mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-22 17:34:18 +03:00
Fix misc mingw portability problems
This commit is contained in:
parent
83467de3ed
commit
37e72aa542
14
ChangeLog
14
ChangeLog
@ -1,3 +1,17 @@
|
|||||||
|
Tue Jan 6 17:52:22 GMT 2009 Daniel P. Berrange <berrange@redhat.com>
|
||||||
|
|
||||||
|
Misc windows / mingw portability fixes
|
||||||
|
* src/logging.c: Add include of unistd.h for close() prototype
|
||||||
|
* src/logging.h: Add a VIR_ prefix on logging macros to
|
||||||
|
avoid clash with Windows.h symbols for ERROR()
|
||||||
|
* tests/nodeinfotest.c: Annotate unused attribute
|
||||||
|
* src/test.c: Annotate unused attributes when missing
|
||||||
|
pthreads
|
||||||
|
* qemud/remote.c, qemud/qemud.c: Use VIR_ prefix on
|
||||||
|
logging macro calls
|
||||||
|
* qemud/remote_protocol.c, qemud/rpcgen_fix.pl: Add cast
|
||||||
|
to workaround odd portablexdr XDR_INLINE return type
|
||||||
|
|
||||||
Tue Jan 6 18:44:34 CET 2009 Guido Günther <agx@sigxcpu.org>
|
Tue Jan 6 18:44:34 CET 2009 Guido Günther <agx@sigxcpu.org>
|
||||||
|
|
||||||
add virKillProcess
|
add virKillProcess
|
||||||
|
206
qemud/qemud.c
206
qemud/qemud.c
@ -171,7 +171,7 @@ remoteCheckCertFile(const char *type, const char *file)
|
|||||||
{
|
{
|
||||||
struct stat sb;
|
struct stat sb;
|
||||||
if (stat(file, &sb) < 0) {
|
if (stat(file, &sb) < 0) {
|
||||||
ERROR(_("Cannot access %s '%s': %s (%d)"),
|
VIR_ERROR(_("Cannot access %s '%s': %s (%d)"),
|
||||||
type, file, strerror(errno), errno);
|
type, file, strerror(errno), errno);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -188,7 +188,7 @@ remoteInitializeGnuTLS (void)
|
|||||||
|
|
||||||
err = gnutls_certificate_allocate_credentials (&x509_cred);
|
err = gnutls_certificate_allocate_credentials (&x509_cred);
|
||||||
if (err) {
|
if (err) {
|
||||||
ERROR(_("gnutls_certificate_allocate_credentials: %s"),
|
VIR_ERROR(_("gnutls_certificate_allocate_credentials: %s"),
|
||||||
gnutls_strerror (err));
|
gnutls_strerror (err));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -201,7 +201,7 @@ remoteInitializeGnuTLS (void)
|
|||||||
err = gnutls_certificate_set_x509_trust_file (x509_cred, ca_file,
|
err = gnutls_certificate_set_x509_trust_file (x509_cred, ca_file,
|
||||||
GNUTLS_X509_FMT_PEM);
|
GNUTLS_X509_FMT_PEM);
|
||||||
if (err < 0) {
|
if (err < 0) {
|
||||||
ERROR(_("gnutls_certificate_set_x509_trust_file: %s"),
|
VIR_ERROR(_("gnutls_certificate_set_x509_trust_file: %s"),
|
||||||
gnutls_strerror (err));
|
gnutls_strerror (err));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -215,7 +215,7 @@ remoteInitializeGnuTLS (void)
|
|||||||
err = gnutls_certificate_set_x509_crl_file (x509_cred, crl_file,
|
err = gnutls_certificate_set_x509_crl_file (x509_cred, crl_file,
|
||||||
GNUTLS_X509_FMT_PEM);
|
GNUTLS_X509_FMT_PEM);
|
||||||
if (err < 0) {
|
if (err < 0) {
|
||||||
ERROR(_("gnutls_certificate_set_x509_crl_file: %s"),
|
VIR_ERROR(_("gnutls_certificate_set_x509_crl_file: %s"),
|
||||||
gnutls_strerror (err));
|
gnutls_strerror (err));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -232,7 +232,7 @@ remoteInitializeGnuTLS (void)
|
|||||||
cert_file, key_file,
|
cert_file, key_file,
|
||||||
GNUTLS_X509_FMT_PEM);
|
GNUTLS_X509_FMT_PEM);
|
||||||
if (err < 0) {
|
if (err < 0) {
|
||||||
ERROR(_("gnutls_certificate_set_x509_key_file: %s"),
|
VIR_ERROR(_("gnutls_certificate_set_x509_key_file: %s"),
|
||||||
gnutls_strerror (err));
|
gnutls_strerror (err));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -245,12 +245,12 @@ remoteInitializeGnuTLS (void)
|
|||||||
*/
|
*/
|
||||||
err = gnutls_dh_params_init (&dh_params);
|
err = gnutls_dh_params_init (&dh_params);
|
||||||
if (err < 0) {
|
if (err < 0) {
|
||||||
ERROR(_("gnutls_dh_params_init: %s"), gnutls_strerror (err));
|
VIR_ERROR(_("gnutls_dh_params_init: %s"), gnutls_strerror (err));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
err = gnutls_dh_params_generate2 (dh_params, DH_BITS);
|
err = gnutls_dh_params_generate2 (dh_params, DH_BITS);
|
||||||
if (err < 0) {
|
if (err < 0) {
|
||||||
ERROR(_("gnutls_dh_params_generate2: %s"), gnutls_strerror (err));
|
VIR_ERROR(_("gnutls_dh_params_generate2: %s"), gnutls_strerror (err));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -271,7 +271,7 @@ qemudDispatchSignalEvent(int watch ATTRIBUTE_UNUSED,
|
|||||||
pthread_mutex_lock(&server->lock);
|
pthread_mutex_lock(&server->lock);
|
||||||
|
|
||||||
if (saferead(server->sigread, &siginfo, sizeof(siginfo)) != sizeof(siginfo)) {
|
if (saferead(server->sigread, &siginfo, sizeof(siginfo)) != sizeof(siginfo)) {
|
||||||
ERROR(_("Failed to read from signal pipe: %s"), strerror(errno));
|
VIR_ERROR(_("Failed to read from signal pipe: %s"), strerror(errno));
|
||||||
pthread_mutex_unlock(&server->lock);
|
pthread_mutex_unlock(&server->lock);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@ -280,20 +280,20 @@ qemudDispatchSignalEvent(int watch ATTRIBUTE_UNUSED,
|
|||||||
|
|
||||||
switch (siginfo.si_signo) {
|
switch (siginfo.si_signo) {
|
||||||
case SIGHUP:
|
case SIGHUP:
|
||||||
INFO0(_("Reloading configuration on SIGHUP"));
|
VIR_INFO0(_("Reloading configuration on SIGHUP"));
|
||||||
if (virStateReload() < 0)
|
if (virStateReload() < 0)
|
||||||
WARN0(_("Error while reloading drivers"));
|
VIR_WARN0(_("Error while reloading drivers"));
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case SIGINT:
|
case SIGINT:
|
||||||
case SIGQUIT:
|
case SIGQUIT:
|
||||||
case SIGTERM:
|
case SIGTERM:
|
||||||
WARN(_("Shutting down on signal %d"), siginfo.si_signo);
|
VIR_WARN(_("Shutting down on signal %d"), siginfo.si_signo);
|
||||||
server->shutdown = 1;
|
server->shutdown = 1;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
INFO(_("Received unexpected signal %d"), siginfo.si_signo);
|
VIR_INFO(_("Received unexpected signal %d"), siginfo.si_signo);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -312,7 +312,7 @@ int qemudSetCloseExec(int fd) {
|
|||||||
goto error;
|
goto error;
|
||||||
return 0;
|
return 0;
|
||||||
error:
|
error:
|
||||||
ERROR0(_("Failed to set close-on-exec file descriptor flag"));
|
VIR_ERROR0(_("Failed to set close-on-exec file descriptor flag"));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -326,7 +326,7 @@ int qemudSetNonBlock(int fd) {
|
|||||||
goto error;
|
goto error;
|
||||||
return 0;
|
return 0;
|
||||||
error:
|
error:
|
||||||
ERROR0(_("Failed to set non-blocking file descriptor flag"));
|
VIR_ERROR0(_("Failed to set non-blocking file descriptor flag"));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -404,28 +404,28 @@ static int qemudWritePidFile(const char *pidFile) {
|
|||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
if ((fd = open(pidFile, O_WRONLY|O_CREAT|O_EXCL, 0644)) < 0) {
|
if ((fd = open(pidFile, O_WRONLY|O_CREAT|O_EXCL, 0644)) < 0) {
|
||||||
ERROR(_("Failed to open pid file '%s' : %s"),
|
VIR_ERROR(_("Failed to open pid file '%s' : %s"),
|
||||||
pidFile, strerror(errno));
|
pidFile, strerror(errno));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(fh = fdopen(fd, "w"))) {
|
if (!(fh = fdopen(fd, "w"))) {
|
||||||
ERROR(_("Failed to fdopen pid file '%s' : %s"),
|
VIR_ERROR(_("Failed to fdopen pid file '%s' : %s"),
|
||||||
pidFile, strerror(errno));
|
pidFile, strerror(errno));
|
||||||
close(fd);
|
close(fd);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (fprintf(fh, "%lu\n", (unsigned long)getpid()) < 0) {
|
if (fprintf(fh, "%lu\n", (unsigned long)getpid()) < 0) {
|
||||||
ERROR(_("Failed to write to pid file '%s' : %s"),
|
VIR_ERROR(_("Failed to write to pid file '%s' : %s"),
|
||||||
pidFile, strerror(errno));
|
pidFile, strerror(errno));
|
||||||
close(fd);
|
close(fd);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (fclose(fh) == EOF) {
|
if (fclose(fh) == EOF) {
|
||||||
ERROR(_("Failed to close pid file '%s' : %s"),
|
VIR_ERROR(_("Failed to close pid file '%s' : %s"),
|
||||||
pidFile, strerror(errno));
|
pidFile, strerror(errno));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -440,7 +440,7 @@ static int qemudListenUnix(struct qemud_server *server,
|
|||||||
gid_t oldgrp;
|
gid_t oldgrp;
|
||||||
|
|
||||||
if (VIR_ALLOC(sock) < 0) {
|
if (VIR_ALLOC(sock) < 0) {
|
||||||
