[libvirt] [PATCH v2] esx: do not store escaped password in esxVI_Context.
by Dawid Zamirski
This patch fixes an issue where screenshot API call was failing when
the esx/vcenter password contains special characters such as
apostrophee. The reason for failures was that passwords were escaped
for XML and stored in esxVI_Context which was then passed to raw CURL
API calls where the password must be passed in original form to
authenticate successfully. So this patch addresses this by storing
original passwords in the esxVI_Context struct and escape only for
esxVI_Login call.
---
Changes made since v1:
* Also patch esxVI_EnsureSession
* Added cleanup to esxVI_Context_Connect to make sure escapedPassword
is freed where appropiate. Also move the code block that escapes the
password to happen earlier in the function body so that it can bail
earlier in the event of failure and skip the rest of the processing.
* Updated virReportError calls to pass syntax-check
src/esx/esx_driver.c | 22 ++++---------------
src/esx/esx_vi.c | 62 ++++++++++++++++++++++++++++++++++++++--------------
2 files changed, 50 insertions(+), 34 deletions(-)
diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c
index 00d0e0a..031c666 100644
--- a/src/esx/esx_driver.c
+++ b/src/esx/esx_driver.c
@@ -617,7 +617,6 @@ esxConnectToHost(esxPrivate *priv,
int result = -1;
char ipAddress[NI_MAXHOST] = "";
char *username = NULL;
- char *unescapedPassword = NULL;
char *password = NULL;
char *url = NULL;
esxVI_String *propertyNameList = NULL;
@@ -647,18 +646,13 @@ esxConnectToHost(esxPrivate *priv,
}
}
- unescapedPassword = virAuthGetPassword(conn, auth, "esx", username, conn->uri->server);
+ password = virAuthGetPassword(conn, auth, "esx", username, conn->uri->server);
- if (!unescapedPassword) {
+ if (!password) {
virReportError(VIR_ERR_AUTH_FAILED, "%s", _("Password request failed"));
goto cleanup;
}
- password = esxUtil_EscapeForXml(unescapedPassword);
-
- if (!password)
- goto cleanup;
-
if (virAsprintf(&url, "%s://%s:%d/sdk", priv->parsedUri->transport,
conn->uri->server, conn->uri->port) < 0)
goto cleanup;
@@ -705,7 +699,6 @@ esxConnectToHost(esxPrivate *priv,
cleanup:
VIR_FREE(username);
- VIR_FREE(unescapedPassword);
VIR_FREE(password);
VIR_FREE(url);
esxVI_String_Free(&propertyNameList);
@@ -726,7 +719,6 @@ esxConnectToVCenter(esxPrivate *priv,
int result = -1;
char ipAddress[NI_MAXHOST] = "";
char *username = NULL;
- char *unescapedPassword = NULL;
char *password = NULL;
char *url = NULL;
@@ -752,18 +744,13 @@ esxConnectToVCenter(esxPrivate *priv,
}
}
- unescapedPassword = virAuthGetPassword(conn, auth, "esx", username, hostname);
+ password = virAuthGetPassword(conn, auth, "esx", username, hostname);
- if (!unescapedPassword) {
+ if (!password) {
virReportError(VIR_ERR_AUTH_FAILED, "%s", _("Password request failed"));
goto cleanup;
}
- password = esxUtil_EscapeForXml(unescapedPassword);
-
- if (!password)
- goto cleanup;
-
if (virAsprintf(&url, "%s://%s:%d/sdk", priv->parsedUri->transport,
hostname, conn->uri->port) < 0)
goto cleanup;
@@ -799,7 +786,6 @@ esxConnectToVCenter(esxPrivate *priv,
cleanup:
VIR_FREE(username);
- VIR_FREE(unescapedPassword);
VIR_FREE(password);
VIR_FREE(url);
diff --git a/src/esx/esx_vi.c b/src/esx/esx_vi.c
index 6520196..5fb2279 100644
--- a/src/esx/esx_vi.c
+++ b/src/esx/esx_vi.c
@@ -996,39 +996,52 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url,
const char *ipAddress, const char *username,
const char *password, esxUtil_ParsedUri *parsedUri)
{
+ int result = -1;
+ char *escapedPassword = NULL;
+
if (!ctx || !url || !ipAddress || !username ||
!password || ctx->url || ctx->service || ctx->curl) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("Invalid argument"));
return -1;
}
+ escapedPassword = esxUtil_EscapeForXml(password);
+
+ if (!escapedPassword) {
+ VIR_FREE(escapedPassword);
