[PATCH 13/14] qemuBlockGetBackingStoreString: Properly handle 'http/s' with cookies and others

Format cookies into the backing store string without encryption as they will not be visible on the command line when formatting a 'target' only string. In cases when cookies or other options are used we must use the JSON format rather than pure URI. Add tests to validate the scenario. Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- src/qemu/qemu_block.c | 12 ++++++++++- tests/qemublocktest.c | 2 ++ .../network-http-curlopts-srconly.json | 17 ++++++++++++++++ .../xml2json/network-http-curlopts.json | 15 ++++++++++++++ .../xml2json/network-http-curlopts.xml | 20 +++++++++++++++++++ .../xml2json/network-http-noopts-srconly.json | 9 +++++++++ .../xml2json/network-http-noopts.json | 14 +++++++++++++ .../xml2json/network-http-noopts.xml | 15 ++++++++++++++ 8 files changed, 103 insertions(+), 1 deletion(-) create mode 100644 tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json create mode 100644 tests/qemublocktestdata/xml2json/network-http-curlopts.json create mode 100644 tests/qemublocktestdata/xml2json/network-http-curlopts.xml create mode 100644 tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json create mode 100644 tests/qemublocktestdata/xml2json/network-http-noopts.json create mode 100644 tests/qemublocktestdata/xml2json/network-http-noopts.xml diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c index d9665ec4a0..648c3f1026 100644 --- a/src/qemu/qemu_block.c +++ b/src/qemu/qemu_block.c @@ -685,6 +685,7 @@ qemuBlockStorageSourceGetCURLProps(virStorageSourcePtr src, virJSONValuePtr ret = NULL; g_autoptr(virURI) uri = NULL; g_autofree char *uristr = NULL; + g_autofree char *cookiestr = NULL; /** * Common options: @@ -714,6 +715,9 @@ qemuBlockStorageSourceGetCURLProps(virStorageSourcePtr src, if (srcPriv && srcPriv->httpcookie) cookiealias = srcPriv->httpcookie->s.aes.alias; + } else { + /* format target string along with cookies */ + cookiestr = qemuBlockStorageSourceGetCookieString(src); } ignore_value(virJSONValueObjectCreate(&ret, @@ -721,6 +725,7 @@ qemuBlockStorageSourceGetCURLProps(virStorageSourcePtr src, "S:username", username, "S:password-secret", passwordalias, "T:sslverify", src->sslverify, + "S:cookie", cookiestr, "S:cookie-secret", cookiealias, "P:timeout", src->timeout, "P:readahead", src->readahead, @@ -2056,7 +2061,12 @@ qemuBlockGetBackingStoreString(virStorageSourcePtr src, /* generate simplified URIs for the easy cases */ if (actualType == VIR_STORAGE_TYPE_NETWORK && src->nhosts == 1 && - src->hosts->transport == VIR_STORAGE_NET_HOST_TRANS_TCP) { + src->hosts->transport == VIR_STORAGE_NET_HOST_TRANS_TCP && + src->timeout == 0 && + src->ncookies == 0 && + src->sslverify == VIR_TRISTATE_BOOL_ABSENT && + src->timeout == 0 && + src->readahead == 0) { switch ((virStorageNetProtocol) src->protocol) { case VIR_STORAGE_NET_PROTOCOL_NBD: diff --git a/tests/qemublocktest.c b/tests/qemublocktest.c index 709d94fd80..8640b72116 100644 --- a/tests/qemublocktest.c +++ b/tests/qemublocktest.c @@ -1212,6 +1212,8 @@ mymain(void) TEST_DISK_TO_JSON("network-qcow2-backing-chain-cache-unsafe"); TEST_DISK_TO_JSON("dir-fat-cache"); TEST_DISK_TO_JSON("network-nbd-tls"); + TEST_DISK_TO_JSON("network-http-noopts"); + TEST_DISK_TO_JSON("network-http-curlopts"); TEST_DISK_TO_JSON("block-raw-noopts"); TEST_DISK_TO_JSON("block-raw-reservations"); diff --git a/tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json b/tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json new file mode 