ERROR("%s", _("Failed to allocate memory for struct qemud_socket"));
|
VIR_ERROR("%s", _("Failed to allocate memory for struct qemud_socket"));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -450,8 +450,8 @@ static int qemudListenUnix(struct qemud_server *server,
|
|||||||
sock->auth = auth;
|
sock->auth = auth;
|
||||||
|
|
||||||
if ((sock->fd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) {
|
if ((sock->fd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) {
|
||||||
ERROR(_("Failed to create socket: %s"),
|
VIR_ERROR(_("Failed to create socket: %s"),
|
||||||
strerror(errno));
|
strerror(errno));
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -472,8 +472,8 @@ static int qemudListenUnix(struct qemud_server *server,
|
|||||||
setgid(unix_sock_gid);
|
setgid(unix_sock_gid);
|
||||||
|
|
||||||
if (bind(sock->fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
|
if (bind(sock->fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
|
||||||
ERROR(_("Failed to bind socket to '%s': %s"),
|
VIR_ERROR(_("Failed to bind socket to '%s': %s"),
|
||||||
path, strerror(errno));
|
path, strerror(errno));
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
umask(oldmask);
|
umask(oldmask);
|
||||||
@ -481,8 +481,8 @@ static int qemudListenUnix(struct qemud_server *server,
|
|||||||
setgid(oldgrp);
|
setgid(oldgrp);
|
||||||
|
|
||||||
if (listen(sock->fd, 30) < 0) {
|
if (listen(sock->fd, 30) < 0) {
|
||||||
ERROR(_("Failed to listen for connections on '%s': %s"),
|
VIR_ERROR(_("Failed to listen for connections on '%s': %s"),
|
||||||
path, strerror(errno));
|
path, strerror(errno));
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -492,7 +492,7 @@ static int qemudListenUnix(struct qemud_server *server,
|
|||||||
VIR_EVENT_HANDLE_HANGUP,
|
VIR_EVENT_HANDLE_HANGUP,
|
||||||
qemudDispatchServerEvent,
|
qemudDispatchServerEvent,
|
||||||
server, NULL)) < 0) {
|
server, NULL)) < 0) {
|
||||||
ERROR0(_("Failed to add server event callback"));
|
VIR_ERROR0(_("Failed to add server event callback"));
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -521,7 +521,7 @@ remoteMakeSockets (int *fds, int max_fds, int *nfds_r, const char *node, const c
|
|||||||
|
|
||||||
int e = getaddrinfo (node, service, &hints, &ai);
|
int e = getaddrinfo (node, service, &hints, &ai);
|
||||||
if (e != 0) {
|
if (e != 0) {
|
||||||
ERROR(_("getaddrinfo: %s\n"), gai_strerror (e));
|
VIR_ERROR(_("getaddrinfo: %s\n"), gai_strerror (e));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -530,7 +530,7 @@ remoteMakeSockets (int *fds, int max_fds, int *nfds_r, const char *node, const c
|
|||||||
fds[*nfds_r] = socket (runp->ai_family, runp->ai_socktype,
|
fds[*nfds_r] = socket (runp->ai_family, runp->ai_socktype,
|
||||||
runp->ai_protocol);
|
runp->ai_protocol);
|
||||||
if (fds[*nfds_r] == -1) {
|
if (fds[*nfds_r] == -1) {
|
||||||
ERROR(_("socket: %s"), strerror (errno));
|
VIR_ERROR(_("socket: %s"), strerror (errno));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -539,14 +539,14 @@ remoteMakeSockets (int *fds, int max_fds, int *nfds_r, const char *node, const c
|
|||||||
|
|
||||||
if (bind (fds[*nfds_r], runp->ai_addr, runp->ai_addrlen) == -1) {
|
if (bind (fds[*nfds_r], runp->ai_addr, runp->ai_addrlen) == -1) {
|
||||||
if (errno != EADDRINUSE) {
|
if (errno != EADDRINUSE) {
|
||||||
ERROR(_("bind: %s"), strerror (errno));
|
VIR_ERROR(_("bind: %s"), strerror (errno));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
close (fds[*nfds_r]);
|
close (fds[*nfds_r]);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if (listen (fds[*nfds_r], SOMAXCONN) == -1) {
|
if (listen (fds[*nfds_r], SOMAXCONN) == -1) {
|
||||||
ERROR(_("listen: %s"), strerror (errno));
|
VIR_ERROR(_("listen: %s"), strerror (errno));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
++*nfds_r;
|
++*nfds_r;
|
||||||
@ -581,7 +581,7 @@ remoteListenTCP (struct qemud_server *server,
|
|||||||
socklen_t salen = sizeof(sa);
|
socklen_t salen = sizeof(sa);
|
||||||
|
|
||||||
if (VIR_ALLOC(sock) < 0) {
|
if (VIR_ALLOC(sock) < 0) {
|
||||||
ERROR(_("remoteListenTCP: calloc: %s"), strerror (errno));
|
VIR_ERROR(_("remoteListenTCP: calloc: %s"), strerror (errno));
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -611,7 +611,7 @@ remoteListenTCP (struct qemud_server *server,
|
|||||||
goto cleanup;
|
goto cleanup;
|
||||||
|
|
||||||
if (listen (sock->fd, 30) < 0) {
|
if (listen (sock->fd, 30) < 0) {
|
||||||
ERROR(_("remoteListenTCP: listen: %s"), strerror (errno));
|
VIR_ERROR(_("remoteListenTCP: listen: %s"), strerror (errno));
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -621,7 +621,7 @@ remoteListenTCP (struct qemud_server *server,
|
|||||||
VIR_EVENT_HANDLE_HANGUP,
|
VIR_EVENT_HANDLE_HANGUP,
|
||||||
qemudDispatchServerEvent,
|
qemudDispatchServerEvent,
|
||||||
server, NULL)) < 0) {
|
server, NULL)) < 0) {
|
||||||
ERROR0(_("Failed to add server event callback"));
|
VIR_ERROR0(_("Failed to add server event callback"));
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -660,7 +660,7 @@ static int qemudInitPaths(struct qemud_server *server,
|
|||||||
struct passwd *pw;
|
struct passwd *pw;
|
||||||
|
|
||||||
if (!(pw = getpwuid(uid))) {
|
if (!(pw = getpwuid(uid))) {
|
||||||
ERROR(_("Failed to find user record for uid '%d': %s"),
|
VIR_ERROR(_("Failed to find user record for uid '%d': %s"),
|
||||||
uid, strerror(errno));
|
uid, strerror(errno));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -676,7 +676,7 @@ static int qemudInitPaths(struct qemud_server *server,
|
|||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
snprintf_error:
|
snprintf_error:
|
||||||
ERROR("%s", _("Resulting path too long for buffer in qemudInitPaths()"));
|
VIR_ERROR("%s", _("Resulting path too long for buffer in qemudInitPaths()"));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -684,7 +684,7 @@ static struct qemud_server *qemudInitialize(int sigread) {
|
|||||||
struct qemud_server *server;
|
struct qemud_server *server;
|
||||||
|
|
||||||
if (VIR_ALLOC(server) < 0) {
|
if (VIR_ALLOC(server) < 0) {
|
||||||
ERROR0(_("Failed to allocate struct qemud_server"));
|
VIR_ERROR0(_("Failed to allocate struct qemud_server"));
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -696,7 +696,7 @@ static struct qemud_server *qemudInitialize(int sigread) {
|
|||||||
server->sigread = sigread;
|
server->sigread = sigread;
|
||||||
|
|
||||||
if (virEventInit() < 0) {
|
if (virEventInit() < 0) {
|
||||||
ERROR0(_("Failed to initialize event system"));
|
VIR_ERROR0(_("Failed to initialize event system"));
|
||||||
VIR_FREE(server);
|
VIR_FREE(server);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -781,8 +781,8 @@ static struct qemud_server *qemudNetworkInit(struct qemud_server *server) {
|
|||||||
auth_tcp == REMOTE_AUTH_SASL ||
|
auth_tcp == REMOTE_AUTH_SASL ||
|
||||||
auth_tls == REMOTE_AUTH_SASL) {
|
auth_tls == REMOTE_AUTH_SASL) {
|
||||||
if ((err = sasl_server_init(NULL, "libvirt")) != SASL_OK) {
|
if ((err = sasl_server_init(NULL, "libvirt")) != SASL_OK) {
|
||||||
ERROR(_("Failed to initialize SASL authentication %s"),
|
VIR_ERROR(_("Failed to initialize SASL authentication %s"),
|
||||||
sasl_errstring(err, NULL, NULL));
|
sasl_errstring(err, NULL, NULL));
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -795,8 +795,8 @@ static struct qemud_server *qemudNetworkInit(struct qemud_server *server) {
|
|||||||
dbus_error_init(&derr);
|
dbus_error_init(&derr);
|
||||||
server->sysbus = dbus_bus_get(DBUS_BUS_SYSTEM, &derr);
|
server->sysbus = dbus_bus_get(DBUS_BUS_SYSTEM, &derr);
|
||||||
if (!(server->sysbus)) {
|
if (!(server->sysbus)) {
|
||||||
ERROR(_("Failed to connect to system bus for PolicyKit auth: %s"),
|
VIR_ERROR(_("Failed to connect to system bus for PolicyKit auth: %s"),
|
||||||
derr.message);
|
derr.message);
|
||||||
dbus_error_free(&derr);
|
dbus_error_free(&derr);
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
@ -906,7 +906,7 @@ remoteInitializeTLSSession (void)
|
|||||||
return session;
|
return session;
|
||||||
|
|
||||||
failed:
|
failed:
|
||||||
ERROR(_("remoteInitializeTLSSession: %s"),
|
VIR_ERROR(_("remoteInitializeTLSSession: %s"),
|
||||||
gnutls_strerror (err));
|
gnutls_strerror (err));
