8:29 a.m.
Combine virNetServerClientSetAuth(client,
VIR_NET_SERVER_SERVICE_AUTH_NONE) and virNetServerTrackCompletedAuth
into one new function named virNetServerSetClientAuthenticated.
After using this new function the function
virNetServerTrackCompletedAuth was superfluous and is therefore
removed. In addition, it is not very common that a
'{{function}}' (virNetServerTrackCompletedAuth) does more than just
the locking compared to
'{{function}}Locked' (virNetServerTrackCompletedAuthLocked).
virNetServerTrackPendingAuth was already superfluous and therefore
it's also removed.
Signed-off-by: Marc Hartmayer <mhartmay(a)linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy(a)linux.vnet.ibm.com>
Reviewed-by: Stefan Zimmermann <stzi(a)linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan(a)redhat.com>
---
daemon/remote.c | 9 +++------
src/libvirt_remote.syms | 5 ++---
src/rpc/virnetserver.c | 41 +++++++++++++++++++++++------------------
src/rpc/virnetserver.h | 3 +--
src/rpc/virnetserverclient.c | 8 +++++---
src/rpc/virnetserverclient.h | 2 +-
6 files changed, 35 insertions(+), 33 deletions(-)
diff --git a/daemon/remote.c b/daemon/remote.c
index 45cb99a56146..b6fe6d8539ff 100644
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -3268,8 +3268,7 @@ remoteDispatchAuthList(virNetServerPtr server,
(long long) callerPid, (int) callerUid) < 0)
goto cleanup;
VIR_INFO("Bypass polkit auth for privileged client %s", ident);
- virNetServerClientSetAuth(client, VIR_NET_SERVER_SERVICE_AUTH_NONE);
- virNetServerTrackCompletedAuth(server);
+ virNetServerSetClientAuthenticated(server, client);
auth = VIR_NET_SERVER_SERVICE_AUTH_NONE;
VIR_FREE(ident);
}
@@ -3412,8 +3411,7 @@ remoteSASLFinish(virNetServerPtr server,
if (!(clnt_identity = virNetServerClientGetIdentity(client)))
goto error;
- virNetServerClientSetAuth(client, VIR_NET_SERVER_SERVICE_AUTH_NONE);
- virNetServerTrackCompletedAuth(server);
+ virNetServerSetClientAuthenticated(server, client);
virNetServerClientSetSASLSession(client, priv->sasl);
virIdentitySetSASLUserName(clnt_identity, identity);
@@ -3736,8 +3734,7 @@ remoteDispatchAuthPolkit(virNetServerPtr server,
action, (long long) callerPid, callerUid);
ret->complete = 1;
- virNetServerClientSetAuth(client, VIR_NET_SERVER_SERVICE_AUTH_NONE);
- virNetServerTrackCompletedAuth(server);
+ virNetServerSetClientAuthenticated(server, client);
virMutexUnlock(&priv->lock);
return 0;
diff --git a/src/libvirt_remote.syms b/src/libvirt_remote.syms
index 4e684ef69514..62eac5ae9fdd 100644
--- a/src/libvirt_remote.syms
+++ b/src/libvirt_remote.syms
@@ -116,9 +116,8 @@ virNetServerNewPostExecRestart;
virNetServerNextClientID;
virNetServerPreExecRestart;
virNetServerProcessClients;
+virNetServerSetClientAuthenticated;
virNetServerStart;
-virNetServerTrackCompletedAuth;
-virNetServerTrackPendingAuth;
virNetServerUpdateServices;
@@ -152,7 +151,7 @@ virNetServerClientRemoteAddrStringSASL;
virNetServerClientRemoteAddrStringURI;
virNetServerClientRemoveFilter;
virNetServerClientSendMessage;
-virNetServerClientSetAuth;
+virNetServerClientSetAuthLocked;
virNetServerClientSetCloseHook;
virNetServerClientSetDispatcher;
virNetServerClientSetReadonly;
diff --git a/src/rpc/virnetserver.c b/src/rpc/virnetserver.c
index 57cbfb59ab53..946fc29283d8 100644
--- a/src/rpc/virnetserver.c
+++ b/src/rpc/virnetserver.c
@@ -737,6 +737,29 @@ int virNetServerSetTLSContext(virNetServerPtr srv,
#endif
+/**
+ * virNetServerSetClientAuthenticated:
+ * @srv: server must be unlocked
+ * @client: client must be unlocked
+ *
+ * Mark @client as authenticated and tracks on @srv that the
+ * authentication of this @client has been completed. Also it checks
+ * the limits of @srv.
