9 a.m.
The function virSecretGetSecretString calls into secret driver and is
used from other hypervisors drivers and as such makes more sense in
util.
Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
po/POTFILES.in | 1 -
src/libvirt_private.syms | 5 +-
src/libxl/libxl_conf.c | 2 +-
src/qemu/qemu_domain.c | 2 +-
src/qemu/qemu_process.c | 2 +-
src/qemu/qemu_tpm.c | 2 +-
src/secret/Makefile.inc.am | 11 ---
src/secret/secret_util.c | 102 ---------------------
src/secret/secret_util.h | 33 -------
src/storage/storage_backend_iscsi.c | 2 +-
src/storage/storage_backend_iscsi_direct.c | 2 +-
src/storage/storage_backend_rbd.c | 2 +-
src/storage/storage_util.c | 2 +-
src/util/virsecret.c | 69 ++++++++++++++
src/util/virsecret.h | 8 ++
15 files changed, 86 insertions(+), 159 deletions(-)
delete mode 100644 src/secret/secret_util.c
delete mode 100644 src/secret/secret_util.h
diff --git a/po/POTFILES.in b/po/POTFILES.in
index faf173584e..e266871907 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -190,7 +190,6 @@
@SRCDIR(a)/src/rpc/virnetsshsession.c
@SRCDIR(a)/src/rpc/virnettlscontext.c
@SRCDIR(a)/src/secret/secret_driver.c
-@SRCDIR(a)/src/secret/secret_util.c
@SRCDIR(a)/src/security/security_apparmor.c
@SRCDIR(a)/src/security/security_dac.c
@SRCDIR(a)/src/security/security_driver.c
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 89ce6b4278..b63feb4054 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1448,10 +1448,6 @@ virLogManagerFree;
virLogManagerNew;
-# secret/secret_util.h
-virSecretGetSecretString;
-
-
# security/security_driver.h
virSecurityDriverLookup;
@@ -3001,6 +2997,7 @@ virSecurityLabelDefNew;
# util/virsecret.h
+virSecretGetSecretString;
virSecretLookupDefClear;
virSecretLookupDefCopy;
virSecretLookupFormatSecret;
diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c
index 2488bb9d32..e41e84e3e2 100644
--- a/src/libxl/libxl_conf.c
+++ b/src/libxl/libxl_conf.c
@@ -41,7 +41,7 @@
#include "libxl_conf.h"
#include "libxl_utils.h"
#include "virstoragefile.h"
-#include "secret_util.h"
+#include "virsecret.h"
#include "cpu/cpu.h"
#include "xen_common.h"
#include "xen_xl.h"
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index b1ac7c5aa2..ce0c5b78cd 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -56,7 +56,7 @@
#include "vircrypto.h"
#include "virrandom.h"
#include "virsystemd.h"
-#include "secret_util.h"
+#include "virsecret.h"
#include "logging/log_manager.h"
#include "locking/domain_lock.h"
#include "virdomainsnapshotobjlist.h"
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 420d1c9c93..1cac0dc886 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -83,7 +83,7 @@
#include "virnuma.h"
#include "virstring.h"
#include "virhostdev.h"
-#include "secret_util.h"
+#include "virsecret.h"
#include "configmake.h"
#include "nwfilter_conf.h"
#include "netdev_bandwidth_conf.h"
diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c
index 28800a100c..262e6c4f07 100644
--- a/src/qemu/qemu_tpm.c
+++ b/src/qemu/qemu_tpm.c
@@ -42,7 +42,7 @@
#include "configmake.h"
#include "qemu_tpm.h"
#include "virtpm.h"
-#include "secret_util.h"
+#include "virsecret.h"
#define VIR_FROM_THIS VIR_FROM_NONE
diff --git a/src/secret/Makefile.inc.am b/src/secret/Makefile.inc.am
index d332060e38..4f0956a7a4 100644
--- a/src/secret/Makefile.inc.am
+++ b/src/secret/Makefile.inc.am
@@ -5,11 +5,6 @@ SECRET_DRIVER_SOURCES = \
secret/secret_driver.c \
$(NULL)
-SECRET_UTIL_SOURCES = \
- secret/secret_util.h \
- secret/secret_util.c \
- $(NULL)
-
DRIVER_SOURCE_FILES += $(addprefix $(srcdir)/,$(SECRET_DRIVER_SOURCES))
STATEFUL_DRIVER_SOURCE_FILES += \
@@ -17,14 +12,8 @@ STATEFUL_DRIVER_SOURCE_FILES += \
EXTRA_DIST += \
$(SECRET_DRIVER_SOURCES) \
- $(SECRET_UTIL_SOURCES) \
$(NULL)
-noinst_LTLIBRARIES += libvirt_secret.la
-libvirt_la_BUILT_LIBADD += libvirt_secret.la
-libvirt_secret_la_CFLAGS = $(AM_CFLAGS)
-libvirt_secret_la_LDFLAGS = $(AM_LDFLAGS)
-libvirt_secret_la_SOURCES = $(SECRET_UTIL_SOURCES)
if WITH_SECRETS
mod_LTLIBRARIES += libvirt_driver_secret.la
diff --git a/src/secret/secret_util.c b/src/secret/secret_util.c
deleted file mode 100644
index 27e164a425..0000000000
--- a/src/secret/secret_util.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/*
- * secret_util.c: secret related utility functions
- *
- * Copyright (C) 2016 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library. If not, see
- * <http://www.gnu.org/licenses/>;.