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -922,7 +922,7 @@ remoteCheckDN (gnutls_x509_crt_t cert)
|
|||||||
|
|
||||||
err = gnutls_x509_crt_get_dn (cert, name, &namesize);
|
err = gnutls_x509_crt_get_dn (cert, name, &namesize);
|
||||||
if (err != 0) {
|
if (err != 0) {
|
||||||
ERROR(_("remoteCheckDN: gnutls_x509_cert_get_dn: %s"),
|
VIR_ERROR(_("remoteCheckDN: gnutls_x509_cert_get_dn: %s"),
|
||||||
gnutls_strerror (err));
|
gnutls_strerror (err));
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -954,40 +954,40 @@ remoteCheckCertificate (gnutls_session_t session)
|
|||||||
time_t now;
|
time_t now;
|
||||||
|
|
||||||
if ((ret = gnutls_certificate_verify_peers2 (session, &status)) < 0){
|
if ((ret = gnutls_certificate_verify_peers2 (session, &status)) < 0){
|
||||||
ERROR(_("remoteCheckCertificate: verify failed: %s"),
|
VIR_ERROR(_("remoteCheckCertificate: verify failed: %s"),
|
||||||
gnutls_strerror (ret));
|
gnutls_strerror (ret));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (status != 0) {
|
if (status != 0) {
|
||||||
if (status & GNUTLS_CERT_INVALID)
|
if (status & GNUTLS_CERT_INVALID)
|
||||||
ERROR0(_("remoteCheckCertificate: "
|
VIR_ERROR0(_("remoteCheckCertificate: "
|
||||||
"the client certificate is not trusted."));
|
"the client certificate is not trusted."));
|
||||||
|
|
||||||
if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
|
if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
|
||||||
ERROR0(_("remoteCheckCertificate: the client "
|
VIR_ERROR0(_("remoteCheckCertificate: the client "
|
||||||
"certificate has unknown issuer."));
|
"certificate has unknown issuer."));
|
||||||
|
|
||||||
if (status & GNUTLS_CERT_REVOKED)
|
if (status & GNUTLS_CERT_REVOKED)
|
||||||
ERROR0(_("remoteCheckCertificate: "
|
VIR_ERROR0(_("remoteCheckCertificate: "
|
||||||
"the client certificate has been revoked."));
|
"the client certificate has been revoked."));
|
||||||
|
|
||||||
#ifndef GNUTLS_1_0_COMPAT
|
#ifndef GNUTLS_1_0_COMPAT
|
||||||
if (status & GNUTLS_CERT_INSECURE_ALGORITHM)
|
if (status & GNUTLS_CERT_INSECURE_ALGORITHM)
|
||||||
ERROR0(_("remoteCheckCertificate: the client certificate"
|
VIR_ERROR0(_("remoteCheckCertificate: the client certificate"
|
||||||
" uses an insecure algorithm."));
|
" uses an insecure algorithm."));
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (gnutls_certificate_type_get (session) != GNUTLS_CRT_X509) {
|
if (gnutls_certificate_type_get (session) != GNUTLS_CRT_X509) {
|
||||||
ERROR0(_("remoteCheckCertificate: certificate is not X.509"));
|
VIR_ERROR0(_("remoteCheckCertificate: certificate is not X.509"));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(certs = gnutls_certificate_get_peers(session, &nCerts))) {
|
if (!(certs = gnutls_certificate_get_peers(session, &nCerts))) {
|
||||||
ERROR0(_("remoteCheckCertificate: no peers"));
|
VIR_ERROR0(_("remoteCheckCertificate: no peers"));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -997,7 +997,7 @@ remoteCheckCertificate (gnutls_session_t session)
|
|||||||
gnutls_x509_crt_t cert;
|
gnutls_x509_crt_t cert;
|
||||||
|
|
||||||
if (gnutls_x509_crt_init (&cert) < 0) {
|
if (gnutls_x509_crt_init (&cert) < 0) {
|
||||||
ERROR0(_("remoteCheckCertificate: gnutls_x509_crt_init failed"));
|
VIR_ERROR0(_("remoteCheckCertificate: gnutls_x509_crt_init failed"));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1007,15 +1007,15 @@ remoteCheckCertificate (gnutls_session_t session)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (gnutls_x509_crt_get_expiration_time (cert) < now) {
|
if (gnutls_x509_crt_get_expiration_time (cert) < now) {
|
||||||
ERROR0(_("remoteCheckCertificate: "
|
VIR_ERROR0(_("remoteCheckCertificate: "
|
||||||
"the client certificate has expired"));
|
"the client certificate has expired"));
|
||||||
gnutls_x509_crt_deinit (cert);
|
gnutls_x509_crt_deinit (cert);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (gnutls_x509_crt_get_activation_time (cert) > now) {
|
if (gnutls_x509_crt_get_activation_time (cert) > now) {
|
||||||
ERROR0(_("remoteCheckCertificate: the client "
|
VIR_ERROR0(_("remoteCheckCertificate: the client "
|
||||||
"certificate is not yet activated"));
|
"certificate is not yet activated"));
|
||||||
gnutls_x509_crt_deinit (cert);
|
gnutls_x509_crt_deinit (cert);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -1023,7 +1023,7 @@ remoteCheckCertificate (gnutls_session_t session)
|
|||||||
if (i == 0) {
|
if (i == 0) {
|
||||||
if (!remoteCheckDN (cert)) {
|
if (!remoteCheckDN (cert)) {
|
||||||
/* This is the most common error: make it informative. */
|
/* This is the most common error: make it informative. */
|
||||||
ERROR0(_("remoteCheckCertificate: client's Distinguished Name is not on the list of allowed clients (tls_allowed_dn_list). Use 'openssl x509 -in clientcert.pem -text' to view the Distinguished Name field in the client certificate, or run this daemon with --verbose option."));
|
VIR_ERROR0(_("remoteCheckCertificate: client's Distinguished Name is not on the list of allowed clients (tls_allowed_dn_list). Use 'openssl x509 -in clientcert.pem -text' to view the Distinguished Name field in the client certificate, or run this daemon with --verbose option."));
|
||||||
gnutls_x509_crt_deinit (cert);
|
gnutls_x509_crt_deinit (cert);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -1039,11 +1039,11 @@ remoteCheckAccess (struct qemud_client *client)
|
|||||||
{
|
{
|
||||||
/* Verify client certificate. */
|
/* Verify client certificate. */
|
||||||
if (remoteCheckCertificate (client->tlssession) == -1) {
|
if (remoteCheckCertificate (client->tlssession) == -1) {
|
||||||
ERROR0(_("remoteCheckCertificate: "
|
VIR_ERROR0(_("remoteCheckCertificate: "
|
||||||
"failed to verify client's certificate"));
|
"failed to verify client's certificate"));
|
||||||
if (!tls_no_verify_certificate) return -1;
|
if (!tls_no_verify_certificate) return -1;
|
||||||
else INFO0(_("remoteCheckCertificate: tls_no_verify_certificate "
|
else VIR_INFO0(_("remoteCheckCertificate: tls_no_verify_certificate "
|
||||||
"is set so the bad certificate is ignored"));
|
"is set so the bad certificate is ignored"));
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Checks have succeeded. Write a '\1' byte back to the client to
|
/* Checks have succeeded. Write a '\1' byte back to the client to
|
||||||
@ -1064,8 +1064,8 @@ int qemudGetSocketIdentity(int fd, uid_t *uid, pid_t *pid) {
|
|||||||
unsigned int cr_len = sizeof (cr);
|
unsigned int cr_len = sizeof (cr);
|
||||||
|
|
||||||
if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) < 0) {
|
if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) < 0) {
|
||||||
ERROR(_("Failed to verify client credentials: %s"),
|
VIR_ERROR(_("Failed to verify client credentials: %s"),
|
||||||
strerror(errno));
|
strerror(errno));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1089,18 +1089,18 @@ static int qemudDispatchServer(struct qemud_server *server, struct qemud_socket
|
|||||||
if ((fd = accept(sock->fd, (struct sockaddr *)&addr, &addrlen)) < 0) {
|
if ((fd = accept(sock->fd, (struct sockaddr *)&addr, &addrlen)) < 0) {
|
||||||
if (errno == EAGAIN)
|
if (errno == EAGAIN)
|
||||||
return 0;
|
return 0;
|
||||||
ERROR(_("Failed to accept connection: %s"), strerror(errno));
|
VIR_ERROR(_("Failed to accept connection: %s"), strerror(errno));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (server->nclients >= max_clients) {
|
if (server->nclients >= max_clients) {
|
||||||
ERROR0(_("Too many active clients, dropping connection"));
|
VIR_ERROR0(_("Too many active clients, dropping connection"));
|
||||||
close(fd);
|
close(fd);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (VIR_REALLOC_N(server->clients, server->nclients+1) < 0) {
|
if (VIR_REALLOC_N(server->clients, server->nclients+1) < 0) {
|
||||||
ERROR0(_("Out of memory allocating clients"));
|
VIR_ERROR0(_("Out of memory allocating clients"));
|
||||||
close(fd);
|
close(fd);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -1143,7 +1143,7 @@ static int qemudDispatchServer(struct qemud_server *server, struct qemud_socket
|
|||||||
|
|
||||||
/* Client is running as root, so disable auth */
|
/* Client is running as root, so disable auth */
|
||||||
if (uid == 0) {