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("Failed to escape password for XML"));
+ goto cleanup;
+ }
+
if (esxVI_CURL_Alloc(&ctx->curl) < 0 ||
esxVI_CURL_Connect(ctx->curl, parsedUri) < 0 ||
VIR_STRDUP(ctx->url, url) < 0 ||
VIR_STRDUP(ctx->ipAddress, ipAddress) < 0 ||
VIR_STRDUP(ctx->username, username) < 0 ||
VIR_STRDUP(ctx->password, password) < 0) {
- return -1;
+ goto cleanup;
}
if (VIR_ALLOC(ctx->sessionLock) < 0)
- return -1;
+ goto cleanup;
+
if (virMutexInit(ctx->sessionLock) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Could not initialize session mutex"));
- return -1;
+ goto cleanup;
}
if (esxVI_RetrieveServiceContent(ctx, &ctx->service) < 0)
- return -1;
+ goto cleanup;
if (STRNEQ(ctx->service->about->apiType, "HostAgent") &&
STRNEQ(ctx->service->about->apiType, "VirtualCenter")) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Expecting VI API type 'HostAgent' or 'VirtualCenter' "
"but found '%s'"), ctx->service->about->apiType);
- return -1;
+ goto cleanup;
}
if (virParseVersionString(ctx->service->about->apiVersion,
@@ -1036,14 +1049,14 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url,
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Could not parse VI API version '%s'"),
ctx->service->about->apiVersion);
- return -1;
+ goto cleanup;
}
if (ctx->apiVersion < 1000000 * 2 + 1000 * 5 /* 2.5 */) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Minimum supported %s version is %s but found version '%s'"),
"VI API", "2.5", ctx->service->about->apiVersion);
- return -1;
+ goto cleanup;
}
if (virParseVersionString(ctx->service->about->version,
@@ -1051,7 +1064,7 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url,
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Could not parse product version '%s'"),
ctx->service->about->version);
- return -1;
+ goto cleanup;
}
if (STREQ(ctx->service->about->productLineId, "gsx")) {
@@ -1060,7 +1073,7 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url,
_("Minimum supported %s version is %s but found version '%s'"),
esxVI_ProductLineToDisplayName(esxVI_ProductLine_GSX),
"2.0", ctx->service->about->version);
- return -1;
+ goto cleanup;
}
ctx->productLine = esxVI_ProductLine_GSX;
@@ -1071,7 +1084,7 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url,
_("Minimum supported %s version is %s but found version '%s'"),
esxVI_ProductLineToDisplayName(esxVI_ProductLine_ESX),
"3.5", ctx->service->about->version);
- return -1;
+ goto cleanup;
}
ctx->productLine = esxVI_ProductLine_ESX;
@@ -1081,7 +1094,7 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url,
_("Minimum supported %s version is %s but found version '%s'"),
esxVI_ProductLineToDisplayName(esxVI_ProductLine_VPX),
"2.5", ctx->service->about->version);
- return -1;
+ goto cleanup;
}
ctx->productLine = esxVI_ProductLine_VPX;
@@ -1090,7 +1103,7 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url,
_("Expecting product 'gsx' or 'esx' or 'embeddedEsx' "
"or 'vpx' but found '%s'"),
ctx->service->about->productLineId);
- return -1;
+ goto cleanup;
}
if (ctx->productLine == esxVI_ProductLine_ESX) {
@@ -1107,12 +1120,19 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url,
if (ctx->productLine == esxVI_ProductLine_VPX)
ctx->hasSessionIsActive = true;
- if (esxVI_Login(ctx, username, password, NULL, &ctx->session) < 0 ||
+
+
+ if (esxVI_Login(ctx, username, escapedPassword, NULL, &ctx->session) < 0 ||
esxVI_BuildSelectSetCollection(ctx) < 0) {
- return -1;
+ goto cleanup;
}
- return 0;
+ result = 0;
+
+ cleanup:
+ VIR_FREE(escapedPassword);
+
+ return result;
}
int
@@ -2062,6 +2082,7 @@ esxVI_EnsureSession(esxVI_Context *ctx)
esxVI_ObjectContent *sessionManager = NULL;
esxVI_DynamicProperty *dynamicProperty = NULL;
esxVI_UserSession *currentSession = NULL;
+ char *escapedPassword = NULL;
if (!ctx->sessionLock) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("Invalid call, no mutex"));
