6:12 p.m.
On 11/01/2010 12:17 PM, Daniel P. Berrange wrote:
This extends the XML syntax for <graphics> to allow a password
expiry time to be set
eg
<graphics type='vnc' port='5900' autoport='yes'
keymap='en-us' passwd='12345'
passwdValidTo='2010-04-09T15:51:00'/>
The timestamp is in UTC.
* src/conf/domain_conf.h: Pull passwd out into separate struct
virDomainGraphicsAuthDef to allow sharing between VNC & SPICE
* src/conf/domain_conf.c: Add parsing/formatting of new passwdValidTo
argument
* src/opennebula/one_conf.c, src/qemu/qemu_conf.c, src/qemu/qemu_driver.c,
src/xen/xend_internal.c, src/xen/xm_internal.c: Update for changed
struct containing VNC password
---
src/conf/domain_conf.c | 102 +++++++++++++++++++++++++++++++++++++++-----
src/conf/domain_conf.h | 13 +++++-
src/esx/esx_vmx.c | 6 +-
src/opennebula/one_conf.c | 4 +-
src/qemu/qemu_conf.c | 4 +-
src/qemu/qemu_driver.c | 20 ++++----
src/xen/xend_internal.c | 12 +++---
src/xen/xm_internal.c | 12 +++---
8 files changed, 130 insertions(+), 43 deletions(-)
Where's the changes to docs/schemas/domain.rng and
docs/formatdomain.html.in?
Is passwdValidTo any better off as seconds since the Epoch (date +%s)
rather than an ISO time (date +%FT%T)? It boils down to a question of
which format is easier for machines to handle. Or maybe we should
support both formats, as it's pretty easy to tell them apart?
@@ -3068,6 +3079,56 @@ error:
goto cleanup;
}
+
+static int
+virDomainGraphicsAuthDefParseXML(xmlNodePtr node, virDomainGraphicsAuthDefPtr def)
+{
+ char *validTo = NULL;
+
+ def->passwd = virXMLPropString(node, "passwd");
+
+ if (!def->passwd)
+ return 0;
+
+ validTo = virXMLPropString(node, "passwdValidTo");
+ if (validTo) {
+ char *tmp;
+ struct tm tm;
+ memset(&tm, 0, sizeof(tm));
+ /* Expect: YYYY-MM-DDTHH:MM:SS (%d-%d-%dT%d:%d:%d) eg 2010-11-28T14:29:01 */
+ if (/* year */
+ virStrToLong_i(validTo, &tmp, 10, &tm.tm_year) < 0 || *tmp !=
'-' ||
+ /* month */
+ virStrToLong_i(tmp+1, &tmp, 10, &tm.tm_mon) < 0 || *tmp !=
'-' ||
+ /* day */
+ virStrToLong_i(tmp+1, &tmp, 10, &tm.tm_mday) < 0 || *tmp !=
'T' ||
+ /* hour */
+ virStrToLong_i(tmp+1, &tmp, 10, &tm.tm_hour) < 0 || *tmp !=
':' ||
+ /* minute */
+ virStrToLong_i(tmp+1, &tmp, 10, &tm.tm_min) < 0 || *tmp !=
':' ||
+ /* second */
+ virStrToLong_i(tmp+1, &tmp, 10, &tm.tm_sec) < 0 || *tmp !=
'\0') {
+ virDomainReportError(VIR_ERR_INTERNAL_ERROR,
+ _("cannot parse password validity time
'%s', expect YYYY-MM-DDTHH:MM:SS"),
+ validTo);
+ VIR_FREE(validTo);
+ VIR_FREE(def->passwd);
+ return -1;
+ }
+ VIR_FREE(validTo);
+
+ tm.tm_year -= 1900; /* Human epoch starts at 0 BC, not 1900BC */
+ tm.tm_mon--; /* Humans start months at 1, computers at 0 */
+
+ /* XXX this is broken it needs to be UTC not localtime */
+ def->validTo = timegm(&tm);
Is that XXX comment still correct, or are we using UTC time by virtue of
the timegm() call?
+static void
+virDomainGraphicsAuthDefFormatAttr(virBufferPtr buf,
+ virDomainGraphicsAuthDefPtr def)
+{
+ if (!def->passwd)
+ return;
+
+ virBufferEscapeString(buf, " passwd='%s'",
+ def->passwd);
Should this depend on whether VIR_DOMAIN_XML_SECURE is in effect...
+ if (def->expires) {
+ char strbuf[100];
+ struct tm tmbuf, *tm;
+ tm = gmtime_r(&def->validTo, &tmbuf);
+ strftime(strbuf, sizeof(strbuf), "%Y-%m-%dT%H:%M:%S", tm);
+ virBufferVSprintf(buf, " passwdValidTo='%s'", strbuf);
+ }
+}
+
static int
virDomainGraphicsDefFormat(virBufferPtr buf,
virDomainGraphicsDefPtr def,
@@ -6355,10 +6437,8 @@ virDomainGraphicsDefFormat(virBufferPtr buf,
virBufferEscapeString(buf, " keymap='%s'",
def->data.vnc.keymap);
- if (def->data.vnc.passwd &&
- (flags & VIR_DOMAIN_XML_SECURE))
- virBufferEscapeString(buf, " passwd='%s'",
- def->data.vnc.passwd);
+ if (flags & VIR_DOMAIN_XML_SECURE)
+ virDomainGraphicsAuthDefFormatAttr(buf, &def->data.vnc.auth);
rather than here, since it makes sense to include password expiry in the
XML even if the password itself is not included?
--
Eric Blake eblake(a)redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org