|
if (uid == 0) {
|
||||||
INFO(_("Turn off polkit auth for privileged client %d"), pid);
|
VIR_INFO(_("Turn off polkit auth for privileged client %d"), pid);
|
||||||
client->auth = REMOTE_AUTH_NONE;
|
client->auth = REMOTE_AUTH_NONE;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1182,7 +1182,7 @@ static int qemudDispatchServer(struct qemud_server *server, struct qemud_socket
|
|||||||
if (qemudRegisterClientEvent (server, client, 0) < 0)
|
if (qemudRegisterClientEvent (server, client, 0) < 0)
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
} else {
|
} else {
|
||||||
ERROR(_("TLS handshake failed: %s"),
|
VIR_ERROR(_("TLS handshake failed: %s"),
|
||||||
gnutls_strerror (ret));
|
gnutls_strerror (ret));
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
@ -1288,7 +1288,7 @@ static int qemudClientReadBuf(struct qemud_server *server,
|
|||||||
if ((ret = read (client->fd, data, len)) <= 0) {
|
if ((ret = read (client->fd, data, len)) <= 0) {
|
||||||
if (ret == 0 || errno != EAGAIN) {
|
if (ret == 0 || errno != EAGAIN) {
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
ERROR(_("read: %s"), strerror (errno));
|
VIR_ERROR(_("read: %s"), strerror (errno));
|
||||||
qemudDispatchClientFailure(server, client);
|
qemudDispatchClientFailure(server, client);
|
||||||
}
|
}
|
||||||
return -1;
|
return -1;
|
||||||
@ -1301,7 +1301,7 @@ static int qemudClientReadBuf(struct qemud_server *server,
|
|||||||
if (ret == 0 || (ret != GNUTLS_E_AGAIN &&
|
if (ret == 0 || (ret != GNUTLS_E_AGAIN &&
|
||||||
ret != GNUTLS_E_INTERRUPTED)) {
|
ret != GNUTLS_E_INTERRUPTED)) {
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
ERROR(_("gnutls_record_recv: %s"),
|
VIR_ERROR(_("gnutls_record_recv: %s"),
|
||||||
gnutls_strerror (ret));
|
gnutls_strerror (ret));
|
||||||
qemudDispatchClientFailure (server, client);
|
qemudDispatchClientFailure (server, client);
|
||||||
}
|
}
|
||||||
@ -1461,7 +1461,7 @@ static void qemudDispatchClientRead(struct qemud_server *server, struct qemud_cl
|
|||||||
else if (qemudRegisterClientEvent (server, client, 1) < 0)
|
else if (qemudRegisterClientEvent (server, client, 1) < 0)
|
||||||
qemudDispatchClientFailure (server, client);
|
qemudDispatchClientFailure (server, client);
|
||||||
} else if (ret != GNUTLS_E_AGAIN && ret != GNUTLS_E_INTERRUPTED) {
|
} else if (ret != GNUTLS_E_AGAIN && ret != GNUTLS_E_INTERRUPTED) {
|
||||||
ERROR(_("TLS handshake failed: %s"),
|
VIR_ERROR(_("TLS handshake failed: %s"),
|
||||||
gnutls_strerror (ret));
|
gnutls_strerror (ret));
|
||||||
qemudDispatchClientFailure (server, client);
|
qemudDispatchClientFailure (server, client);
|
||||||
} else {
|
} else {
|
||||||
@ -1485,7 +1485,7 @@ static int qemudClientWriteBuf(struct qemud_server *server,
|
|||||||
int ret;
|
int ret;
|
||||||
if (!client->tlssession) {
|
if (!client->tlssession) {
|
||||||
if ((ret = safewrite(client->fd, data, len)) == -1) {
|
if ((ret = safewrite(client->fd, data, len)) == -1) {
|
||||||
ERROR(_("write: %s"), strerror (errno));
|
VIR_ERROR(_("write: %s"), strerror (errno));
|
||||||
qemudDispatchClientFailure(server, client);
|
qemudDispatchClientFailure(server, client);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -1495,7 +1495,7 @@ static int qemudClientWriteBuf(struct qemud_server *server,
|
|||||||
qemudDispatchClientFailure (server, client);
|
qemudDispatchClientFailure (server, client);
|
||||||
else if (ret < 0) {
|
else if (ret < 0) {
|
||||||
if (ret != GNUTLS_E_INTERRUPTED && ret != GNUTLS_E_AGAIN) {
|
if (ret != GNUTLS_E_INTERRUPTED && ret != GNUTLS_E_AGAIN) {
|
||||||
ERROR(_("gnutls_record_send: %s"), gnutls_strerror (ret));
|
VIR_ERROR(_("gnutls_record_send: %s"), gnutls_strerror (ret));
|
||||||
qemudDispatchClientFailure (server, client);
|
qemudDispatchClientFailure (server, client);
|
||||||
}
|
}
|
||||||
return -1;
|
return -1;
|
||||||
@ -1604,7 +1604,7 @@ qemudDispatchClientWrite(struct qemud_server *server,
|
|||||||
else if (qemudRegisterClientEvent (server, client, 1))
|
else if (qemudRegisterClientEvent (server, client, 1))
|
||||||
qemudDispatchClientFailure (server, client);
|
qemudDispatchClientFailure (server, client);
|
||||||
} else if (ret != GNUTLS_E_AGAIN && ret != GNUTLS_E_INTERRUPTED) {
|
} else if (ret != GNUTLS_E_AGAIN && ret != GNUTLS_E_INTERRUPTED) {
|
||||||
ERROR(_("TLS handshake failed: %s"), gnutls_strerror (ret));
|
VIR_ERROR(_("TLS handshake failed: %s"), gnutls_strerror (ret));
|
||||||
qemudDispatchClientFailure (server, client);
|
qemudDispatchClientFailure (server, client);
|
||||||
} else {
|
} else {
|
||||||
if (qemudRegisterClientEvent (server, client, 1))
|
if (qemudRegisterClientEvent (server, client, 1))
|
||||||
@ -1731,7 +1731,7 @@ static int qemudOneLoop(void) {
|
|||||||
errors = sig_errors;
|
errors = sig_errors;
|
||||||
if (errors) {
|
if (errors) {
|
||||||
sig_errors -= errors;
|
sig_errors -= errors;
|
||||||
ERROR(_("Signal handler reported %d errors: last error: %s"),
|
VIR_ERROR(_("Signal handler reported %d errors: last error: %s"),
|
||||||
errors, strerror (sig_lasterrno));
|
errors, strerror (sig_lasterrno));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -1756,7 +1756,7 @@ static int qemudRunLoop(struct qemud_server *server) {
|
|||||||
|
|
||||||
server->nworkers = min_workers;
|
server->nworkers = min_workers;
|
||||||
if (VIR_ALLOC_N(server->workers, server->nworkers) < 0) {
|
if (VIR_ALLOC_N(server->workers, server->nworkers) < 0) {
|
||||||
ERROR0(_("Failed to allocate workers"));
|
VIR_ERROR0(_("Failed to allocate workers"));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1882,13 +1882,13 @@ remoteConfigGetStringList(virConfPtr conf, const char *key, char ***list_arg,
|
|||||||
switch (p->type) {
|
switch (p->type) {
|
||||||
case VIR_CONF_STRING:
|
case VIR_CONF_STRING:
|
||||||
if (VIR_ALLOC_N(list, 2) < 0) {
|
if (VIR_ALLOC_N(list, 2) < 0) {
|
||||||
ERROR(_("failed to allocate memory for %s config list"), key);
|
VIR_ERROR(_("failed to allocate memory for %s config list"), key);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
list[0] = strdup (p->str);
|
list[0] = strdup (p->str);
|
||||||
list[1] = NULL;
|
list[1] = NULL;
|
||||||
if (list[0] == NULL) {
|
if (list[0] == NULL) {
|
||||||
ERROR(_("failed to allocate memory for %s config list value"),
|
VIR_ERROR(_("failed to allocate memory for %s config list value"),
|
||||||
key);
|
key);
|
||||||
VIR_FREE(list);
|
VIR_FREE(list);
|
||||||
return -1;
|
return -1;
|
||||||
@ -1901,13 +1901,13 @@ remoteConfigGetStringList(virConfPtr conf, const char *key, char ***list_arg,
|
|||||||
for (pp = p->list; pp; pp = pp->next)
|
for (pp = p->list; pp; pp = pp->next)
|
||||||
len++;
|
len++;
|
||||||
if (VIR_ALLOC_N(list, 1+len) < 0) {
|
if (VIR_ALLOC_N(list, 1+len) < 0) {
|
||||||
ERROR(_("failed to allocate memory for %s config list"), key);
|
VIR_ERROR(_("failed to allocate memory for %s config list"), key);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
for (i = 0, pp = p->list; pp; ++i, pp = pp->next) {
|
for (i = 0, pp = p->list; pp; ++i, pp = pp->next) {
|
||||||
if (pp->type != VIR_CONF_STRING) {
|
if (pp->type != VIR_CONF_STRING) {
|
||||||
ERROR(_("remoteReadConfigFile: %s: %s:"
|
VIR_ERROR(_("remoteReadConfigFile: %s: %s:"
|
||||||
" must be a string or list of strings\n"),
|
" must be a string or list of strings\n"),
|
||||||
filename, key);
|
filename, key);
|
||||||
VIR_FREE(list);
|
VIR_FREE(list);
|
||||||
return -1;
|
return -1;
|
||||||
@ -1918,8 +1918,8 @@ remoteConfigGetStringList(virConfPtr conf, const char *key, char ***list_arg,
|
|||||||
for (j = 0 ; j < i ; j++)
|
for (j = 0 ; j < i ; j++)
|
||||||
VIR_FREE(list[j]);
|
VIR_FREE(list[j]);
|
||||||
VIR_FREE(list);
|
VIR_FREE(list);
|
||||||
ERROR(_("failed to allocate memory for %s config list value"),
|
VIR_ERROR(_("failed to allocate memory for %s config list value"),
|
||||||
key);
|
key);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1929,8 +1929,8 @@ remoteConfigGetStringList(virConfPtr conf, const char *key, char ***list_arg,
|
|||||||
}
|
}
|
||||||
|
|
||||||
default:
|
default:
|
||||||
ERROR(_("remoteReadConfigFile: %s: %s:"
|
VIR_ERROR(_("remoteReadConfigFile: %s: %s:"
|
||||||
" must be a string or list of strings\n"),
|