@@ -2075,6 +2096,14 @@ esxVI_EnsureSession(esxVI_Context *ctx)
goto cleanup;
}
+ escapedPassword = esxUtil_EscapeForXml(ctx->password);
+
+ if (!escapedPassword) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("Failed to escape password for XML"));
+ goto cleanup;
+ }
+
if (esxVI_String_AppendValueToList(&propertyNameList,
"currentSession") < 0 ||
esxVI_LookupObjectContentByType(ctx, ctx->service->sessionManager,
@@ -2101,7 +2130,7 @@ esxVI_EnsureSession(esxVI_Context *ctx)
if (!currentSession) {
esxVI_UserSession_Free(&ctx->session);
- if (esxVI_Login(ctx, ctx->username, ctx->password, NULL,
+ if (esxVI_Login(ctx, ctx->username, escapedPassword, NULL,
&ctx->session) < 0) {
goto cleanup;
}
@@ -2117,6 +2146,7 @@ esxVI_EnsureSession(esxVI_Context *ctx)
cleanup:
virMutexUnlock(ctx->sessionLock);
+ VIR_FREE(escapedPassword);
esxVI_String_Free(&propertyNameList);
esxVI_ObjectContent_Free(&sessionManager);
esxVI_UserSession_Free(¤tSession);
--
2.7.4
8 years, 7 months
[libvirt] [PATCH] testutils.c: unsetenv() iff platform has it
by Michal Privoznik
I've encountered the following problem (introduced by 6326865e):
../../tests/testutils.c: In function 'virtTestRun':
../../tests/testutils.c:289:5: error: implicit declaration of function 'unsetenv' [-Werror=implicit-function-declaration]
unsetenv("VIR_TEST_MOCK_TESTNAME");
Apparently, mingw does not have unsetenv(). Therefore we should
call it iff we are sure platform we are building for has it.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
This is a tentative patch. Ideally, we would use gnulib's
implementation (like we do for setenv()), but there are some
licensing problems right now [1]. If they are resolved before our
release, we can just pick new gnulib. If, however, they are not,
we can just push this patch.
1: https://www.redhat.com/archives/libvir-list/2016-May/msg01952.html
tests/testutils.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tests/testutils.c b/tests/testutils.c
index f4fbad2..8b7bf70 100644
--- a/tests/testutils.c
+++ b/tests/testutils.c
@@ -286,7 +286,9 @@ virtTestRun(const char *title,
}
#endif /* TEST_OOM */
+#ifdef HAVE_UNSETENV
unsetenv("VIR_TEST_MOCK_TESTNAME");
+#endif
return ret;
}
--
2.8.3
8 years, 7 months
[libvirt] [PATCH] qemu: Fix error message when PCI bridge has index <= bus
by Andrea Bolognani
Commit ff2126225df0 changed the error message to be more
detailed about the failure at hand; however, while the new
error message claims that "bus must be <= index", the error
message is displayed if "idx <= addr->bus", ie. when bus
is bigger than or *equal to* index.
Change the error message to report the correct constraint,
and format it in a way that mirrors the check exactly to
make it clearer to people reading the code. The new error
message reads "must be index > bus".
---
I'm assuming the code, which is pre-existing, is correct
here. CC'ing Laine for insights.
src/qemu/qemu_domain_address.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_domain_address.c b/src/qemu/qemu_domain_address.c
index 7bd8ee5..650cb2a 100644
--- a/src/qemu/qemu_domain_address.c
+++ b/src/qemu/qemu_domain_address.c
@@ -1598,14 +1598,14 @@ qemuDomainAssignPCIAddresses(virDomainDefPtr def,
break;
}
- /* check if every PCI bridge controller's ID is greater than
+ /* check if every PCI bridge controller's index is greater than
* the bus it is placed onto
*/
if (cont->model == VIR_DOMAIN_CONTROLLER_MODEL_PCI_BRIDGE &&
idx <= addr->bus) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("PCI controller at index %d (0x%02x) has "
- "bus='0x%02x', but bus must be <= index"),
+ "bus='0x%02x'; must be index > bus"),
idx, idx, addr->bus);
goto cleanup;
}
--
2.5.5
8 years, 7 months
[libvirt] inconsistent handling of "qemu64" CPU model
by Chris Friesen
Hi,
I'm not sure where the problem lies, hence the CC to both lists. Please copy me
on the reply.
