From nobody Mon Feb 9 11:28:16 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1505413376950747.8925029506966; Thu, 14 Sep 2017 11:22:56 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id E0DDF4ACBD; Thu, 14 Sep 2017 18:22:55 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id BA7736F94A; Thu, 14 Sep 2017 18:22:55 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 56F474EE4F; Thu, 14 Sep 2017 18:22:55 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v8EI3GSh018326 for ; Thu, 14 Sep 2017 14:03:16 -0400 Received: by smtp.corp.redhat.com (Postfix) id 097576682E; Thu, 14 Sep 2017 18:03:16 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-116-172.phx2.redhat.com [10.3.116.172]) by smtp.corp.redhat.com (Postfix) with ESMTP id C616517103 for ; Thu, 14 Sep 2017 18:03:15 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com E0DDF4ACBD Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com From: John Ferlan To: libvir-list@redhat.com Date: Thu, 14 Sep 2017 14:03:07 -0400 Message-Id: <20170914180310.1426-4-jferlan@redhat.com> In-Reply-To: <20170914180310.1426-1-jferlan@redhat.com> References: <20170914180310.1426-1-jferlan@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 3/6] conf: Move authdef validation X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Thu, 14 Sep 2017 18:22:56 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Rather than checking during XML processing, move the checks for correct and valid auth into virDomainDiskDefParseValidate. This will introduce virDomainDiskSourceDefParseAuthValidate to validate that the authdef stored for the virStorageSource is valid. This can then be expanded to service backingStore sources as well. Alter the message text slightly as well to distinguish between an unknown name and an incorrectly used name. Since type is not a mandatory field, add the NULLSTR() around the output of the unknown error. NB, a config using unknown formatting would fail virschematest since it only accepts 'iscsi' and 'ceph' as "valid" types. Signed-off-by: John Ferlan --- src/conf/domain_conf.c | 67 +++++++++++++++++++++++++---------------------= ---- 1 file changed, 34 insertions(+), 33 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index a43b25c31..07bda1a36 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -8500,6 +8500,39 @@ virDomainDiskDefGeometryParse(virDomainDiskDefPtr de= f, =20 =20 static int +virDomainDiskSourceDefParseAuthValidate(const virStorageSource *src) +{ + virStorageAuthDefPtr authdef =3D src->auth; + int actUsage; + + /* Disk volume types won't have the secrettype filled in until + * after virStorageTranslateDiskSourcePool is run + */ + if (src->type =3D=3D VIR_STORAGE_TYPE_VOLUME || !authdef) + return 0; + + if ((actUsage =3D virSecretUsageTypeFromString(authdef->secrettype)) <= 0) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("unknown secret type '%s'"), + NULLSTR(authdef->secrettype)); + return -1; + } + + if ((src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_ISCSI && + actUsage !=3D VIR_SECRET_USAGE_TYPE_ISCSI) || + (src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_RBD && + actUsage !=3D VIR_SECRET_USAGE_TYPE_CEPH)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("invalid secret type '%s'"), + virSecretUsageTypeToString(actUsage)); + return -1; + } + + return 0; +} + + +static int virDomainDiskDefParseValidate(const virDomainDiskDef *def) { if (def->bus !=3D VIR_DOMAIN_DISK_BUS_VIRTIO) { @@ -8572,7 +8605,7 @@ virDomainDiskDefParseValidate(const virDomainDiskDef = *def) } } =20 - return 0; + return virDomainDiskSourceDefParseAuthValidate(def->src); } =20 =20 @@ -8731,8 +8764,6 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt, char *vendor =3D NULL; char *product =3D NULL; char *domain_name =3D NULL; - int expected_secret_usage =3D -1; - int auth_secret_usage =3D -1; =20 if (!(def =3D virDomainDiskDefNew(xmlopt))) return NULL; @@ -8776,13 +8807,6 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlop= t, =20 source =3D true; =20 - if (def->src->type =3D=3D VIR_STORAGE_TYPE_NETWORK) { - if (def->src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_ISC= SI) - expected_secret_usage =3D VIR_SECRET_USAGE_TYPE_ISCSI; - else if (def->src->protocol =3D=3D VIR_STORAGE_NET_PROTOCO= L_RBD) - expected_secret_usage =3D VIR_SECRET_USAGE_TYPE_CEPH; - } - startupPolicy =3D virXMLPropString(cur, "startupPolicy"); =20 } else if (!target && @@ -8840,17 +8864,6 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlop= t, virXMLNodeNameEqual(cur, "auth")) { if (!(authdef =3D virStorageAuthDefParse(node->doc, cur))) goto error; - /* Disk volume types won't have the secrettype filled in until - * after virStorageTranslateDiskSourcePool is run - */ - if (def->src->type !=3D VIR_STORAGE_TYPE_VOLUME && - (auth_secret_usage =3D - virSecretUsageTypeFromString(authdef->secrettype)) < 0) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, - _("invalid secret type %s"), - authdef->secrettype); - goto error; - } } else if (virXMLNodeNameEqual(cur, "iotune")) { if (virDomainDiskDefIotuneParse(def, ctxt) < 0) goto error; @@ -8914,18 +8927,6 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlop= t, } } =20 - /* Disk volume types will have authentication information handled in - * virStorageTranslateDiskSourcePool - */ - if (def->src->type !=3D VIR_STORAGE_TYPE_VOLUME && - auth_secret_usage !=3D -1 && auth_secret_usage !=3D expected_secre= t_usage) { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("invalid secret type '%s'"), - virSecretUsageTypeToString(auth_secret_usage)); - goto error; - } - - /* Only CDROM and Floppy devices are allowed missing source path * to indicate no media present. LUN is for raw access CD-ROMs * that are not attached to a physical device presently */ --=20 2.13.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list