" must be a string or list of strings\n"),
|
||||||
filename, key);
|
filename, key);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -1945,7 +1945,7 @@ checkType (virConfValuePtr p, const char *filename,
|
|||||||
const char *key, virConfType required_type)
|
const char *key, virConfType required_type)
|
||||||
{
|
{
|
||||||
if (p->type != required_type) {
|
if (p->type != required_type) {
|
||||||
ERROR(_("remoteReadConfigFile: %s: %s: invalid type:"
|
VIR_ERROR(_("remoteReadConfigFile: %s: %s: invalid type:"
|
||||||
" got %s; expected %s\n"), filename, key,
|
" got %s; expected %s\n"), filename, key,
|
||||||
virConfTypeName (p->type),
|
virConfTypeName (p->type),
|
||||||
virConfTypeName (required_type));
|
virConfTypeName (required_type));
|
||||||
@ -1966,7 +1966,7 @@ checkType (virConfValuePtr p, const char *filename,
|
|||||||
goto free_and_fail; \
|
goto free_and_fail; \
|
||||||
(var_name) = strdup (p->str); \
|
(var_name) = strdup (p->str); \
|
||||||
if ((var_name) == NULL) { \
|
if ((var_name) == NULL) { \
|
||||||
ERROR(_("remoteReadConfigFile: %s\n"),strerror (errno));\
|
VIR_ERROR(_("remoteReadConfigFile: %s\n"),strerror (errno)); \
|
||||||
goto free_and_fail; \
|
goto free_and_fail; \
|
||||||
} \
|
} \
|
||||||
} \
|
} \
|
||||||
@ -2008,7 +2008,7 @@ static int remoteConfigGetAuth(virConfPtr conf, const char *key, int *auth, cons
|
|||||||
*auth = REMOTE_AUTH_POLKIT;
|
*auth = REMOTE_AUTH_POLKIT;
|
||||||
#endif
|
#endif
|
||||||
} else {
|
} else {
|
||||||
ERROR(_("remoteReadConfigFile: %s: %s: unsupported auth %s\n"),
|
VIR_ERROR(_("remoteReadConfigFile: %s: %s: unsupported auth %s\n"),
|
||||||
filename, key, p->str);
|
filename, key, p->str);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -2155,11 +2155,11 @@ remoteReadConfigFile (struct qemud_server *server, const char *filename)
|
|||||||
GET_CONF_STR (conf, filename, unix_sock_group);
|
GET_CONF_STR (conf, filename, unix_sock_group);
|
||||||
if (unix_sock_group) {
|
if (unix_sock_group) {
|
||||||
if (getuid() != 0) {
|
if (getuid() != 0) {
|
||||||
WARN0(_("Cannot set group when not running as root"));
|
VIR_WARN0(_("Cannot set group when not running as root"));
|
||||||
} else {
|
} else {
|
||||||
struct group *grp = getgrnam(unix_sock_group);
|
struct group *grp = getgrnam(unix_sock_group);
|
||||||
if (!grp) {
|
if (!grp) {
|
||||||
ERROR(_("Failed to lookup group '%s'"), unix_sock_group);
|
VIR_ERROR(_("Failed to lookup group '%s'"), unix_sock_group);
|
||||||
goto free_and_fail;
|
goto free_and_fail;
|
||||||
}
|
}
|
||||||
unix_sock_gid = grp->gr_gid;
|
unix_sock_gid = grp->gr_gid;
|
||||||
@ -2171,7 +2171,7 @@ remoteReadConfigFile (struct qemud_server *server, const char *filename)
|
|||||||
GET_CONF_STR (conf, filename, unix_sock_ro_perms);
|
GET_CONF_STR (conf, filename, unix_sock_ro_perms);
|
||||||
if (unix_sock_ro_perms) {
|
if (unix_sock_ro_perms) {
|
||||||
if (virStrToLong_i (unix_sock_ro_perms, NULL, 8, &unix_sock_ro_mask) != 0) {
|
if (virStrToLong_i (unix_sock_ro_perms, NULL, 8, &unix_sock_ro_mask) != 0) {
|
||||||
ERROR(_("Failed to parse mode '%s'"), unix_sock_ro_perms);
|
VIR_ERROR(_("Failed to parse mode '%s'"), unix_sock_ro_perms);
|
||||||
goto free_and_fail;
|
goto free_and_fail;
|
||||||
}
|
}
|
||||||
free (unix_sock_ro_perms);
|
free (unix_sock_ro_perms);
|
||||||
@ -2181,7 +2181,7 @@ remoteReadConfigFile (struct qemud_server *server, const char *filename)
|
|||||||
GET_CONF_STR (conf, filename, unix_sock_rw_perms);
|
GET_CONF_STR (conf, filename, unix_sock_rw_perms);
|
||||||
if (unix_sock_rw_perms) {
|
if (unix_sock_rw_perms) {
|
||||||
if (virStrToLong_i (unix_sock_rw_perms, NULL, 8, &unix_sock_rw_mask) != 0) {
|
if (virStrToLong_i (unix_sock_rw_perms, NULL, 8, &unix_sock_rw_mask) != 0) {
|
||||||
ERROR(_("Failed to parse mode '%s'"), unix_sock_rw_perms);
|
VIR_ERROR(_("Failed to parse mode '%s'"), unix_sock_rw_perms);
|
||||||
goto free_and_fail;
|
goto free_and_fail;
|
||||||
}
|
}
|
||||||
free (unix_sock_rw_perms);
|
free (unix_sock_rw_perms);
|
||||||
@ -2374,7 +2374,7 @@ int main(int argc, char **argv) {
|
|||||||
|
|
||||||
if (godaemon) {
|
if (godaemon) {
|
||||||
if (qemudGoDaemon() < 0) {
|
if (qemudGoDaemon() < 0) {
|
||||||
ERROR(_("Failed to fork as daemon: %s"), strerror(errno));
|
VIR_ERROR(_("Failed to fork as daemon: %s"), strerror(errno));
|
||||||
goto error1;
|
goto error1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -2395,7 +2395,7 @@ int main(int argc, char **argv) {
|
|||||||
qemudSetNonBlock(sigpipe[1]) < 0 ||
|
qemudSetNonBlock(sigpipe[1]) < 0 ||
|
||||||
qemudSetCloseExec(sigpipe[0]) < 0 ||
|
qemudSetCloseExec(sigpipe[0]) < 0 ||
|
||||||
qemudSetCloseExec(sigpipe[1]) < 0) {
|
qemudSetCloseExec(sigpipe[1]) < 0) {
|
||||||
ERROR(_("Failed to create pipe: %s"), strerror(errno));
|
VIR_ERROR(_("Failed to create pipe: %s"), strerror(errno));
|
||||||
goto error2;
|
goto error2;
|
||||||
}
|
}
|
||||||
sigwrite = sigpipe[1];
|
sigwrite = sigpipe[1];
|
||||||
@ -2427,14 +2427,14 @@ int main(int argc, char **argv) {
|
|||||||
const char *sockdirname = LOCAL_STATE_DIR "/run/libvirt";
|
const char *sockdirname = LOCAL_STATE_DIR "/run/libvirt";
|
||||||
|
|
||||||
if (chown(sockdirname, -1, unix_sock_gid) < 0)
|
if (chown(sockdirname, -1, unix_sock_gid) < 0)
|
||||||
ERROR(_("Failed to change group ownership of %s"), sockdirname);
|
VIR_ERROR(_("Failed to change group ownership of %s"), sockdirname);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (virEventAddHandleImpl(sigpipe[0],
|
if (virEventAddHandleImpl(sigpipe[0],
|
||||||
VIR_EVENT_HANDLE_READABLE,
|
VIR_EVENT_HANDLE_READABLE,
|
||||||
qemudDispatchSignalEvent,
|
qemudDispatchSignalEvent,
|
||||||
server, NULL) < 0) {
|
server, NULL) < 0) {
|
||||||
ERROR0(_("Failed to register callback for signal pipe"));
|
VIR_ERROR0(_("Failed to register callback for signal pipe"));
|
||||||
ret = 3;
|
ret = 3;
|
||||||
goto error2;
|
goto error2;
|
||||||
}
|
}
|
||||||
|
@ -2542,7 +2542,7 @@ remoteDispatchAuthSaslInit (struct qemud_server *server,
|
|||||||
REMOTE_DEBUG("Initialize SASL auth %d", client->fd);
|
REMOTE_DEBUG("Initialize SASL auth %d", client->fd);
|
||||||
if (client->auth != REMOTE_AUTH_SASL ||
|
if (client->auth != REMOTE_AUTH_SASL ||
|
||||||
client->saslconn != NULL) {
|
client->saslconn != NULL) {
|
||||||
ERROR0(_("client tried invalid SASL init request"));
|
VIR_ERROR0(_("client tried invalid SASL init request"));
|
||||||
goto authfail;
|
goto authfail;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2582,8 +2582,8 @@ remoteDispatchAuthSaslInit (struct qemud_server *server,
|
|||||||
VIR_FREE(localAddr);
|
VIR_FREE(localAddr);
|
||||||
VIR_FREE(remoteAddr);
|
VIR_FREE(remoteAddr);
|
||||||
if (err != SASL_OK) {
|
if (err != SASL_OK) {
|
||||||
ERROR(_("sasl context setup failed %d (%s)"),
|
VIR_ERROR(_("sasl context setup failed %d (%s)"),
|
||||||
err, sasl_errstring(err, NULL, NULL));
|
err, sasl_errstring(err, NULL, NULL));
|
||||||
client->saslconn = NULL;
|
client->saslconn = NULL;
|
||||||
goto authfail;
|
goto authfail;
|
||||||
}
|
}
|
||||||
@ -2595,7 +2595,7 @@ remoteDispatchAuthSaslInit (struct qemud_server *server,
|
|||||||
|
|
||||||
cipher = gnutls_cipher_get(client->tlssession);
|
cipher = gnutls_cipher_get(client->tlssession);
|
||||||
if (!(ssf = (sasl_ssf_t)gnutls_cipher_get_key_size(cipher))) {
|
if (!(ssf = (sasl_ssf_t)gnutls_cipher_get_key_size(cipher))) {
|
||||||
ERROR0(_("cannot TLS get cipher size"));
|
VIR_ERROR0(_("cannot TLS get cipher size"));
|
||||||
sasl_dispose(&client->saslconn);
|
sasl_dispose(&client->saslconn);
|
||||||
client->saslconn = NULL;
|
client->saslconn = NULL;
|
||||||
goto authfail;
|
goto authfail;
|
||||||
@ -2604,8 +2604,8 @@ remoteDispatchAuthSaslInit (struct qemud_server *server,
|
|||||||
|
|
||||||
err = sasl_setprop(client->saslconn, SASL_SSF_EXTERNAL, &ssf);
|
err = sasl_setprop(client->saslconn, SASL_SSF_EXTERNAL, &ssf);
|
||||||
if (err != SASL_OK) {
|
if (err != SASL_OK) {
|
||||||
ERROR(_("cannot set SASL external SSF %d (%s)"),
|
VIR_ERROR(_("cannot set SASL external SSF %d (%s)"),
|
||||||
err, sasl_errstring(err, NULL, NULL));
|
err, sasl_errstring(err, NULL, NULL));
|
||||||
sasl_dispose(&client->saslconn);
|
sasl_dispose(&client->saslconn);