I'm playing with OpenStack's devstack environment on an Ubuntu 14.04 host with a
Celeron 2961Y CPU. (libvirt detects it as a Nehalem with a bunch of extra
features.) Qemu gives version 2.2.0 (Debian 1:2.2+dfsg-5expubuntu9.7~cloud2).
If I don't specify a virtual CPU model, it appears to give me a "qemu64" CPU,
and /proc/cpuinfo in the guest instance looks something like this:
processor 0
vendor_id GenuineIntel
cpu family 6
model 6
model name: QEMU Virtual CPU version 2.2.0
stepping: 3
microcode: 0x1
flags: fpu de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pse36 clflush
mmx fxsr sse sse2 syscall nx lm rep_good nopl pni vmx cx16 x2apic popcnt
hypervisor lahf_lm abm vnmi ept
However, if I explicitly specify a custom CPU model of "qemu64" the instance
refuses to boot and I get a log saying:
libvirtError: unsupported configuration: guest and host CPU are not compatible:
Host CPU does not provide required features: svmlibvirtError: unsupported
configuration: guest and host CPU are not compatible: Host CPU does not provide
required features: svm
When this happens, some of the XML for the domain looks like this:
<os>
<type arch='x86_64' machine='pc-i440fx-utopic'>hvm</type>
....
<cpu mode='custom' match='exact'>
<model fallback='allow'>qemu64</model>
<topology sockets='1' cores='1' threads='1'/>
</cpu>
Of course "svm" is an AMD flag and I'm running an Intel CPU. But why does it
work when I just rely on the default virtual CPU? Is kvm_default_unset_features
handled differently when it's implicit vs explicit?
If I explicitly specify a custom CPU model of "kvm64" then it boots, but of
course I get a different virtual CPU from what I get if I don't specify anything.
Following some old suggestions I tried turning off nested kvm, deleting
/var/cache/libvirt/qemu/capabilities/*, and restarting libvirtd. Didn't help.
So...anyone got any ideas what's going on? Is there no way to explicitly
specify the model that you get by default?
Thanks,
Chris
8 years, 7 months
[libvirt] [PATCH 0/8] lxc: add job support
by Katerina Koukiou
This patch series adds job support to the lxc driver, using techiques from the
libxl driver. One benefit is no longer blocking get operations during long
running modify operations. E.g. with these patches 'vish dominfo dom' will
work while 'virsh save dom ...' is in progress.
The first patch adds the job support machinery, followed by several patches
that make use of it.
Although this might look not needed that much right now, it is preparing
environment for future work.
This patch series has been reviewed by Michal Privoznik who is my mentor
for GSoC 2016.
Katerina Koukiou (8):
lxc: Add job support to lxc driver
lxc: use job functions in lxcDomain{CreateXMLWithFiles,
CreateWithFiles}
lxc: use job functions in lxcDomainSetMemoryFlags
lxc: use job functions in lxcDomain{Suspend, Resume}
lxc: use job functions in lxcDomain{AttachDeviceFlags,
DetachDeviceFlags, UpdateDeviceFlags}
lxc: add job functions in lxcDomainSetAutostart
lxc: use job functions in lxcDomain* functions that do query
operations.
lxc: use job functions in lxcDomain* functions that perform modify
actions.
src/lxc/lxc_domain.c | 154 ++++++++++++++++++++--
src/lxc/lxc_domain.h | 37 ++++++
src/lxc/lxc_driver.c | 351 ++++++++++++++++++++++++++++++++++++---------------
3 files changed, 428 insertions(+), 114 deletions(-)
--
2.7.4
8 years, 7 months
[libvirt] [PATCH] daemon: cleanup state drivers in order reverse to init order
by Nikolay Shirokovskiy
This patch aims to fix observed crash on daemon shutdown. Main thread is in
the process of state drivers cleanup, network driver is cleaned up and
qemu driver is not yet. Meanwhile eof event from qemu process triggers
qemuProcessStop -> networkReleaseActualDevice and crash happens as
network driver is already cleaned up.
Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy(a)virtuozzo.com>
---
src/libvirt.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/libvirt.c b/src/libvirt.c
index 114e88c..d79fe75 100644
--- a/src/libvirt.c
+++ b/src/libvirt.c
@@ -800,12 +800,12 @@ virStateInitialize(bool privileged,
int
virStateCleanup(void)
{
- size_t i;
+ int r;
int ret = 0;
- for (i = 0; i < virStateDriverTabCount; i++) {
- if (virStateDriverTab[i]->stateCleanup &&
- virStateDriverTab[i]->stateCleanup() < 0)
+ for (r = virStateDriverTabCount - 1; r >= 0; r--) {
+ if (virStateDriverTab[r]->stateCleanup &&
+ virStateDriverTab[r]->stateCleanup() < 0)
ret = -1;
}
return ret;
--
1.8.3.1
8 years, 7 months
[libvirt] [PATCH 0/3] esx: improve virtualHW > 7 handling.
by Dawid Zamirski
Hello,
The following patches are for issues found when using libvirt to
create/manage VMs on ESXi hosts (5.5 and 6). The first patch addresses
a fairly common issue with creating VMs on ESXi with SCSI controllers.
The other two are to less common but work around known ESX issues e.g.
4TB drive size limit and vMotion compatibility.
Dawid Zamirski (3):
esx: add pciBridge devices when SCSI is used
esx: Add VMCI device for virtualHW >= 7
esx: use newer virtualHW version for 5.1+ hosts
src/esx/esx_vi.c | 17 ++++++++++++++
src/vmx/vmx.c | 27 ++++++++++++++++++++++
tests/xml2vmxdata/xml2vmx-fusion-in-the-wild-1.vmx | 14 +++++++++++
.../xml2vmxdata/xml2vmx-serial-network-client.vmx | 1 +
.../xml2vmxdata/xml2vmx-serial-network-server.vmx | 1 +
tests/xml2vmxdata/xml2vmx-ws-in-the-wild-1.vmx | 14 +++++++++++
tests/xml2vmxdata/xml2vmx-ws-in-the-wild-2.vmx | 14 +++++++++++
7 files changed, 88 insertions(+)
--
2.7.4
8 years, 7 months
[libvirt] Question on output of virsh capabilities
by Eli Qiao
hi
I am confused by the libvirt's "virsh capabilities"
help said:
DESCRIPTION
Returns capabilities of hypervisor/driver.
I got follow outtput of a host.
<cpu>
<arch>x86_64</arch>
<model>Broadwell-noTSX</model>
<vendor>Intel</vendor>
<topology sockets='1' cores='2' threads='2'/>
<feature name='invtsc'/>
<feature name='mpx'/>
<feature name='abm'/>
<feature name='pdpe1gb'/>
<feature name='rdrand'/>
<feature name='f16c'/>
<feature name='osxsave'/>
<feature name='pdcm'/>
<feature name='xtpr'/>
<feature name='tm2'/>
<feature name='est'/>
<feature name='vmx'/>
<feature name='ds_cpl'/>
<feature name='monitor'/>
<feature name='dtes64'/>
<feature name='pbe'/>
<feature name='tm'/>
<feature name='ht'/>
<feature name='ss'/>
<feature name='acpi'/>
<feature name='ds'/>
<feature name='vme'/>
<pages unit='KiB' size='4'/>
<pages unit='KiB' size='2048'/>
<pages unit='KiB' size='1048576'/>
</cpu>
but from cat /proc/cpuinfo
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca
cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall
nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good
nopl xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64
monitor ds_cpl vmx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1
sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand
lahf_lm abm 3dnowprefetch epb intel_pt tpr_shadow vnmi flexpriority ept
vpid fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx
smap clflushopt xsaveopt xsavec xgetbv1 dtherm ida arat pln pts hwp
hwp_notify hwp_act_window hwp_epp
The output of virsh seems missed some of the cpu features so my question
what doesn't the features of "virsh capibalities" mean?
why not pass all cpu flags?
