mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-03 05:17:54 +03:00
secret: util: Refactor virSecretGetSecretString
Call the internal driver callbacks rather than the public APIs to avoid calling unnecessarily the error dispatching code and don't overwrite the error messages provided by the APIs. They are good enough to describe which secret is missing either by UUID or the usage (basically name).
This commit is contained in:
parent
eb2116fd9a
commit
1d632c3924
@ -153,7 +153,6 @@ src/rpc/virnetsocket.c
|
|||||||
src/rpc/virnetsshsession.c
|
src/rpc/virnetsshsession.c
|
||||||
src/rpc/virnettlscontext.c
|
src/rpc/virnettlscontext.c
|
||||||
src/secret/secret_driver.c
|
src/secret/secret_driver.c
|
||||||
src/secret/secret_util.c
|
|
||||||
src/security/security_apparmor.c
|
src/security/security_apparmor.c
|
||||||
src/security/security_dac.c
|
src/security/security_dac.c
|
||||||
src/security/security_driver.c
|
src/security/security_driver.c
|
||||||
|
@ -1027,14 +1027,11 @@ libxlMakeNetworkDiskSrc(virStorageSourcePtr src, char **srcstr)
|
|||||||
|
|
||||||
*srcstr = NULL;
|
*srcstr = NULL;
|
||||||
if (src->auth && src->protocol == VIR_STORAGE_NET_PROTOCOL_RBD) {
|
if (src->auth && src->protocol == VIR_STORAGE_NET_PROTOCOL_RBD) {
|
||||||
const char *protocol = virStorageNetProtocolTypeToString(src->protocol);
|
|
||||||
|
|
||||||
username = src->auth->username;
|
username = src->auth->username;
|
||||||
if (!(conn = virConnectOpen("xen:///system")))
|
if (!(conn = virConnectOpen("xen:///system")))
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
|
|
||||||
if (!(secret = virSecretGetSecretString(conn,
|
if (!(secret = virSecretGetSecretString(conn,
|
||||||
protocol,
|
|
||||||
true,
|
true,
|
||||||
src->auth,
|
src->auth,
|
||||||
VIR_SECRET_USAGE_TYPE_CEPH)))
|
VIR_SECRET_USAGE_TYPE_CEPH)))
|
||||||
|
@ -872,7 +872,6 @@ qemuDomainSecretPlainSetup(virConnectPtr conn,
|
|||||||
{
|
{
|
||||||
bool encode = false;
|
bool encode = false;
|
||||||
int secretType = VIR_SECRET_USAGE_TYPE_ISCSI;
|
int secretType = VIR_SECRET_USAGE_TYPE_ISCSI;
|
||||||
const char *protocolstr = virStorageNetProtocolTypeToString(protocol);
|
|
||||||
|
|
||||||
secinfo->type = VIR_DOMAIN_SECRET_INFO_TYPE_PLAIN;
|
secinfo->type = VIR_DOMAIN_SECRET_INFO_TYPE_PLAIN;
|
||||||
if (VIR_STRDUP(secinfo->s.plain.username, authdef->username) < 0)
|
if (VIR_STRDUP(secinfo->s.plain.username, authdef->username) < 0)
|
||||||
@ -885,8 +884,7 @@ qemuDomainSecretPlainSetup(virConnectPtr conn,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!(secinfo->s.plain.secret =
|
if (!(secinfo->s.plain.secret =
|
||||||
virSecretGetSecretString(conn, protocolstr, encode,
|
virSecretGetSecretString(conn, encode, authdef, secretType)))
|
||||||
authdef, secretType)))
|
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -37,7 +37,6 @@ VIR_LOG_INIT("secret.secret_util");
|
|||||||
|
|
||||||
/* virSecretGetSecretString:
|
/* virSecretGetSecretString:
|
||||||
* @conn: Pointer to the connection driver to make secret driver call
|
* @conn: Pointer to the connection driver to make secret driver call
|
||||||
* @scheme: Unique enough string for error message to help determine cause
|
|
||||||
* @encoded: Whether the returned secret needs to be base64 encoded
|
* @encoded: Whether the returned secret needs to be base64 encoded
|
||||||
* @authdef: Pointer to the disk storage authentication
|
* @authdef: Pointer to the disk storage authentication
|
||||||
* @secretUsageType: Type of secret usage for authdef lookup
|
* @secretUsageType: Type of secret usage for authdef lookup
|
||||||