|
||||||
client->saslconn = NULL;
|
client->saslconn = NULL;
|
||||||
goto authfail;
|
goto authfail;
|
||||||
@ -2632,8 +2632,8 @@ remoteDispatchAuthSaslInit (struct qemud_server *server,
|
|||||||
|
|
||||||
err = sasl_setprop(client->saslconn, SASL_SEC_PROPS, &secprops);
|
err = sasl_setprop(client->saslconn, SASL_SEC_PROPS, &secprops);
|
||||||
if (err != SASL_OK) {
|
if (err != SASL_OK) {
|
||||||
ERROR(_("cannot set SASL security props %d (%s)"),
|
VIR_ERROR(_("cannot set SASL security props %d (%s)"),
|
||||||
err, sasl_errstring(err, NULL, NULL));
|
err, sasl_errstring(err, NULL, NULL));
|
||||||
sasl_dispose(&client->saslconn);
|
sasl_dispose(&client->saslconn);
|
||||||
client->saslconn = NULL;
|
client->saslconn = NULL;
|
||||||
goto authfail;
|
goto authfail;
|
||||||
@ -2648,8 +2648,8 @@ remoteDispatchAuthSaslInit (struct qemud_server *server,
|
|||||||
NULL,
|
NULL,
|
||||||
NULL);
|
NULL);
|
||||||
if (err != SASL_OK) {
|
if (err != SASL_OK) {
|
||||||
ERROR(_("cannot list SASL mechanisms %d (%s)"),
|
VIR_ERROR(_("cannot list SASL mechanisms %d (%s)"),
|
||||||
err, sasl_errdetail(client->saslconn));
|
err, sasl_errdetail(client->saslconn));
|
||||||
sasl_dispose(&client->saslconn);
|
sasl_dispose(&client->saslconn);
|
||||||
client->saslconn = NULL;
|
client->saslconn = NULL;
|
||||||
goto authfail;
|
goto authfail;
|
||||||
@ -2657,7 +2657,7 @@ remoteDispatchAuthSaslInit (struct qemud_server *server,
|
|||||||
REMOTE_DEBUG("Available mechanisms for client: '%s'", mechlist);
|
REMOTE_DEBUG("Available mechanisms for client: '%s'", mechlist);
|
||||||
ret->mechlist = strdup(mechlist);
|
ret->mechlist = strdup(mechlist);
|
||||||
if (!ret->mechlist) {
|
if (!ret->mechlist) {
|
||||||
ERROR0(_("cannot allocate mechlist"));
|
VIR_ERROR0(_("cannot allocate mechlist"));
|
||||||
sasl_dispose(&client->saslconn);
|
sasl_dispose(&client->saslconn);
|
||||||
client->saslconn = NULL;
|
client->saslconn = NULL;
|
||||||
goto authfail;
|
goto authfail;
|
||||||
@ -2688,8 +2688,8 @@ remoteSASLCheckSSF (struct qemud_client *client,
|
|||||||
|
|
||||||
err = sasl_getprop(client->saslconn, SASL_SSF, &val);
|
err = sasl_getprop(client->saslconn, SASL_SSF, &val);
|
||||||
if (err != SASL_OK) {
|
if (err != SASL_OK) {
|
||||||
ERROR(_("cannot query SASL ssf on connection %d (%s)"),
|
VIR_ERROR(_("cannot query SASL ssf on connection %d (%s)"),
|
||||||
err, sasl_errstring(err, NULL, NULL));
|
err, sasl_errstring(err, NULL, NULL));
|
||||||
remoteDispatchAuthError(rerr);
|
remoteDispatchAuthError(rerr);
|
||||||
sasl_dispose(&client->saslconn);
|
sasl_dispose(&client->saslconn);
|
||||||
client->saslconn = NULL;
|
client->saslconn = NULL;
|
||||||
@ -2698,7 +2698,7 @@ remoteSASLCheckSSF (struct qemud_client *client,
|
|||||||
ssf = *(const int *)val;
|
ssf = *(const int *)val;
|
||||||
REMOTE_DEBUG("negotiated an SSF of %d", ssf);
|
REMOTE_DEBUG("negotiated an SSF of %d", ssf);
|
||||||
if (ssf < 56) { /* 56 is good for Kerberos */
|
if (ssf < 56) { /* 56 is good for Kerberos */
|
||||||
ERROR(_("negotiated SSF %d was not strong enough"), ssf);
|
VIR_ERROR(_("negotiated SSF %d was not strong enough"), ssf);
|
||||||
remoteDispatchAuthError(rerr);
|
remoteDispatchAuthError(rerr);
|
||||||
sasl_dispose(&client->saslconn);
|
sasl_dispose(&client->saslconn);
|
||||||
client->saslconn = NULL;
|
client->saslconn = NULL;
|
||||||
@ -2727,15 +2727,15 @@ remoteSASLCheckAccess (struct qemud_server *server,
|
|||||||
|
|
||||||
err = sasl_getprop(client->saslconn, SASL_USERNAME, &val);
|
err = sasl_getprop(client->saslconn, SASL_USERNAME, &val);
|
||||||
if (err != SASL_OK) {
|
if (err != SASL_OK) {
|
||||||
ERROR(_("cannot query SASL username on connection %d (%s)"),
|
VIR_ERROR(_("cannot query SASL username on connection %d (%s)"),
|
||||||
err, sasl_errstring(err, NULL, NULL));
|
err, sasl_errstring(err, NULL, NULL));
|
||||||
remoteDispatchAuthError(rerr);
|
remoteDispatchAuthError(rerr);
|
||||||
sasl_dispose(&client->saslconn);
|
sasl_dispose(&client->saslconn);
|
||||||
client->saslconn = NULL;
|
client->saslconn = NULL;
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (val == NULL) {
|
if (val == NULL) {
|
||||||
ERROR0(_("no client username was found"));
|
VIR_ERROR0(_("no client username was found"));
|
||||||
remoteDispatchAuthError(rerr);
|
remoteDispatchAuthError(rerr);
|
||||||
sasl_dispose(&client->saslconn);
|
sasl_dispose(&client->saslconn);
|
||||||
client->saslconn = NULL;
|
client->saslconn = NULL;
|
||||||
@ -2745,7 +2745,7 @@ remoteSASLCheckAccess (struct qemud_server *server,
|
|||||||
|
|
||||||
client->saslUsername = strdup((const char*)val);
|
client->saslUsername = strdup((const char*)val);
|
||||||
if (client->saslUsername == NULL) {
|
if (client->saslUsername == NULL) {
|
||||||
ERROR0(_("out of memory copying username"));
|
VIR_ERROR0(_("out of memory copying username"));
|
||||||
remoteDispatchAuthError(rerr);
|
remoteDispatchAuthError(rerr);
|
||||||
sasl_dispose(&client->saslconn);
|
sasl_dispose(&client->saslconn);
|
||||||
client->saslconn = NULL;
|
client->saslconn = NULL;
|
||||||
@ -2764,7 +2764,7 @@ remoteSASLCheckAccess (struct qemud_server *server,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Denied */
|
/* Denied */
|
||||||
ERROR(_("SASL client %s not allowed in whitelist"), client->saslUsername);
|
VIR_ERROR(_("SASL client %s not allowed in whitelist"), client->saslUsername);
|
||||||
remoteDispatchAuthError(rerr);
|
remoteDispatchAuthError(rerr);
|
||||||
sasl_dispose(&client->saslconn);
|
sasl_dispose(&client->saslconn);
|
||||||
client->saslconn = NULL;
|
client->saslconn = NULL;
|
||||||
@ -2794,7 +2794,7 @@ remoteDispatchAuthSaslStart (struct qemud_server *server,
|
|||||||
REMOTE_DEBUG("Start SASL auth %d", client->fd);
|
REMOTE_DEBUG("Start SASL auth %d", client->fd);
|
||||||
if (client->auth != REMOTE_AUTH_SASL ||
|
if (client->auth != REMOTE_AUTH_SASL ||
|
||||||
client->saslconn == NULL) {
|
client->saslconn == NULL) {
|
||||||
ERROR0(_("client tried invalid SASL start request"));
|
VIR_ERROR0(_("client tried invalid SASL start request"));
|
||||||
goto authfail;
|
goto authfail;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2809,14 +2809,14 @@ remoteDispatchAuthSaslStart (struct qemud_server *server,
|
|||||||
&serveroutlen);
|
&serveroutlen);
|
||||||
if (err != SASL_OK &&
|
if (err != SASL_OK &&
|
||||||
err != SASL_CONTINUE) {
|
err != SASL_CONTINUE) {
|
||||||
ERROR(_("sasl start failed %d (%s)"),
|
VIR_ERROR(_("sasl start failed %d (%s)"),
|
||||||
err, sasl_errdetail(client->saslconn));
|
err, sasl_errdetail(client->saslconn));
|
||||||
sasl_dispose(&client->saslconn);
|
sasl_dispose(&client->saslconn);
|
||||||
client->saslconn = NULL;
|
client->saslconn = NULL;
|
||||||
goto authfail;
|
goto authfail;
|
||||||
}
|
}
|
||||||
if (serveroutlen > REMOTE_AUTH_SASL_DATA_MAX) {
|
if (serveroutlen > REMOTE_AUTH_SASL_DATA_MAX) {
|
||||||
ERROR(_("sasl start reply data too long %d"), serveroutlen);
|
VIR_ERROR(_("sasl start reply data too long %d"), serveroutlen);
|
||||||
sasl_dispose(&client->saslconn);
|
sasl_dispose(&client->saslconn);
|
||||||
client->saslconn = NULL;
|
client->saslconn = NULL;
|
||||||
goto authfail;
|
goto authfail;
|
||||||
@ -2881,7 +2881,7 @@ remoteDispatchAuthSaslStep (struct qemud_server *server,
|
|||||||
REMOTE_DEBUG("Step SASL auth %d", client->fd);
|
REMOTE_DEBUG("Step SASL auth %d", client->fd);
|
||||||
if (client->auth != REMOTE_AUTH_SASL ||
|
if (client->auth != REMOTE_AUTH_SASL ||
|
||||||
client->saslconn == NULL) {
|
client->saslconn == NULL) {
|
||||||
ERROR0(_("client tried invalid SASL start request"));
|
VIR_ERROR0(_("client tried invalid SASL start request"));
|
||||||
goto authfail;
|
goto authfail;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2895,16 +2895,16 @@ remoteDispatchAuthSaslStep (struct qemud_server *server,
|
|||||||
&serveroutlen);
|
&serveroutlen);
|
||||||
if (err != SASL_OK &&
|
if (err != SASL_OK &&
|
||||||
err != SASL_CONTINUE) {
|
err != SASL_CONTINUE) {
|
||||||
ERROR(_("sasl step failed %d (%s)"),
|
VIR_ERROR(_("sasl step failed %d (%s)"),
|
||||||
err, sasl_errdetail(client->saslconn));
|
err, sasl_errdetail(client->saslconn));
|
||||||
sasl_dispose(&client->saslconn);
|