I see there is a cpu_map.xml in libvirt source, what does it used for?
I have requirements to get all the hypervisors feature, what should I do?
Thanks.
--
Best Regards, Eli Qiao (乔立勇)
Intel OTC China
8 years, 7 months
[libvirt] [PATCH 00/19] Drop virt prefix from tests
by Tomáš Ryšavý
Replacig virt prefix with vir prefix in tests. It was suggested on wikipage:
http://wiki.libvirt.org/page/BiteSizedTasks#Rename_test_suite_routines_fr...
Tomáš Ryšavý (19):
tests: Rename virtTestRun to virTestRun.
tests: Rename virtTestDifference to virTestDifference.
tests: Rename virtTestLoadFile to virTestLoadFile.
tests: Rename virtTestCompareToFile to virTestCompareToFile.
tests: Rename virtTestDifferenceFull to virTestDifferenceFull.
tests: Rename virtTestClearCommandPath to virTestClearCommandPath.
tests: Rename virtTest00MActive to virTest00MActive.
tests: Rename virtTestCounterReset to virTestCounterReset.
tests: Rename virtTestLogContentAndReset to virTestLogContentAndReset.
tests: Rename virtTestUseTerminalColors to virTestUseTerminalColors.
tests: Rename virtTestQuiesceLibvirtErrors to
virTestQuiesceLibvirtErrors.
tests: Rename virtTestDifferenceFullNoRegenerate.
tests: Rename virtTestDifferenceFullInternal to
virTestDifferenceFullInternal.
tests: Rename virtTestCaptureProgramExecChild to
virTestCaptureProgramExecChild.
tests: Rename virtTestDifferenceBin to virTestDifferenceBin.
tests: Rename virtTestCaptureProgramOutput to
virTestCaptureProgramOutput.
tests: Rename virtTestCounterNext to virTestCounterNext.
tests: Rename virtTestErrorFuncQuiet to virTestErrorFuncQuiet.
tests: Rename virtTestMain to virTestMain.
tests/bhyvexml2argvtest.c | 8 ++---
tests/bhyvexml2xmltest.c | 2 +-
tests/commandtest.c | 18 +++++-----
tests/cputest.c | 8 ++---
tests/domaincapstest.c | 6 ++--
tests/domainconftest.c | 2 +-
tests/domainsnapshotxml2xmltest.c | 8 ++---
tests/esxutilstest.c | 10 +++---
tests/eventtest.c | 2 +-
tests/fchosttest.c | 10 +++---
tests/fdstreamtest.c | 8 ++---
tests/genericxml2xmltest.c | 2 +-
tests/interfacexml2xmltest.c | 6 ++--
tests/jsontest.c | 8 ++---
tests/libvirtdconftest.c | 2 +-
tests/lxcconf2xmltest.c | 6 ++--
tests/lxcxml2xmltest.c | 2 +-
tests/metadatatest.c | 10 +++---
tests/networkxml2conftest.c | 6 ++--
tests/networkxml2firewalltest.c | 6 ++--
tests/networkxml2xmltest.c | 4 +--
tests/networkxml2xmlupdatetest.c | 6 ++--
tests/nodedevxml2xmltest.c | 6 ++--
tests/nodeinfotest.c | 8 ++---
tests/nsstest.c | 2 +-
tests/nwfilterebiptablestest.c | 42 +++++++++++-----------
tests/nwfilterxml2firewalltest.c | 6 ++--
tests/nwfilterxml2xmltest.c | 4 +--
tests/objecteventtest.c | 18 +++++-----
tests/openvzutilstest.c | 6 ++--
tests/qemuagenttest.c | 2 +-
tests/qemuargv2xmltest.c | 10 +++---
tests/qemucapabilitiestest.c | 6 ++--
tests/qemucaps2xmltest.c | 6 ++--
tests/qemucommandutiltest.c | 4 +--
tests/qemuhelptest.c | 6 ++--
tests/qemuhotplugtest.c | 10 +++---
tests/qemumonitorjsontest.c | 14 ++++----
tests/qemumonitortest.c | 6 ++--
tests/qemuxml2argvtest.c | 64 ++++++++++++++++-----------------
tests/qemuxml2xmltest.c | 14 ++++----
tests/scsihosttest.c | 4 +--
