We need to validate the XML against schema if option '--validate' was passed to the virsh command. This patch also includes propagation of flags into the virNWFilterBindingDefParse(). Signed-off-by: Kristina Hanicova <khanicov(a)redhat.com&gt; --- src/conf/virnwfilterbindingdef.c | 14 +++++++++----- src/conf/virnwfilterbindingdef.h | 3 ++- src/nwfilter/nwfilter_driver.c | 2 +- 3 files changed, 12 insertions(+), 7 deletions(-) diff --git a/src/conf/virnwfilterbindingdef.c b/src/conf/virnwfilterbindingdef.c index 5f671030bb..488fdbceab 100644 --- a/src/conf/virnwfilterbindingdef.c +++ b/src/conf/virnwfilterbindingdef.c @@ -178,12 +178,15 @@ virNWFilterBindingDefParseNode(xmlDocPtr xml, static virNWFilterBindingDef * virNWFilterBindingDefParse(const char *xmlStr, - const char *filename) + const char *filename, + unsigned int flags) { virNWFilterBindingDef *def = NULL; g_autoptr(xmlDoc) xml = NULL; - if ((xml = virXMLParse(filename, xmlStr, _("(nwfilterbinding_definition)"), NULL, false))) { + if ((xml = virXMLParse(filename, xmlStr, _("(nwfilterbinding_definition)"), + "nwfilterbinding.rng", + flags & VIR_NWFILTER_BINDING_CREATE_VALIDATE))) { def = virNWFilterBindingDefParseNode(xml, xmlDocGetRootElement(xml)); } @@ -192,16 +195,17 @@ virNWFilterBindingDefParse(const char *xmlStr, virNWFilterBindingDef * -virNWFilterBindingDefParseString(const char *xmlStr) +virNWFilterBindingDefParseString(const char *xmlStr, + unsigned int flags) { - return virNWFilterBindingDefParse(xmlStr, NULL); + return virNWFilterBindingDefParse(xmlStr, NULL, flags); } virNWFilterBindingDef * virNWFilterBindingDefParseFile(const char *filename) { - return virNWFilterBindingDefParse(NULL, filename); + return virNWFilterBindingDefParse(NULL, filename, 0); } diff --git a/src/conf/virnwfilterbindingdef.h b/src/conf/virnwfilterbindingdef.h index 68d531b75d..4bf0f252f8 100644 --- a/src/conf/virnwfilterbindingdef.h +++ b/src/conf/virnwfilterbindingdef.h @@ -51,7 +51,8 @@ virNWFilterBindingDefParseNode(xmlDocPtr xml, xmlNodePtr root); virNWFilterBindingDef * -virNWFilterBindingDefParseString(const char *xml); +virNWFilterBindingDefParseString(const char *xml, + unsigned int flags); virNWFilterBindingDef * virNWFilterBindingDefParseFile(const char *filename); diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c index 2712baa73f..1d4567855e 100644 --- a/src/nwfilter/nwfilter_driver.c +++ b/src/nwfilter/nwfilter_driver.c @@ -745,7 +745,7 @@ nwfilterBindingCreateXML(virConnectPtr conn, return NULL; } - def = virNWFilterBindingDefParseString(xml); + def = virNWFilterBindingDefParseString(xml, 0); if (!def) return NULL; -- 2.31.1

Signed-off-by: Kristina Hanicova <khanicov(a)redhat.com&gt; --- docs/manpages/virsh.rst | 5 ++++- tools/virsh-nwfilter.c | 10 +++++++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst index 2204bed3bb..15ac75d487 100644 --- a/docs/manpages/virsh.rst +++ b/docs/manpages/virsh.rst @@ -7586,7 +7586,7 @@ nwfilter-binding-create :: - nwfilter-binding-create xmlfile + nwfilter-binding-create xmlfile [--validate] Associate a network port with a network filter. The network filter backend will immediately attempt to instantiate the filter rules on the port. This @@ -7597,6 +7597,9 @@ command to define a filter for a network port and then starting the guest afterwards may prevent the guest from starting if it attempts to use the network port and finds a filter already defined. +Optionally, the format of the input XML file can be validated against an +internal RNG schema with *--validate*. + nwfilter-binding-delete ----------------------- diff --git a/tools/virsh-nwfilter.c b/tools/virsh-nwfilter.c index e062aa1649..77f211d031 100644 --- a/tools/virsh-nwfilter.c +++ b/tools/virsh-nwfilter.c @@ -503,6 +503,10 @@ static const vshCmdInfo info_nwfilter_binding_create[] = { static const vshCmdOptDef opts_nwfilter_binding_create[] = { VIRSH_COMMON_OPT_FILE(N_("file containing an XML network " "filter binding description")), + {.name = "validate", + .type = VSH_OT_BOOL, + .help = N_("validate the XML against the schema") + }, {.name = NULL} }; @@ -513,15 +517,19 @@ cmdNWFilterBindingCreate(vshControl *ctl, const vshCmd *cmd) const char *from = NULL; bool ret = true; char *buffer; + unsigned int flags = 0; virshControl *priv = ctl->privData; if (vshCommandOptStringReq(ctl, cmd, "file", &from) < 0) return false; + if (vshCommandOptBool(cmd, "validate")) + flags |= VIR_NWFILTER_BINDING_CREATE_VALIDATE; + if (virFileReadAll(from, VSH_MAX_XML_FILE, &buffer) < 0) return false; - binding = virNWFilterBindingCreateXML(priv->conn, buffer, 0); + binding = virNWFilterBindingCreateXML(priv->conn, buffer, flags); VIR_FREE(buffer); if (binding != NULL) { -- 2.31.1