sasl_dispose(&client->saslconn);
|
||||||
client->saslconn = NULL;
|
client->saslconn = NULL;
|
||||||
goto authfail;
|
goto authfail;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (serveroutlen > REMOTE_AUTH_SASL_DATA_MAX) {
|
if (serveroutlen > REMOTE_AUTH_SASL_DATA_MAX) {
|
||||||
ERROR(_("sasl step reply data too long %d"),
|
VIR_ERROR(_("sasl step reply data too long %d"),
|
||||||
serveroutlen);
|
serveroutlen);
|
||||||
sasl_dispose(&client->saslconn);
|
sasl_dispose(&client->saslconn);
|
||||||
client->saslconn = NULL;
|
client->saslconn = NULL;
|
||||||
goto authfail;
|
goto authfail;
|
||||||
@ -2959,7 +2959,7 @@ remoteDispatchAuthSaslInit (struct qemud_server *server ATTRIBUTE_UNUSED,
|
|||||||
void *args ATTRIBUTE_UNUSED,
|
void *args ATTRIBUTE_UNUSED,
|
||||||
remote_auth_sasl_init_ret *ret ATTRIBUTE_UNUSED)
|
remote_auth_sasl_init_ret *ret ATTRIBUTE_UNUSED)
|
||||||
{
|
{
|
||||||
ERROR0(_("client tried unsupported SASL init request"));
|
VIR_ERROR0(_("client tried unsupported SASL init request"));
|
||||||
remoteDispatchAuthError(rerr);
|
remoteDispatchAuthError(rerr);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -2972,7 +2972,7 @@ remoteDispatchAuthSaslStart (struct qemud_server *server ATTRIBUTE_UNUSED,
|
|||||||
remote_auth_sasl_start_args *args ATTRIBUTE_UNUSED,
|
remote_auth_sasl_start_args *args ATTRIBUTE_UNUSED,
|
||||||
remote_auth_sasl_start_ret *ret ATTRIBUTE_UNUSED)
|
remote_auth_sasl_start_ret *ret ATTRIBUTE_UNUSED)
|
||||||
{
|
{
|
||||||
ERROR0(_("client tried unsupported SASL start request"));
|
VIR_ERROR0(_("client tried unsupported SASL start request"));
|
||||||
remoteDispatchAuthError(rerr);
|
remoteDispatchAuthError(rerr);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -2985,7 +2985,7 @@ remoteDispatchAuthSaslStep (struct qemud_server *server ATTRIBUTE_UNUSED,
|
|||||||
remote_auth_sasl_step_args *args ATTRIBUTE_UNUSED,
|
remote_auth_sasl_step_args *args ATTRIBUTE_UNUSED,
|
||||||
remote_auth_sasl_step_ret *ret ATTRIBUTE_UNUSED)
|
remote_auth_sasl_step_ret *ret ATTRIBUTE_UNUSED)
|
||||||
{
|
{
|
||||||
ERROR0(_("client tried unsupported SASL step request"));
|
VIR_ERROR0(_("client tried unsupported SASL step request"));
|
||||||
remoteDispatchAuthError(rerr);
|
remoteDispatchAuthError(rerr);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -3021,26 +3021,26 @@ remoteDispatchAuthPolkit (struct qemud_server *server,
|
|||||||
|
|
||||||
REMOTE_DEBUG("Start PolicyKit auth %d", client->fd);
|
REMOTE_DEBUG("Start PolicyKit auth %d", client->fd);
|
||||||
if (client->auth != REMOTE_AUTH_POLKIT) {
|
if (client->auth != REMOTE_AUTH_POLKIT) {
|
||||||
ERROR0(_("client tried invalid PolicyKit init request"));
|
VIR_ERROR0(_("client tried invalid PolicyKit init request"));
|
||||||
goto authfail;
|
goto authfail;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (qemudGetSocketIdentity(client->fd, &callerUid, &callerPid) < 0) {
|
if (qemudGetSocketIdentity(client->fd, &callerUid, &callerPid) < 0) {
|
||||||
ERROR0(_("cannot get peer socket identity"));
|
VIR_ERROR0(_("cannot get peer socket identity"));
|
||||||
goto authfail;
|
goto authfail;
|
||||||
}
|
}
|
||||||
|
|
||||||
INFO(_("Checking PID %d running as %d"), callerPid, callerUid);
|
VIR_INFO(_("Checking PID %d running as %d"), callerPid, callerUid);
|
||||||
dbus_error_init(&err);
|
dbus_error_init(&err);
|
||||||
if (!(pkcaller = polkit_caller_new_from_pid(server->sysbus,
|
if (!(pkcaller = polkit_caller_new_from_pid(server->sysbus,
|
||||||
callerPid, &err))) {
|
callerPid, &err))) {
|
||||||
ERROR(_("Failed to lookup policy kit caller: %s"), err.message);
|
VIR_ERROR(_("Failed to lookup policy kit caller: %s"), err.message);
|
||||||
dbus_error_free(&err);
|
dbus_error_free(&err);
|
||||||
goto authfail;
|
goto authfail;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(pkaction = polkit_action_new())) {
|
if (!(pkaction = polkit_action_new())) {
|
||||||
ERROR(_("Failed to create polkit action %s\n"), strerror(errno));
|
VIR_ERROR(_("Failed to create polkit action %s\n"), strerror(errno));
|
||||||
polkit_caller_unref(pkcaller);
|
polkit_caller_unref(pkcaller);
|
||||||
goto authfail;
|
goto authfail;
|
||||||
}
|
}
|
||||||
@ -3048,9 +3048,9 @@ remoteDispatchAuthPolkit (struct qemud_server *server,
|
|||||||
|
|
||||||
if (!(pkcontext = polkit_context_new()) ||
|
if (!(pkcontext = polkit_context_new()) ||
|
||||||
!polkit_context_init(pkcontext, &pkerr)) {
|
!polkit_context_init(pkcontext, &pkerr)) {
|
||||||
ERROR(_("Failed to create polkit context %s\n"),
|
VIR_ERROR(_("Failed to create polkit context %s\n"),
|
||||||
(pkerr ? polkit_error_get_error_message(pkerr)
|
(pkerr ? polkit_error_get_error_message(pkerr)
|
||||||
: strerror(errno)));
|
: strerror(errno)));
|
||||||
if (pkerr)
|
if (pkerr)
|
||||||
polkit_error_free(pkerr);
|
polkit_error_free(pkerr);
|
||||||
polkit_caller_unref(pkcaller);
|
polkit_caller_unref(pkcaller);
|
||||||
@ -3066,9 +3066,9 @@ remoteDispatchAuthPolkit (struct qemud_server *server,
|
|||||||
0,
|
0,
|
||||||
&pkerr);
|
&pkerr);
|
||||||
if (pkerr && polkit_error_is_set(pkerr)) {
|
if (pkerr && polkit_error_is_set(pkerr)) {
|
||||||
ERROR(_("Policy kit failed to check authorization %d %s"),
|
VIR_ERROR(_("Policy kit failed to check authorization %d %s"),
|
||||||
polkit_error_get_error_code(pkerr),
|
polkit_error_get_error_code(pkerr),
|
||||||
polkit_error_get_error_message(pkerr));
|
polkit_error_get_error_message(pkerr));
|
||||||
goto authfail;
|
goto authfail;
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
@ -3080,12 +3080,12 @@ remoteDispatchAuthPolkit (struct qemud_server *server,
|
|||||||
polkit_caller_unref(pkcaller);
|
polkit_caller_unref(pkcaller);
|
||||||
polkit_action_unref(pkaction);
|
polkit_action_unref(pkaction);
|
||||||
if (pkresult != POLKIT_RESULT_YES) {
|
if (pkresult != POLKIT_RESULT_YES) {
|
||||||
ERROR(_("Policy kit denied action %s from pid %d, uid %d, result: %s\n"),
|
VIR_ERROR(_("Policy kit denied action %s from pid %d, uid %d, result: %s\n"),
|
||||||
action, callerPid, callerUid,
|
action, callerPid, callerUid,
|
||||||
polkit_result_to_string_representation(pkresult));
|
polkit_result_to_string_representation(pkresult));
|
||||||
goto authfail;
|
goto authfail;
|
||||||
}
|
}
|
||||||
INFO(_("Policy allowed action %s from pid %d, uid %d, result %s"),
|
VIR_INFO(_("Policy allowed action %s from pid %d, uid %d, result %s"),
|
||||||
action, callerPid, callerUid,
|
action, callerPid, callerUid,
|
||||||
polkit_result_to_string_representation(pkresult));
|
polkit_result_to_string_representation(pkresult));
|
||||||
ret->complete = 1;
|
ret->complete = 1;
|
||||||
@ -3110,7 +3110,7 @@ remoteDispatchAuthPolkit (struct qemud_server *server ATTRIBUTE_UNUSED,
|
|||||||
void *args ATTRIBUTE_UNUSED,
|
void *args ATTRIBUTE_UNUSED,
|
||||||
remote_auth_polkit_ret *ret ATTRIBUTE_UNUSED)
|
remote_auth_polkit_ret *ret ATTRIBUTE_UNUSED)
|
||||||
{
|
{
|
||||||
ERROR0(_("client tried unsupported PolicyKit init request"));
|
VIR_ERROR0(_("client tried unsupported PolicyKit init request"));
|
||||||
remoteDispatchAuthError(rerr);
|
remoteDispatchAuthError(rerr);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
@ -332,7 +332,7 @@ xdr_remote_node_get_info_ret (XDR *xdrs, remote_node_get_info_ret *objp)
|
|||||||
return FALSE;
|
return FALSE;
|
||||||
if (!xdr_quad_t (xdrs, &objp->memory))
|
if (!xdr_quad_t (xdrs, &objp->memory))
|
||||||
return FALSE;
|
return FALSE;
|
||||||
buf = XDR_INLINE (xdrs, 6 * BYTES_PER_XDR_UNIT);
|
buf = (int32_t*)XDR_INLINE (xdrs, 6 * BYTES_PER_XDR_UNIT);
|
||||||
if (buf == NULL) {
|
if (buf == NULL) {
|
||||||
if (!xdr_int (xdrs, &objp->cpus))
|
if (!xdr_int (xdrs, &objp->cpus))
|
||||||
return FALSE;
|
return FALSE;
|
||||||
@ -361,7 +361,7 @@ xdr_remote_node_get_info_ret (XDR *xdrs, remote_node_get_info_ret *objp)
|
|||||||
return FALSE;
|
return FALSE;
|
||||||
if (!xdr_quad_t (xdrs, &objp->memory))
|
if (!xdr_quad_t (xdrs, &objp->memory))
|
||||||
return FALSE;
|
return FALSE;
|
||||||
buf = XDR_INLINE (xdrs, 6 * BYTES_PER_XDR_UNIT);
|
buf = (int32_t*)XDR_INLINE (xdrs, 6 * BYTES_PER_XDR_UNIT);
|
||||||
if (buf == NULL) {
|
if (buf == NULL) {
|
||||||
if (!xdr_int (xdrs, &objp->cpus))
|
if (!xdr_int (xdrs, &objp->cpus))