tests/secretxml2xmltest.c | 4 +--
tests/securityselinuxlabeltest.c | 2 +-
tests/securityselinuxtest.c | 26 +++++++-------
tests/sexpr2xmltest.c | 6 ++--
tests/sockettest.c | 66 +++++++++++++++++-----------------
tests/storagebackendsheepdogtest.c | 4 +--
tests/storagepoolxml2xmltest.c | 4 +--
tests/storagevolxml2argvtest.c | 4 +--
tests/storagevolxml2xmltest.c | 4 +--
tests/sysinfotest.c | 4 +--
tests/testutils.c | 74 +++++++++++++++++++-------------------
tests/testutils.h | 68 +++++++++++++++++------------------
tests/utiltest.c | 6 ++--
tests/vboxsnapshotxmltest.c | 10 +++---
tests/viralloctest.c | 14 ++++----
tests/viratomictest.c | 4 +--
tests/virauthconfigtest.c | 16 ++++-----
tests/virbitmaptest.c | 26 +++++++-------
tests/virbuftest.c | 16 ++++-----
tests/vircaps2xmltest.c | 4 +--
tests/vircapstest.c | 8 ++---
tests/vircgrouptest.c | 36 +++++++++----------
tests/vircryptotest.c | 4 +--
tests/virdbustest.c | 20 +++++------
tests/virdrivermoduletest.c | 8 ++---
tests/virendiantest.c | 4 +--
tests/virfiletest.c | 6 ++--
tests/virfirewalltest.c | 36 +++++++++----------
tests/virhashtest.c | 2 +-
tests/virhostdevtest.c | 2 +-
tests/viridentitytest.c | 12 +++----
tests/viriscsitest.c | 6 ++--
tests/virkeycodetest.c | 4 +--
tests/virkeyfiletest.c | 2 +-
tests/virkmodtest.c | 6 ++--
tests/virlockspacetest.c | 14 ++++----
tests/virlogtest.c | 2 +-
tests/virnetdaemontest.c | 4 +--
tests/virnetdevbandwidthtest.c | 4 +--
tests/virnetdevtest.c | 2 +-
tests/virnetmessagetest.c | 16 ++++-----
tests/virnetserverclienttest.c | 2 +-
tests/virnetsockettest.c | 32 ++++++++---------
tests/virnettlscontexttest.c | 2 +-
tests/virnettlssessiontest.c | 58 +++++++++++++++---------------
tests/virpcitest.c | 6 ++--
tests/virpolkittest.c | 12 +++----
tests/virportallocatortest.c | 8 ++---
tests/virrandomtest.c | 2 +-
tests/virrotatingfiletest.c | 26 +++++++-------
tests/virscsitest.c | 4 +--
tests/virshtest.c | 38 ++++++++++----------
tests/virstoragetest.c | 12 +++----
tests/virstringtest.c | 62 ++++++++++++++++----------------
tests/virsystemdtest.c | 52 +++++++++++++--------------
tests/virtimetest.c | 52 +++++++++++++--------------
tests/virtypedparamtest.c | 8 ++---
tests/viruritest.c | 24 ++++++-------
tests/virusbtest.c | 14 ++++----
tests/vmwarevertest.c | 4 +--
tests/vmx2xmltest.c | 6 ++--
tests/xencapstest.c | 24 ++++++-------
tests/xlconfigtest.c | 10 +++---
tests/xmconfigtest.c | 10 +++---
tests/xml2sexprtest.c | 4 +--
tests/xml2vmxtest.c | 4 +--
108 files changed, 707 insertions(+), 707 deletions(-)
--
2.5.5
8 years, 7 months
[libvirt] [PATCH] esx: do not store escaped password in esxVI_Context.
by Dawid Zamirski
This patch fixes an issue where screenshot API call was failing when
the esx/vcenter password contains special characters such as
apostrophee. The reason for failures was that passwords were escaped
for XML and stored in esxVI_Context which was then passed to raw CURL API
calls where the password must be passed in original form to
authenticate successfully. So this patch addresses this by storing
original passwords in the esxVI_Context struct and escape only for
esxVI_Login call.