100644 index 0000000000..f5645ac2a6 --- /dev/null +++ b/tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json @@ -0,0 +1,17 @@ +( + source only properties: + { + "driver": "https", + "url": "https://host1.example.com:443/something", + "sslverify": false, + "cookie": "test=123456; blurb=here" + } + backing store string: + json:{"file":{ + "driver": "https", + "url": "https://host1.example.com:443/something", + "sslverify": false, + "cookie": "test=123456; blurb=here" + } + } +) diff --git a/tests/qemublocktestdata/xml2json/network-http-curlopts.json b/tests/qemublocktestdata/xml2json/network-http-curlopts.json new file mode 100644 index 0000000000..08dfd1b300 --- /dev/null +++ b/tests/qemublocktestdata/xml2json/network-http-curlopts.json @@ -0,0 +1,15 @@ +{ + "node-name": "node-b-f", + "read-only": false, + "driver": "qcow2", + "file": "node-a-s", + "backing": null +} +{ + "driver": "https", + "url": "https://host1.example.com:443/something", + "sslverify": false, + "node-name": "node-a-s", + "auto-read-only": true, + "discard": "unmap" +} diff --git a/tests/qemublocktestdata/xml2json/network-http-curlopts.xml b/tests/qemublocktestdata/xml2json/network-http-curlopts.xml new file mode 100644 index 0000000000..a656247e2e --- /dev/null +++ b/tests/qemublocktestdata/xml2json/network-http-curlopts.xml @@ -0,0 +1,20 @@ +<disk type='network' device='disk'> + <driver name='qemu' type='qcow2'/> + <source protocol='https' name='/something'> + <host name='host1.example.com'/> + <ssl verify='no'/> + <cookies> + <cookie name='test'>123456</cookie> + <cookie name='blurb'>here</cookie> + </cookies> + <privateData> + <nodenames> + <nodename type='storage' name='node-a-s'/> + <nodename type='format' name='node-b-f'/> + </nodenames> + </privateData> + </source> + <backingStore/> + <target dev='vda' bus='virtio'/> + <alias name='virtio-disk0'/> +</disk> diff --git a/tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json b/tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json new file mode 100644 index 0000000000..1303623036 --- /dev/null +++ b/tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json @@ -0,0 +1,9 @@ +( + source only properties: + { + "driver": "https", + "url": "https://host1.example.com:443/something" + } + backing store string: + https://host1.example.com:443/something +) diff --git a/tests/qemublocktestdata/xml2json/network-http-noopts.json b/tests/qemublocktestdata/xml2json/network-http-noopts.json new file mode 100644 index 0000000000..d577858236 --- /dev/null +++ b/tests/qemublocktestdata/xml2json/network-http-noopts.json @@ -0,0 +1,14 @@ +{ + "node-name": "node-b-f", + "read-only": false, + "driver": "qcow2", + "file": "node-a-s", + "backing": null +} +{ + "driver": "https", + "url": "https://host1.example.com:443/something", + "node-name": "node-a-s", + "auto-read-only": true, + "discard": "unmap" +} diff --git a/tests/qemublocktestdata/xml2json/network-http-noopts.xml b/tests/qemublocktestdata/xml2json/network-http-noopts.xml new file mode 100644 index 0000000000..f09ff7ba67 --- /dev/null +++ b/tests/qemublocktestdata/xml2json/network-http-noopts.xml @@ -0,0 +1,15 @@ +<disk type='network' device='disk'> + <driver name='qemu' type='qcow2'/> + <source protocol='https' name='/something'> + <host name='host1.example.com'/> + <privateData> + <nodenames> + <nodename type='storage' name='node-a-s'/> + <nodename type='format' name='node-b-f'/> + </nodenames> + </privateData> + </source> + <backingStore/> + <target dev='vda' bus='virtio'/> + <alias name='virtio-disk0'/> +</disk> -- 2.24.1