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
@ -68,6 +68,7 @@ while (<>) {
|
|||||||
# be ignored. Correct both these mistakes.
|
# be ignored. Correct both these mistakes.
|
||||||
@function =
|
@function =
|
||||||
map { s/\bIXDR_PUT_((U_)?)LONG\b/(void)IXDR_PUT_$1INT32/; $_ }
|
map { s/\bIXDR_PUT_((U_)?)LONG\b/(void)IXDR_PUT_$1INT32/; $_ }
|
||||||
|
map { s/\bXDR_INLINE\b/(int32_t*)XDR_INLINE/; $_ }
|
||||||
@function;
|
@function;
|
||||||
|
|
||||||
print (join ("", @function));
|
print (join ("", @function));
|
||||||
|
@ -29,6 +29,7 @@
|
|||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <sys/stat.h>
|
#include <sys/stat.h>
|
||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
|
#include <unistd.h>
|
||||||
#if HAVE_SYSLOG_H
|
#if HAVE_SYSLOG_H
|
||||||
#include <syslog.h>
|
#include <syslog.h>
|
||||||
#endif
|
#endif
|
||||||
|
@ -30,48 +30,53 @@
|
|||||||
* defined at runtime of from the libvirt daemon configuration file
|
* defined at runtime of from the libvirt daemon configuration file
|
||||||
*/
|
*/
|
||||||
#ifdef ENABLE_DEBUG
|
#ifdef ENABLE_DEBUG
|
||||||
#define VIR_DEBUG(category, f, l, fmt,...) \
|
#define VIR_DEBUG_INT(category, f, l, fmt,...) \
|
||||||
virLogMessage(category, VIR_LOG_DEBUG, f, l, 0, fmt, __VA_ARGS__)
|
virLogMessage(category, VIR_LOG_DEBUG, f, l, 0, fmt, __VA_ARGS__)
|
||||||
#define VIR_INFO(category, f, l, fmt,...) \
|
#define VIR_INFO_INT(category, f, l, fmt,...) \
|
||||||
virLogMessage(category, VIR_LOG_INFO, f, l, 0, fmt, __VA_ARGS__)
|
virLogMessage(category, VIR_LOG_INFO, f, l, 0, fmt, __VA_ARGS__)
|
||||||
#define VIR_WARN(category, f, l, fmt,...) \
|
#define VIR_WARN_INT(category, f, l, fmt,...) \
|
||||||
virLogMessage(category, VIR_LOG_WARN, f, l, 0, fmt, __VA_ARGS__)
|
virLogMessage(category, VIR_LOG_WARN, f, l, 0, fmt, __VA_ARGS__)
|
||||||
#define VIR_ERROR(category, f, l, fmt,...) \
|
#define VIR_ERROR_INT(category, f, l, fmt,...) \
|
||||||
virLogMessage(category, VIR_LOG_ERROR, f, l, 0, fmt, __VA_ARGS__)
|
virLogMessage(category, VIR_LOG_ERROR, f, l, 0, fmt, __VA_ARGS__)
|
||||||
#else
|
#else
|
||||||
#define VIR_DEBUG(category, f, l, fmt,...) \
|
#define VIR_DEBUG_INT(category, f, l, fmt,...) \
|
||||||
do { } while (0)
|
do { } while (0)
|
||||||
#define VIR_INFO(category, f, l, fmt,...) \
|
#define VIR_INFO_INT(category, f, l, fmt,...) \
|
||||||
do { } while (0)
|
do { } while (0)
|
||||||
#define VIR_WARN(category, f, l, fmt,...) \
|
#define VIR_WARN_INT(category, f, l, fmt,...) \
|
||||||
do { } while (0)
|
do { } while (0)
|
||||||
#define VIR_ERROR(category, f, l, fmt,...) \
|
#define VIR_ERROR_INT(category, f, l, fmt,...) \
|
||||||
do { } while (0)
|
do { } while (0)
|
||||||
#define VIR_INFO(category, fmt,...) \
|
#define VIR_INFO_INT(category, fmt,...) \
|
||||||
do { } while (0)
|
do { } while (0)
|
||||||
#define VIR_WARN(category, fmt,...) \
|
#define VIR_WARN_INT(category, fmt,...) \
|
||||||
do { } while (0)
|
do { } while (0)
|
||||||
#define VIR_ERROR(category, fmt,...) \
|
#define VIR_ERROR_INT(category, fmt,...) \
|
||||||
do { } while (0)
|
do { } while (0)
|
||||||
#endif /* !ENABLE_DEBUG */
|
#endif /* !ENABLE_DEBUG */
|
||||||
|
|
||||||
#define DEBUG(fmt,...) \
|
#define VIR_DEBUG(fmt,...) \
|
||||||
VIR_DEBUG("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
|
VIR_DEBUG_INT("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
|
||||||
#define DEBUG0(msg) \
|
#define VIR_DEBUG0(msg) \
|
||||||
VIR_DEBUG("file." __FILE__, __func__, __LINE__, "%s", msg)
|
VIR_DEBUG_INT("file." __FILE__, __func__, __LINE__, "%s", msg)
|
||||||
#define INFO(fmt,...) \
|
#define VIR_INFO(fmt,...) \
|
||||||
VIR_INFO("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
|
VIR_INFO_INT("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
|
||||||
#define INFO0(msg) \
|
#define VIR_INFO0(msg) \
|
||||||
VIR_INFO("file." __FILE__, __func__, __LINE__, "%s", msg)
|
VIR_INFO_INT("file." __FILE__, __func__, __LINE__, "%s", msg)
|
||||||
#define WARN(fmt,...) \
|
#define VIR_WARN(fmt,...) \
|
||||||
VIR_WARN("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
|
VIR_WARN_INT("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
|
||||||
#define WARN0(msg) \
|
#define VIR_WARN0(msg) \
|
||||||
VIR_WARN("file." __FILE__, __func__, __LINE__, "%s", msg)
|
VIR_WARN_INT("file." __FILE__, __func__, __LINE__, "%s", msg)
|
||||||
#define ERROR(fmt,...) \
|
#define VIR_ERROR(fmt,...) \
|
||||||
VIR_ERROR("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
|
VIR_ERROR_INT("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
|
||||||
#define ERROR0(msg) \
|
#define VIR_ERROR0(msg) \
|
||||||
VIR_ERROR("file." __FILE__, __func__, __LINE__, "%s", msg)
|
VIR_ERROR_INT("file." __FILE__, __func__, __LINE__, "%s", msg)
|
||||||
|
|
||||||
|
/* Legacy compat */
|
||||||
|
#define DEBUG(fmt,...) \
|
||||||
|
VIR_DEBUG_INT("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
|
||||||
|
#define DEBUG0(msg) \
|
||||||
|
VIR_DEBUG_INT("file." __FILE__, __func__, __LINE__, "%s", msg)
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* To be made public
|
* To be made public
|
||||||
|
@ -93,6 +93,7 @@ static const virNodeInfo defaultNodeInfo = {
|
|||||||
virReportErrorHelper(conn, VIR_FROM_TEST, code, __FILE__, \
|
virReportErrorHelper(conn, VIR_FROM_TEST, code, __FILE__, \
|
||||||
__FUNCTION__, __LINE__, fmt)
|
__FUNCTION__, __LINE__, fmt)
|
||||||
|
|
||||||
|
#ifdef HAVE_THREAD_H
|
||||||
static void testDriverLock(testConnPtr driver)
|
static void testDriverLock(testConnPtr driver)
|
||||||
{
|
{
|
||||||
pthread_mutex_lock(&driver->lock);
|
pthread_mutex_lock(&driver->lock);
|
||||||
@ -102,6 +103,10 @@ static void testDriverUnlock(testConnPtr driver)
|
|||||||
{
|
{
|
||||||
pthread_mutex_unlock(&driver->lock);
|
pthread_mutex_unlock(&driver->lock);
|
||||||
}
|
}
|
||||||
|
#else
|
||||||
|
static void testDriverLock(testConnPtr driver ATTRIBUTE_UNUSED) {}
|
||||||
|
static void testDriverUnlock(testConnPtr driver ATTRIBUTE_UNUSED) {}
|
||||||
|
#endif
|
||||||
|
|
||||||
static virCapsPtr
|
static virCapsPtr
|
||||||
testBuildCapabilities(virConnectPtr conn) {
|
testBuildCapabilities(virConnectPtr conn) {
|
||||||
|
@ -13,7 +13,7 @@
|
|||||||
#ifndef __linux__
|
#ifndef __linux__
|
||||||
|
|
||||||
static int
|
static int
|
||||||
mymain(int argc, char **argv)
|
mymain(int argc ATTRIBUTE_UNUSED, char **argv ATTRIBUTE_UNUSED)
|
||||||
{
|
{
|
||||||
exit (77); /* means 'test skipped' for automake */
|
exit (77); /* means 'test skipped' for automake */
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user