---
src/esx/esx_driver.c | 22 ++++------------------
src/esx/esx_vi.c | 13 ++++++++++++-
2 files changed, 16 insertions(+), 19 deletions(-)
diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c
index 00d0e0a..031c666 100644
--- a/src/esx/esx_driver.c
+++ b/src/esx/esx_driver.c
@@ -617,7 +617,6 @@ esxConnectToHost(esxPrivate *priv,
int result = -1;
char ipAddress[NI_MAXHOST] = "";
char *username = NULL;
- char *unescapedPassword = NULL;
char *password = NULL;
char *url = NULL;
esxVI_String *propertyNameList = NULL;
@@ -647,18 +646,13 @@ esxConnectToHost(esxPrivate *priv,
}
}
- unescapedPassword = virAuthGetPassword(conn, auth, "esx", username, conn->uri->server);
+ password = virAuthGetPassword(conn, auth, "esx", username, conn->uri->server);
- if (!unescapedPassword) {
+ if (!password) {
virReportError(VIR_ERR_AUTH_FAILED, "%s", _("Password request failed"));
goto cleanup;
}
- password = esxUtil_EscapeForXml(unescapedPassword);
-
- if (!password)
- goto cleanup;
-
if (virAsprintf(&url, "%s://%s:%d/sdk", priv->parsedUri->transport,
conn->uri->server, conn->uri->port) < 0)
goto cleanup;
@@ -705,7 +699,6 @@ esxConnectToHost(esxPrivate *priv,
cleanup:
VIR_FREE(username);
- VIR_FREE(unescapedPassword);
VIR_FREE(password);
VIR_FREE(url);
esxVI_String_Free(&propertyNameList);
@@ -726,7 +719,6 @@ esxConnectToVCenter(esxPrivate *priv,
int result = -1;
char ipAddress[NI_MAXHOST] = "";
char *username = NULL;
- char *unescapedPassword = NULL;
char *password = NULL;
char *url = NULL;
@@ -752,18 +744,13 @@ esxConnectToVCenter(esxPrivate *priv,
}
}
- unescapedPassword = virAuthGetPassword(conn, auth, "esx", username, hostname);
+ password = virAuthGetPassword(conn, auth, "esx", username, hostname);
- if (!unescapedPassword) {
+ if (!password) {
virReportError(VIR_ERR_AUTH_FAILED, "%s", _("Password request failed"));
goto cleanup;
}
- password = esxUtil_EscapeForXml(unescapedPassword);
-
- if (!password)
- goto cleanup;
-
if (virAsprintf(&url, "%s://%s:%d/sdk", priv->parsedUri->transport,
hostname, conn->uri->port) < 0)
goto cleanup;
@@ -799,7 +786,6 @@ esxConnectToVCenter(esxPrivate *priv,
cleanup:
VIR_FREE(username);
- VIR_FREE(unescapedPassword);
VIR_FREE(password);
VIR_FREE(url);
diff --git a/src/esx/esx_vi.c b/src/esx/esx_vi.c
index bf6f228..872cb7d 100644
--- a/src/esx/esx_vi.c
+++ b/src/esx/esx_vi.c
@@ -996,6 +996,8 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url,
const char *ipAddress, const char *username,
const char *password, esxUtil_ParsedUri *parsedUri)
{
+ char *escapedPassword = NULL;
+
if (!ctx || !url || !ipAddress || !username ||
!password || ctx->url || ctx->service || ctx->curl) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("Invalid argument"));
@@ -1107,7 +1109,16 @@ esxVI_Context_Connect(esxVI_Context *ctx, const char *url,
if (ctx->productLine == esxVI_ProductLine_VPX)
ctx->hasSessionIsActive = true;
- if (esxVI_Login(ctx, username, password, NULL, &ctx->session) < 0 ||
+ escapedPassword = esxUtil_EscapeForXml(password);
+
+ if (!escapedPassword) {
+ VIR_FREE(escapedPassword);
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("Failed to escape password for XML"));
+ return -1;
+ }
+
+ if (esxVI_Login(ctx, username, escapedPassword, NULL, &ctx->session) < 0 ||
esxVI_BuildSelectSetCollection(ctx) < 0) {
return -1;
}
--
2.7.4
8 years, 7 months