From nobody Sun Feb 8 03:33:02 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) client-ip=207.211.31.81; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1577977147; cv=none; d=zohomail.com; s=zohoarc; b=dmO7YsMeouAydtt1bIi/KXHH8ZkMFcGMXmHsp3CxIAPqD9k4hIEh/y93AjdIXYzyFdwzjz9X8s07RIapnDbHZYZI8/15KABirdw8TWkxwUQW2xo6HkRCAyTMlVNop3PJS3lHouuN3eV49Ql3OWjEcfbt2wFjGAQZDvGuaPtdiAg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1577977147; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=rpkf805tYuIgk1r3GALgCZw5imIMdZOfTjvNZNoqyNE=; b=Mtgi5o1QFlSfBd2xpZHD8S6QJg06FK59roq029HscdjwxkoSr29GWXkAXxQQz9SLN7WgXs+C2jArQ4IZJy9ro8wdBOxAyRKeEuqTfqQyyTD7B9Jvpliu7ks4p5K0GL3b5lysJwTxdiAnOIUy3th8KLHp6eGfPux1HFzofMDfrFk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) by mx.zohomail.com with SMTPS id 1577977147908179.14969285712687; Thu, 2 Jan 2020 06:59:07 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-391-93vs5Ua6PiqWzLV-MvJIGA-1; Thu, 02 Jan 2020 09:56:56 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 23A5D18CA243; Thu, 2 Jan 2020 14:56:50 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id EE1747D96B; Thu, 2 Jan 2020 14:56:49 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id A59201803C32; Thu, 2 Jan 2020 14:56:49 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 002EuaBw004812 for ; Thu, 2 Jan 2020 09:56:36 -0500 Received: by smtp.corp.redhat.com (Postfix) id 4D25960C85; Thu, 2 Jan 2020 14:56:36 +0000 (UTC) Received: from catbus.gsslab.fab.redhat.com (dhcp-43.gsslab.fab.redhat.com [10.33.9.43]) by smtp.corp.redhat.com (Postfix) with ESMTP id B1E6A60BF4; Thu, 2 Jan 2020 14:56:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1577977144; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=rpkf805tYuIgk1r3GALgCZw5imIMdZOfTjvNZNoqyNE=; b=FaCHABDCeglDL0ZIbJtc0wJYbSDzFYcznp5kzWBuvWUmI+qE+XgsdvGs7+DakYHflZpl6T d/AgXAazWs7w5PJN8dsMczMiPrhmIboKscxJOqylQWVWeqJON9vghSVjozDMXA0pLwnGWX SFhF02xEF/VDfcTdYsPG4sp5F7Qu7a8= From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 2 Jan 2020 14:53:45 +0000 Message-Id: <20200102145357.6724-12-berrange@redhat.com> In-Reply-To: <20200102145357.6724-1-berrange@redhat.com> References: <20200102145357.6724-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 11/23] src: switch from fnmatch to g_pattern_match_simple X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-MC-Unique: 93vs5Ua6PiqWzLV-MvJIGA-1 X-Mimecast-Spam-Score: 0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) The g_pattern_match function_simple is an acceptably close approximation of fnmatch for libvirt's needs. In contrast to fnmatch(), the '/' character can be matched by the wildcards, there are no '[...]' character ranges and '*' and '?' can not be escaped to include them literally in a pattern. Signed-off-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_firmware.c | 4 +--- src/remote/libvirtd.conf.in | 8 ++++++-- src/rpc/virnetsaslcontext.c | 11 +---------- src/rpc/virnettlscontext.c | 10 +--------- src/util/virlog.c | 5 ++--- tests/virconfdata/libvirtd.conf | 8 ++++++-- tests/virconfdata/libvirtd.out | 8 ++++++-- tools/virt-login-shell-helper.c | 5 ++--- 8 files changed, 25 insertions(+), 34 deletions(-) diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index f62ce90ac9..6a76d355f5 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -20,8 +20,6 @@ =20 #include =20 -#include - #include "qemu_firmware.h" #include "qemu_interop_config.h" #include "configmake.h" @@ -921,7 +919,7 @@ qemuFirmwareMatchesMachineArch(const qemuFirmware *fw, continue; =20 for (j =3D 0; j < fw->targets[i]->nmachines; j++) { - if (fnmatch(fw->targets[i]->machines[j], machine, 0) =3D=3D 0) + if (g_pattern_match_simple(fw->targets[i]->machines[j], machin= e)) return true; } } diff --git a/src/remote/libvirtd.conf.in b/src/remote/libvirtd.conf.in index f984ce0478..34741183cc 100644 --- a/src/remote/libvirtd.conf.in +++ b/src/remote/libvirtd.conf.in @@ -262,7 +262,9 @@ # # "C=3DGB,ST=3DLondon,L=3DLondon,O=3DRed Hat,CN=3D*" # -# See the POSIX fnmatch function for the format of the wildcards. +# See the g_pattern_match function for the format of the wildcards: +# +# https://developer.gnome.org/glib/stable/glib-Glob-style-pattern-matching= .html # # NB If this is an empty list, no client can connect, so comment out # entirely rather than using empty list to disable these checks @@ -288,7 +290,9 @@ # # "*@EXAMPLE.COM" # -# See the POSIX fnmatch function for the format of the wildcards. +# See the g_pattern_match function for the format of the wildcards. +# +# https://developer.gnome.org/glib/stable/glib-Glob-style-pattern-matching= .html # # NB If this is an empty list, no client can connect, so comment out # entirely rather than using empty list to disable these checks diff --git a/src/rpc/virnetsaslcontext.c b/src/rpc/virnetsaslcontext.c index 01ff41b778..e7ed8f4390 100644 --- a/src/rpc/virnetsaslcontext.c +++ b/src/rpc/virnetsaslcontext.c @@ -20,8 +20,6 @@ =20 #include =20 -#include - #include "virnetsaslcontext.h" #include "virnetmessage.h" =20 @@ -155,17 +153,10 @@ int virNetSASLContextCheckIdentity(virNetSASLContextP= tr ctxt, } =20 while (*wildcards) { - int rv =3D fnmatch(*wildcards, identity, 0); - if (rv =3D=3D 0) { + if (g_pattern_match_simple(*wildcards, identity)) { ret =3D 1; goto cleanup; /* Successful match */ } - if (rv !=3D FNM_NOMATCH) { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("Malformed TLS whitelist regular expression '= %s'"), - *wildcards); - goto cleanup; - } =20 wildcards++; } diff --git a/src/rpc/virnettlscontext.c b/src/rpc/virnettlscontext.c index 08944f6771..44f0dfce77 100644 --- a/src/rpc/virnettlscontext.c +++ b/src/rpc/virnettlscontext.c @@ -21,7 +21,6 @@ #include =20 #include -#include =20 #include #include @@ -361,15 +360,8 @@ virNetTLSContextCheckCertDNWhitelist(const char *dname, const char *const*wildcards) { while (*wildcards) { - int ret =3D fnmatch(*wildcards, dname, 0); - if (ret =3D=3D 0) /* Successful match */ + if (g_pattern_match_simple(*wildcards, dname)) return 1; - if (ret !=3D FNM_NOMATCH) { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("Malformed TLS whitelist regular expression '= %s'"), - *wildcards); - return -1; - } =20 wildcards++; } diff --git a/src/util/virlog.c b/src/util/virlog.c index 6bae56e2e3..aa98024e1c 100644 --- a/src/util/virlog.c +++ b/src/util/virlog.c @@ -36,7 +36,6 @@ #if HAVE_SYS_UN_H # include #endif -#include =20 #include "virerror.h" #include "virlog.h" @@ -488,7 +487,7 @@ virLogSourceUpdate(virLogSourcePtr source) size_t i; =20 for (i =3D 0; i < virLogNbFilters; i++) { - if (fnmatch(virLogFilters[i]->match, source->name, 0) =3D=3D 0= ) { + if (g_pattern_match_simple(virLogFilters[i]->match, source->na= me)) { priority =3D virLogFilters[i]->priority; break; } @@ -1338,7 +1337,7 @@ virLogFilterNew(const char *match, return NULL; } =20 - /* We must treat 'foo' as equiv to '*foo*' for fnmatch + /* We must treat 'foo' as equiv to '*foo*' for g_pattern_match * todo substring matches, so add 2 extra bytes */ if (VIR_ALLOC_N_QUIET(mdup, mlen + 3) < 0) diff --git a/tests/virconfdata/libvirtd.conf b/tests/virconfdata/libvirtd.c= onf index 602aa08d92..791d6c972b 100644 --- a/tests/virconfdata/libvirtd.conf +++ b/tests/virconfdata/libvirtd.conf @@ -183,7 +183,9 @@ tls_no_verify_certificate =3D 1 # # "C=3DGB,ST=3DLondon,L=3DLondon,O=3DRed Hat,CN=3D*" # -# See the POSIX fnmatch function for the format of the wildcards. +# See the g_pattern_match function for the format of the wildcards. +# +# https://developer.gnome.org/glib/stable/glib-Glob-style-pattern-matching= .html # # NB If this is an empty list, no client can connect, so comment out # entirely rather than using empty list to disable these checks @@ -200,7 +202,9 @@ tls_allowed_dn_list =3D ["DN1", "DN2"] # # "*@EXAMPLE.COM" # -# See the POSIX fnmatch function for the format of the wildcards. +# See the g_pattern_match function for the format of the wildcards. +# +# https://developer.gnome.org/glib/stable/glib-Glob-style-pattern-matching= .html # # NB If this is an empty list, no client can connect, so comment out # entirely rather than using empty list to disable these checks diff --git a/tests/virconfdata/libvirtd.out b/tests/virconfdata/libvirtd.out index d3f2bd20a7..cfdd23fd21 100644 --- a/tests/virconfdata/libvirtd.out +++ b/tests/virconfdata/libvirtd.out @@ -147,7 +147,9 @@ tls_no_verify_certificate =3D 1 # # "C=3DGB,ST=3DLondon,L=3DLondon,O=3DRed Hat,CN=3D*" # -# See the POSIX fnmatch function for the format of the wildcards. +# See the g_pattern_match function for the format of the wildcards. +# +# https://developer.gnome.org/glib/stable/glib-Glob-style-pattern-matching= .html # # NB If this is an empty list, no client can connect, so comment out # entirely rather than using empty list to disable these checks @@ -162,7 +164,9 @@ tls_allowed_dn_list =3D [ "DN1", "DN2" ] # # "*@EXAMPLE.COM" # -# See the POSIX fnmatch function for the format of the wildcards. +# See the g_pattern_match function for the format of the wildcards. +# +# https://developer.gnome.org/glib/stable/glib-Glob-style-pattern-matching= .html # # NB If this is an empty list, no client can connect, so comment out # entirely rather than using empty list to disable these checks diff --git a/tools/virt-login-shell-helper.c b/tools/virt-login-shell-helpe= r.c index 87735833d9..e3aefc2c06 100644 --- a/tools/virt-login-shell-helper.c +++ b/tools/virt-login-shell-helper.c @@ -19,7 +19,6 @@ */ #include =20 -#include #include #include #include @@ -67,14 +66,14 @@ static int virLoginShellAllowedUser(virConfPtr conf, for (i =3D 0; i < ngroups; i++) { if (!(gname =3D virGetGroupName(groups[i]))) continue; - if (fnmatch(entry, gname, 0) =3D=3D 0) { + if (g_pattern_match_simple(entry, gname)) { ret =3D 0; goto cleanup; } VIR_FREE(gname); } } else { - if (fnmatch(entry, name, 0) =3D=3D 0) { + if (g_pattern_match_simple(entry, name)) { ret =3D 0; goto cleanup; } --=20 2.24.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list