAuthDef;
typedef virStorageAuthDef *virStorageAuthDefPtr;
struct _virStorageAuthDef {
char *username;
char *secrettype; /* <secret type='%s' for disk source */
int authType; /* virStorageAuthType */
- int secretType; /* virStorageSecretType */
- union {
- unsigned char uuid[VIR_UUID_BUFLEN];
- char *usage;
- } secret;
+ virSecretLookupTypeDef secdef;
};
typedef struct _virStorageDriverData virStorageDriverData;
diff --git a/tests/qemuargv2xmltest.c b/tests/qemuargv2xmltest.c
index 0fe6b9b..212e6e8 100644
--- a/tests/qemuargv2xmltest.c
+++ b/tests/qemuargv2xmltest.c
@@ -36,8 +36,8 @@ static int testSanitizeDef(virDomainDefPtr vmdef)
virDomainDiskDefPtr disk = vmdef->disks[i];
if (disk->src->auth) {
- disk->src->auth->secretType = VIR_STORAGE_SECRET_TYPE_USAGE;
- if (VIR_STRDUP(disk->src->auth->secret.usage,
+ disk->src->auth->secdef.type = VIR_SECRET_LOOKUP_TYPE_USAGE;
+ if (VIR_STRDUP(disk->src->auth->secdef.u.usage,
"qemuargv2xml_usage") < 0)
goto fail;
}
--
2.5.5