Re: [libvirt] [PATCH 08/14] rpc: Refactor the condition whether a client needs authentication
On Fri, Dec 15, 2017 at 02:16 PM +0100, John Ferlan <jferlan(a)redhat.com> wrote:
On 12/12/2017 06:36 AM, Marc Hartmayer wrote:
> Add virNetServerClientAuthMethodImpliesAuthenticated() for deciding
> whether a authentication method implies that a client is automatically
> authenticated or not. Use this new function in
> virNetServerClientNeedAuth().
>
> Signed-off-by: Marc Hartmayer <mhartmay(a)linux.vnet.ibm.com>
> Reviewed-by: Boris Fiuczynski <fiuczy(a)linux.vnet.ibm.com>
> Reviewed-by: Stefan Zimmermann <stzi(a)linux.vnet.ibm.com>
> ---
> src/rpc/virnetserverclient.c | 22 +++++++++++++++++++---
> 1 file changed, 19 insertions(+), 3 deletions(-)
>
I see Daniel has been looking too - and I think if you extract parts of
the subsequent patch into this patch with the *Locked name then perhaps
there'd be less difference in the subsequent patch.
In later patches where virNetServerClientAuthMethodImpliesAuthenticated
is used in other parts of the code - I see no reason why we couldn't
compare directly to VIR_NET_SERVER_SERVICE_AUTH_NONE.
The first time I read the code it was very strange to me that a user is
authenticated when the authentication method was set to none. This was
also the reason why I added this function - I tried to make it easier to
understand this code part. But if you think it’s self-explanatory enough
to test for none, then of course I can replace it :)
Thanks for reviewing.
In particular I'm
thinking of that auth_pending checking where there's no "client".
This then just becomes "Introduce virNetServerClientNeedAuthLocked"
John
> diff --git a/src/rpc/virnetserverclient.c b/src/rpc/virnetserverclient.c
> index 96fd1e6d15c2..616b6fe115e5 100644
> --- a/src/rpc/virnetserverclient.c
> +++ b/src/rpc/virnetserverclient.c
> @@ -354,6 +354,23 @@ static void virNetServerClientSockTimerFunc(int timer,
> }
>
>
> +/**
> + * virNetServerClientAuthMethodImpliesAuthenticated:
> + * @auth: authentication method to check
> + *
> + * Check if the passed authentication method implies that a client is
> + * automatically authenticated.
> + *
> + * Returns true if @auth implies that a client is automatically
> + * authenticated, otherwise false.
> + */
> +static bool
> +virNetServerClientAuthMethodImpliesAuthenticated(int auth)
> +{
> + return auth == VIR_NET_SERVER_SERVICE_AUTH_NONE;
> +}
> +
> +
> static virNetServerClientPtr
> virNetServerClientNewInternal(unsigned long long id,
> virNetSocketPtr sock,
> @@ -1515,10 +1532,9 @@ int virNetServerClientSendMessage(virNetServerClientPtr
client,
>
> bool virNetServerClientNeedAuth(virNetServerClientPtr client)
> {
> - bool need = true;
> + bool need;
> virObjectLock(client);
> - if (client->auth == VIR_NET_SERVER_SERVICE_AUTH_NONE)
> - need = false;
> + need = !virNetServerClientAuthMethodImpliesAuthenticated(client->auth);
> virObjectUnlock(client);
> return need;
> }
>
--
libvir-list mailing list
libvir-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
--
Beste Grüße / Kind regards
Marc Hartmayer
IBM Deutschland Research & Development GmbH
Vorsitzende des Aufsichtsrats: Martina Koederitz
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294