- *
- */
-
-#include <config.h>
-
-#include "secret_util.h"
-#include "viralloc.h"
-#include "virerror.h"
-#include "virlog.h"
-#include "virobject.h"
-#include "viruuid.h"
-#include "datatypes.h"
-
-#define VIR_FROM_THIS VIR_FROM_SECRET
-
-VIR_LOG_INIT("secret.secret_util");
-
-
-/* virSecretGetSecretString:
- * @conn: Pointer to the connection driver to make secret driver call
- * @seclookupdef: Secret lookup def
- * @secretUsageType: Type of secret usage for usage lookup
- * @secret: returned secret as a sized stream of unsigned chars
- * @secret_size: Return size of the secret - either raw text or base64
- *
- * Lookup the secret for the usage type and return it as raw text.
- * It is up to the caller to encode the secret further.
- *
- * Returns 0 on success, -1 on failure. On success the memory in secret
- * needs to be cleared and free'd after usage.
- */
-int
-virSecretGetSecretString(virConnectPtr conn,
- virSecretLookupTypeDefPtr seclookupdef,
- virSecretUsageType secretUsageType,
- uint8_t **secret,
- size_t *secret_size)
-{
- virSecretPtr sec = NULL;
- int ret = -1;
-
- switch (seclookupdef->type) {
- case VIR_SECRET_LOOKUP_TYPE_UUID:
- sec = conn->secretDriver->secretLookupByUUID(conn,
seclookupdef->u.uuid);
- break;
-
- case VIR_SECRET_LOOKUP_TYPE_USAGE:
- sec = conn->secretDriver->secretLookupByUsage(conn, secretUsageType,
- seclookupdef->u.usage);
- break;
- }
-
- if (!sec)
- goto cleanup;
-
- /* NB: NONE is a byproduct of the qemuxml2argvtest test mocking
- * for UUID lookups. Normal secret XML processing would fail if
- * the usage type was NONE and since we have no way to set the
- * expected usage in that environment, let's just accept NONE */
- if (sec->usageType != VIR_SECRET_USAGE_TYPE_NONE &&
- sec->usageType != secretUsageType) {
- char uuidstr[VIR_UUID_STRING_BUFLEN];
-
- virUUIDFormat(seclookupdef->u.uuid, uuidstr);
- virReportError(VIR_ERR_INVALID_ARG,
- _("secret with uuid %s is of type '%s' not "
- "expected '%s' type"),
- uuidstr, virSecretUsageTypeToString(sec->usageType),
- virSecretUsageTypeToString(secretUsageType));
- goto cleanup;
- }
-
- *secret = conn->secretDriver->secretGetValue(sec, secret_size, 0,
- VIR_SECRET_GET_VALUE_INTERNAL_CALL);
-
- if (!*secret)
- goto cleanup;
-
- ret = 0;
-
- cleanup:
- virObjectUnref(sec);
- return ret;
-}
diff --git a/src/secret/secret_util.h b/src/secret/secret_util.h
deleted file mode 100644
index ff23df63b7..0000000000
--- a/src/secret/secret_util.h
+++ /dev/null
@@ -1,33 +0,0 @@
-/*
- * secret_util.h: secret related utility functions
- *
- * Copyright (C) 2016 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library. If not, see
- * <http://www.gnu.org/licenses/>;.
