diff --git a/TODO b/TODO index 9653518..c9c02af 100644 --- a/TODO +++ b/TODO @@ -11,12 +11,13 @@ High Priority / Blockers for v1.0; fence who (for example, "vm1 vm2 vm3" can all fence each other, while none may fence "vm4 vm5 vm6" since they are in a different cluster). +* libvirt-qpid security model: mirror what is done in libvirt-qpid + for authentication. + Future Stuff: * oVirt backend -* libvirt-qpid backend - * libccs configuration plugin * clean up development bits so third parties can develop plugins diff --git a/server/Makefile.in b/server/Makefile.in index 73ce175..cef46f7 100644 --- a/server/Makefile.in +++ b/server/Makefile.in @@ -39,6 +39,7 @@ MODULE_PATH=${libdir}/${PACKAGE_NAME} fence_virtd_SOURCES = main.c plugin.c libvirt_so_SOURCES = libvirt.c null_so_SOURCES = null.c +libvirt_qpid_so_SOURCES = uuid-test.c libvirt_qpid_cxx_so_SOURCES = libvirt-qpid.cpp multicast_so_SOURCES = mcast.c history.c checkpoint_so_SOURCES = virt.c vm_states.c history.c checkpoint.c cpg.c @@ -90,6 +91,7 @@ fence_virtd_SOURCES+=${checkpoint_so_SOURCES} LIBS+=$(AIS_LIBS) $(COROSYNC_LIBS) $(CMAN_LIBS) endif ifneq ($(mod_libvirt_qpid),no) +fence_virtd_SOURCES+=${libvirt_qpid_so_SOURCES} fence_virtd_cxx_SOURCES+=${libvirt_qpid_cxx_so_SOURCES} LIBS+=$(VIRT_QPID) endif @@ -116,7 +118,7 @@ multicast.so: ${multicast_so_SOURCES:.c=.o} libvirt.so: ${libvirt_so_SOURCES:.c=.o} $(CC) -o $@ $^ $(LIBS) -shared $(VIRT_LIBS) -libvirt-qpid.so: ${libvirt_qpid_cxx_so_SOURCES:.cpp=.opp} +libvirt-qpid.so: ${libvirt_qpid_so_SOURCES:.c=.o} ${libvirt_qpid_cxx_so_SOURCES:.cpp=.opp} $(CXX) -o $@ $^ $(LIBS) -shared $(VIRT_QPID) null.so: ${null_so_SOURCES:.c=.o} diff --git a/server/libvirt-qpid.cpp b/server/libvirt-qpid.cpp index 986877d..565d6f6 100644 --- a/server/libvirt-qpid.cpp +++ b/server/libvirt-qpid.cpp @@ -27,6 +27,7 @@ #include #include #include +#include "uuid-test.h" #include @@ -45,7 +46,6 @@ struct lq_info { int pad; char *host; uint16_t port; - }; #define VALIDATE(arg) \ @@ -65,8 +65,13 @@ do_lq_request(const char *vm_name, const char *action) SessionManager::NameVector names; Object::Vector domains; Object *domain = NULL; + const char *property = "name"; unsigned i, tries = 0, found = 0; + if (is_uuid(vm_name) == 1) { + property = "uuid"; + } + cs.host = "127.0.0.1"; cs.port = 5672; @@ -105,7 +110,7 @@ do_lq_request(const char *vm_name, const char *action) c = domains[i].getSchema(); #endif - if (strcmp(domains[i].attrString("name").c_str(), + if (strcmp(domains[i].attrString(property).c_str(), vm_name)) { continue; } @@ -134,7 +139,7 @@ do_lq_request(const char *vm_name, const char *action) Object::AttributeMap attrs; MethodResponse result; - std::cout << domain->attrString("name") << " " + std::cout << domain->attrString(property) << " " << domain->attrString("state") << std::endl; domain->invokeMethod(action, attrs, result); diff --git a/server/uuid-test.c b/server/uuid-test.c new file mode 100644 index 0000000..a3ef99c --- /dev/null +++ b/server/uuid-test.c @@ -0,0 +1,60 @@ +#include +#include +#include + +int +is_uuid(const char *value) +{ + uuid_t id; + char test_value[37]; + + if (strlen(value) < 36) { + return 0; + } + + if (uuid_is_null(id) < 0) { + errno = EINVAL; + return -1; + } + + if (uuid_parse(value, id) < 0) { + return 0; + } + + memset(test_value, 0, sizeof(test_value)); + uuid_unparse(id, test_value); + + if (strcasecmp(value, test_value)) { + return 0; + } + + return 1; +} + +#ifdef STANDALONE +#include + +int +main(int argc, char **argv) +{ + int ret; + + if (argc < 2) { + printf("Usage: uuidtest \n"); + return 1; + } + + ret = is_uuid(argv[1]); + if (ret == 0) { + printf("%s is NOT a uuid\n", argv[1]); + } else if (ret == 1) { + printf("%s is a uuid\n", argv[1]); + } else { + printf("Error: %s\n", strerror(errno)); + return 1; + } + + return 0; +} + +#endif diff --git a/server/uuid-test.h b/server/uuid-test.h new file mode 100644 index 0000000..20d794d --- /dev/null +++ b/server/uuid-test.h @@ -0,0 +1,14 @@ +#ifndef __UIID_TEST_H +#define __UUID_TEST_H + +#ifdef __cplusplus +extern "C" { +#endif + +int is_uuid(const char *value); + +#ifdef __cplusplus +} +#endif + +#endif