+ */
+void
+virNetServerSetClientAuthenticated(virNetServerPtr srv,
+ virNetServerClientPtr client)
+{
+ virObjectLock(srv);
+ virObjectLock(client);
+ virNetServerClientSetAuthLocked(client, VIR_NET_SERVER_SERVICE_AUTH_NONE);
+ virNetServerTrackCompletedAuthLocked(srv);
+ virNetServerCheckLimits(srv);
+ virObjectUnlock(client);
+ virObjectUnlock(srv);
+}
+
+
static void
virNetServerUpdateServicesLocked(virNetServerPtr srv,
bool enabled)
@@ -814,24 +837,6 @@ virNetServerTrackCompletedAuthLocked(virNetServerPtr srv)
return --srv->nclients_unauth;
}
-size_t virNetServerTrackPendingAuth(virNetServerPtr srv)
-{
- size_t ret;
- virObjectLock(srv);
- ret = virNetServerTrackPendingAuthLocked(srv);
- virObjectUnlock(srv);
- return ret;
-}
-
-size_t virNetServerTrackCompletedAuth(virNetServerPtr srv)
-{
- size_t ret;
- virObjectLock(srv);
- ret = virNetServerTrackCompletedAuthLocked(srv);
- virNetServerCheckLimits(srv);
- virObjectUnlock(srv);
- return ret;
-}
bool
virNetServerHasClients(virNetServerPtr srv)
diff --git a/src/rpc/virnetserver.h b/src/rpc/virnetserver.h
index 6a79d15370e5..7728a67f5fcb 100644
--- a/src/rpc/virnetserver.h
+++ b/src/rpc/virnetserver.h
@@ -73,13 +73,12 @@ int virNetServerSetTLSContext(virNetServerPtr srv,
virNetTLSContextPtr tls);
# endif
-size_t virNetServerTrackPendingAuth(virNetServerPtr srv);
-size_t virNetServerTrackCompletedAuth(virNetServerPtr srv);
int virNetServerAddClient(virNetServerPtr srv,
virNetServerClientPtr client);
bool virNetServerHasClients(virNetServerPtr srv);
void virNetServerProcessClients(virNetServerPtr srv);
+void virNetServerSetClientAuthenticated(virNetServerPtr srv, virNetServerClientPtr
client);
void virNetServerUpdateServices(virNetServerPtr srv, bool enabled);
diff --git a/src/rpc/virnetserverclient.c b/src/rpc/virnetserverclient.c
index dee94450dfa3..5ebc970e340d 100644
--- a/src/rpc/virnetserverclient.c
+++ b/src/rpc/virnetserverclient.c
@@ -639,13 +639,15 @@ int virNetServerClientGetAuth(virNetServerClientPtr client)
return auth;
}
-void virNetServerClientSetAuth(virNetServerClientPtr client, int auth)
+
+void
+virNetServerClientSetAuthLocked(virNetServerClientPtr client,
+ int auth)
{
- virObjectLock(client);
client->auth = auth;
- virObjectUnlock(client);
}
+
bool virNetServerClientGetReadonly(virNetServerClientPtr client)
{
bool readonly;
diff --git a/src/rpc/virnetserverclient.h b/src/rpc/virnetserverclient.h
index b7752a61fa8e..054bea4f2f10 100644
--- a/src/rpc/virnetserverclient.h
+++ b/src/rpc/virnetserverclient.h
@@ -79,7 +79,7 @@ void virNetServerClientRemoveFilter(virNetServerClientPtr client,
int filterID);
int virNetServerClientGetAuth(virNetServerClientPtr client);
-void virNetServerClientSetAuth(virNetServerClientPtr client, int auth);
+void virNetServerClientSetAuthLocked(virNetServerClientPtr client, int auth);
bool virNetServerClientGetReadonly(virNetServerClientPtr client);
void virNetServerClientSetReadonly(virNetServerClientPtr client, bool readonly);
unsigned long long virNetServerClientGetID(virNetServerClientPtr client);
--
2.13.4