Re: [libvirt] [PATCH] util: Create virsecret module adding virSecretGetSecretString

Commit id 'fb2bd208' essentially copied the qemuGetSecretString creating an libxlGetSecretString. Rather than have multiple copies of the same code, create virsecret.{c,h} files and place the common function in there. Usage is from both qemu_command.c and libxl_conf.c Signed-off-by: John Ferlan <jferlan(a)redhat.com&gt; --- Not for 1.3.3, but I may as well get it "out there" now... po/POTFILES.in | 1 + src/Makefile.am | 1 + src/libvirt_private.syms | 3 ++ src/libxl/libxl_conf.c | 82 +++----------------------------- src/qemu/qemu_command.c | 87 ++++------------------------------ src/util/virsecret.c | 120 +++++++++++++++++++++++++++++++++++++++++++++++ src/util/virsecret.h | 35 ++++++++++++++ 7 files changed, 174 insertions(+), 155 deletions(-) create mode 100644 src/util/virsecret.c create mode 100644 src/util/virsecret.h

diff --git a/src/util/virsecret.c b/src/util/virsecret.c new file mode 100644 index 0000000..07c052a --- /dev/null +++ b/src/util/virsecret.c @@ -0,0 +1,120 @@ +/* + * virsecret.c: secret related utility functions + * + * Copyright (C) 2016 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>;. + * + */ + +#include <config.h> + +#include "virsecret.h" +#include "viralloc.h" +#include "virerror.h" +#include "virlog.h" +#include "virobject.h" +#include "viruuid.h"

+#include "base64.h" +#include "datatypes.h" +

+#define VIR_FROM_THIS VIR_FROM_SECRET + +VIR_LOG_INIT("util.secret"); + + +/* virSecretGetSecretString: + * @conn: Pointer to the connection driver to make secret driver call + * @scheme: Unique enough string for error message to help determine cause + * @encoded: Whether the returned secret needs to be base64 encoded + * @authdef: Pointer to the disk storage authentication + * @secretUsageType: Type of secret usage for authdef lookup + * + * Lookup the secret for the authdef usage type and return it either as + * raw text or encoded based on the caller's need. + * + * Returns a pointer to memory that needs to be cleared and free'd after + * usage or NULL on error. + */ +char * +virSecretGetSecretString(virConnectPtr conn, + const char *scheme, + bool encoded, + virStorageAuthDefPtr authdef, + virSecretUsageType secretUsageType) +{ + size_t secret_size; + virSecretPtr sec = NULL; + char *secret = NULL; + char uuidStr[VIR_UUID_STRING_BUFLEN]; + + /* look up secret */ + switch (authdef->secretType) { + case VIR_STORAGE_SECRET_TYPE_UUID: + sec = virSecretLookupByUUID(conn, authdef->secret.uuid); + virUUIDFormat(authdef->secret.uuid, uuidStr); + break; + case VIR_STORAGE_SECRET_TYPE_USAGE: + sec = virSecretLookupByUsage(conn, secretUsageType, + authdef->secret.usage); + break; + } + + if (!sec) { + if (authdef->secretType == VIR_STORAGE_SECRET_TYPE_UUID) { + virReportError(VIR_ERR_NO_SECRET, + _("%s no secret matches uuid '%s'"), + scheme, uuidStr); + } else { + virReportError(VIR_ERR_NO_SECRET, + _("%s no secret matches usage value '%s'"), + scheme, authdef->secret.usage); + } + goto cleanup; + } + + secret = (char *)conn->secretDriver->secretGetValue(sec, &secret_size, 0, + VIR_SECRET_GET_VALUE_INTERNAL_CALL);

+ if (!secret) { + if (authdef->secretType == VIR_STORAGE_SECRET_TYPE_UUID) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("could not get value of the secret for " + "username '%s' using uuid '%s'"), + authdef->username, uuidStr); + } else { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("could not get value of the secret for " + "username '%s' using usage value '%s'"), + authdef->username, authdef->secret.usage); + } + goto cleanup; + } + + if (encoded) { + char *base64 = NULL; + + base64_encode_alloc(secret, secret_size, &base64); + VIR_FREE(secret); + if (!base64) { + virReportOOMError(); + goto cleanup; + } + secret = base64; + } + + cleanup: + virObjectUnref(sec); + return secret; +} diff --git a/src/util/virsecret.h b/src/util/virsecret.h new file mode 100644 index 0000000..8ef0629 --- /dev/null +++ b/src/util/virsecret.h @@ -0,0 +1,35 @@ +/* + * virsecret.h: secret related utility functions + * + * Copyright (C) 2016 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * <http://www.gnu.org/licenses/>;. + * + */ + +#ifndef __VIR_SECRET_H__ +# define __VIR_SECRET_H__ + +# include "internal.h" +# include "virstoragefile.h" + +char *virSecretGetSecretString(virConnectPtr conn, + const char *scheme, + bool encoded, + virStorageAuthDefPtr authdef, + virSecretUsageType secretUsageType) + ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3)