@ -50,7 +49,6 @@ VIR_LOG_INIT("secret.secret_util");
|
|||||||
*/
|
*/
|
||||||
char *
|
char *
|
||||||
virSecretGetSecretString(virConnectPtr conn,
|
virSecretGetSecretString(virConnectPtr conn,
|
||||||
const char *scheme,
|
|
||||||
bool encoded,
|
bool encoded,
|
||||||
virStorageAuthDefPtr authdef,
|
virStorageAuthDefPtr authdef,
|
||||||
virSecretUsageType secretUsageType)
|
virSecretUsageType secretUsageType)
|
||||||
@ -58,49 +56,26 @@ virSecretGetSecretString(virConnectPtr conn,
|
|||||||
size_t secret_size;
|
size_t secret_size;
|
||||||
virSecretPtr sec = NULL;
|
virSecretPtr sec = NULL;
|
||||||
char *secret = NULL;
|
char *secret = NULL;
|
||||||
char uuidStr[VIR_UUID_STRING_BUFLEN];
|
|
||||||
|
|
||||||
/* look up secret */
|
|
||||||
switch (authdef->secretType) {
|
switch (authdef->secretType) {
|
||||||
case VIR_STORAGE_SECRET_TYPE_UUID:
|
case VIR_STORAGE_SECRET_TYPE_UUID:
|
||||||
sec = virSecretLookupByUUID(conn, authdef->secret.uuid);
|
sec = conn->secretDriver->secretLookupByUUID(conn, authdef->secret.uuid);
|
||||||
virUUIDFormat(authdef->secret.uuid, uuidStr);
|
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case VIR_STORAGE_SECRET_TYPE_USAGE:
|
case VIR_STORAGE_SECRET_TYPE_USAGE:
|
||||||
sec = virSecretLookupByUsage(conn, secretUsageType,
|
sec = conn->secretDriver->secretLookupByUsage(conn, secretUsageType,
|
||||||
authdef->secret.usage);
|
authdef->secret.usage);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!sec) {
|
if (!sec)
|
||||||
if (authdef->secretType == VIR_STORAGE_SECRET_TYPE_UUID) {
|
|
||||||
virReportError(VIR_ERR_NO_SECRET,
|
|
||||||
_("%s no secret matches uuid '%s'"),
|
|
||||||
scheme, uuidStr);
|
|
||||||
} else {
|
|
||||||
virReportError(VIR_ERR_NO_SECRET,
|
|
||||||
_("%s no secret matches usage value '%s'"),
|
|
||||||
scheme, authdef->secret.usage);
|
|
||||||
}
|
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
|
||||||
|
|
||||||
secret = (char *)conn->secretDriver->secretGetValue(sec, &secret_size, 0,
|
secret = (char *)conn->secretDriver->secretGetValue(sec, &secret_size, 0,
|
||||||
VIR_SECRET_GET_VALUE_INTERNAL_CALL);
|
VIR_SECRET_GET_VALUE_INTERNAL_CALL);
|
||||||
if (!secret) {
|
|
||||||
if (authdef->secretType == VIR_STORAGE_SECRET_TYPE_UUID) {
|
if (!secret)
|
||||||
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
||||||
_("could not get value of the secret for "
|
|
||||||
"username '%s' using uuid '%s'"),
|
|
||||||
authdef->username, uuidStr);
|
|
||||||
} else {
|
|
||||||
virReportError(VIR_ERR_INTERNAL_ERROR,
|
|
||||||
_("could not get value of the secret for "
|
|
||||||
"username '%s' using usage value '%s'"),
|
|
||||||
authdef->username, authdef->secret.usage);
|
|
||||||
}
|
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
|
||||||
|
|
||||||
if (encoded) {
|
if (encoded) {
|
||||||
char *base64 = NULL;
|
char *base64 = NULL;
|
||||||
|
@ -26,10 +26,8 @@
|
|||||||
# include "virstoragefile.h"
|
# include "virstoragefile.h"
|
||||||
|
|
||||||
char *virSecretGetSecretString(virConnectPtr conn,
|
char *virSecretGetSecretString(virConnectPtr conn,
|
||||||
const char *scheme,
|
|
||||||
bool encoded,
|
bool encoded,
|
||||||
virStorageAuthDefPtr authdef,
|
virStorageAuthDefPtr authdef,
|
||||||
virSecretUsageType secretUsageType)
|
virSecretUsageType secretUsageType)
|
||||||
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(4)
|
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(3) ATTRIBUTE_RETURN_CHECK;
|
||||||
ATTRIBUTE_RETURN_CHECK;
|
|
||||||
#endif /* __VIR_SECRET_H__ */
|
#endif /* __VIR_SECRET_H__ */
|
||||||
|
Loading…
Reference in New Issue
Block a user