- *
- */
-
-#pragma once
-
-#include "internal.h"
-#include "virsecret.h"
-
-int virSecretGetSecretString(virConnectPtr conn,
- virSecretLookupTypeDefPtr seclookupdef,
- virSecretUsageType secretUsageType,
- uint8_t **ret_secret,
- size_t *ret_secret_size)
- ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(4)
- ATTRIBUTE_NONNULL(5) G_GNUC_WARN_UNUSED_RESULT;
diff --git a/src/storage/storage_backend_iscsi.c b/src/storage/storage_backend_iscsi.c
index ee39cbf88d..c02fbb5eaa 100644
--- a/src/storage/storage_backend_iscsi.c
+++ b/src/storage/storage_backend_iscsi.c
@@ -39,7 +39,7 @@
#include "virobject.h"
#include "virstring.h"
#include "viruuid.h"
-#include "secret_util.h"
+#include "virsecret.h"
#include "storage_util.h"
#define VIR_FROM_THIS VIR_FROM_STORAGE
diff --git a/src/storage/storage_backend_iscsi_direct.c
b/src/storage/storage_backend_iscsi_direct.c
index 3a5e2bb9f0..c37c671db6 100644
--- a/src/storage/storage_backend_iscsi_direct.c
+++ b/src/storage/storage_backend_iscsi_direct.c
@@ -24,7 +24,7 @@
#include <iscsi/scsi-lowlevel.h>
#include "datatypes.h"
-#include "secret_util.h"
+#include "virsecret.h"
#include "storage_backend_iscsi_direct.h"
#include "storage_util.h"
#include "viralloc.h"
diff --git a/src/storage/storage_backend_rbd.c b/src/storage/storage_backend_rbd.c
index 88e7a4b236..f0b7653736 100644
--- a/src/storage/storage_backend_rbd.c
+++ b/src/storage/storage_backend_rbd.c
@@ -33,7 +33,7 @@
#include "virrandom.h"
#include "rados/librados.h"
#include "rbd/librbd.h"
-#include "secret_util.h"
+#include "virsecret.h"
#include "storage_util.h"
#define VIR_FROM_THIS VIR_FROM_STORAGE
diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c
index ebc262278d..987d937b04 100644
--- a/src/storage/storage_util.c
+++ b/src/storage/storage_util.c
@@ -62,7 +62,7 @@
#include "viralloc.h"
#include "internal.h"
#include "secret_conf.h"
-#include "secret_util.h"
+#include "virsecret.h"
#include "vircrypto.h"
#include "viruuid.h"
#include "virstoragefile.h"
diff --git a/src/util/virsecret.c b/src/util/virsecret.c
index 174ce544c0..f44d964198 100644
--- a/src/util/virsecret.c
+++ b/src/util/virsecret.c
@@ -21,6 +21,7 @@
#include <config.h>
+#include "datatypes.h"
#include "viralloc.h"
#include "virerror.h"
#include "virlog.h"
@@ -125,3 +126,71 @@ virSecretLookupFormatSecret(virBufferPtr buf,
virBufferAddLit(buf, "/>\n");
}
}
+
+
+/* virSecretGetSecretString:
+ * @conn: Pointer to the connection driver to make secret driver call
+ * @seclookupdef: Secret lookup def
+ * @secretUsageType: Type of secret usage for usage lookup
+ * @secret: returned secret as a sized stream of unsigned chars
+ * @secret_size: Return size of the secret - either raw text or base64
+ *
+ * Lookup the secret for the usage type and return it as raw text.
+ * It is up to the caller to encode the secret further.
+ *
+ * Returns 0 on success, -1 on failure. On success the memory in secret
+ * needs to be cleared and free'd after usage.
+ */
+int
+virSecretGetSecretString(virConnectPtr conn,
+ virSecretLookupTypeDefPtr seclookupdef,
+ virSecretUsageType secretUsageType,
+ uint8_t **secret,
+ size_t *secret_size)
+{
+ virSecretPtr sec = NULL;
+ int ret = -1;
+
+ switch (seclookupdef->type) {
+ case VIR_SECRET_LOOKUP_TYPE_UUID:
+ sec = conn->secretDriver->secretLookupByUUID(conn,
seclookupdef->u.uuid);
+ break;
+
+ case VIR_SECRET_LOOKUP_TYPE_USAGE:
+ sec = conn->secretDriver->secretLookupByUsage(conn, secretUsageType,
+ seclookupdef->u.usage);
+ break;
+ }
+
+ if (!sec)
+ goto cleanup;
+
+ /* NB: NONE is a byproduct of the qemuxml2argvtest test mocking
+ * for UUID lookups. Normal secret XML processing would fail if
+ * the usage type was NONE and since we have no way to set the
+ * expected usage in that environment, let's just accept NONE */
+ if (sec->usageType != VIR_SECRET_USAGE_TYPE_NONE &&
+ sec->usageType != secretUsageType) {
+ char uuidstr[VIR_UUID_STRING_BUFLEN];
+
+ virUUIDFormat(seclookupdef->u.uuid, uuidstr);
+ virReportError(VIR_ERR_INVALID_ARG,
+ _("secret with uuid %s is of type '%s' not "
+ "expected '%s' type"),
+ uuidstr, virSecretUsageTypeToString(sec->usageType),
+ virSecretUsageTypeToString(secretUsageType));
+ goto cleanup;
+ }
+
+ *secret = conn->secretDriver->secretGetValue(sec, secret_size, 0,
+ VIR_SECRET_GET_VALUE_INTERNAL_CALL);
+
+ if (!*secret)
+ goto cleanup;
+
+ ret = 0;
+
+ cleanup:
+ virObjectUnref(sec);
+ return ret;
+}
diff --git a/src/util/virsecret.h b/src/util/virsecret.h
index 8bc8a24e0f..bf056cb3b2 100644
--- a/src/util/virsecret.h
+++ b/src/util/virsecret.h
@@ -56,3 +56,11 @@ int virSecretLookupParseSecret(xmlNodePtr secretnode,
void virSecretLookupFormatSecret(virBufferPtr buf,
const char *secrettype,
virSecretLookupTypeDefPtr def);
+
+int virSecretGetSecretString(virConnectPtr conn,
+ virSecretLookupTypeDefPtr seclookupdef,
+ virSecretUsageType secretUsageType,
+ uint8_t **ret_secret,
+ size_t *ret_secret_size)
+ ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(4)
+ ATTRIBUTE_NONNULL(5) G_GNUC_WARN_UNUSED_RESULT;
--
2.23.0