From nobody Tue Feb 10 01:31:32 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 216.205.24.124 as permitted sender) client-ip=216.205.24.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1610613533; cv=none;
	d=zohomail.com; s=zohoarc;
	b=iIoMVT58Fetjno0x0SIOfsbPcKYqk0koiZMSdIKXgUw19L00KlCQ/SwcjTgKj5codzXeQBKbceDrFBWJ8ci79dq+LmgoYrHBLiV1YtRoZObljDDvN9p3EqhqV8daQcw5dsDay+50TqFfFy1MqA5uPSOcPJDTQtiW+4lZsxU3JgE=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1610613533;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=4P2S4f87H+FeaakSV+F/rkz5wdZc4+ChGUBGEtxBVEQ=;
	b=OIk1GgxxVuJQfn+bc5BoPmpSW4FQWVMopaQQoepZ5JlfIM0zPaPHE+o1k/QlVWrOyrwDqiN4wKIfMLmALK0dgXiTpoAS417jIkDzkn/nf9I8veY9Eimow6UZfn9e8TCrinJh2/Mn6H+Q6oa+/EJ5931WV7nzzwRl8miPNeNnL6M=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com
	with SMTPS id 1610613533875429.86638761850145;
 Thu, 14 Jan 2021 00:38:53 -0800 (PST)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-353-HE8cdxKLNTuT8slg2aQybQ-1; Thu, 14 Jan 2021 03:38:50 -0500
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com
 [10.5.11.16])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 063401084443;
	Thu, 14 Jan 2021 08:38:38 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id B78F071D60;
	Thu, 14 Jan 2021 08:38:37 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2D3D54A7C6;
	Thu, 14 Jan 2021 08:38:33 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com
	[10.11.54.5])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 10E8cUJe022205 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 14 Jan 2021 03:38:31 -0500
Received: by smtp.corp.redhat.com (Postfix)
	id 9B81ADA691; Thu, 14 Jan 2021 08:38:30 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
	(mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 96882D93D2
	for <libvir-list@redhat.com>; Thu, 14 Jan 2021 08:38:28 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
	[207.211.31.120])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 7FCEE811E76
	for <libvir-list@redhat.com>; Thu, 14 Jan 2021 08:38:28 +0000 (UTC)
Received: from szxga04-in.huawei.com (szxga04-in.huawei.com
	[45.249.212.190]) (Using TLS) by relay.mimecast.com with ESMTP id
	us-mta-101-j8LTl0yAO2m4iTqF5KK8IQ-1; Thu, 14 Jan 2021 03:38:25 -0500
Received: from DGGEMS409-HUB.china.huawei.com (unknown [172.30.72.59])
	by szxga04-in.huawei.com (SkyGuard) with ESMTP id 4DGccs2Vbnz15s90
	for <libvir-list@redhat.com>; Thu, 14 Jan 2021 16:17:49 +0800 (CST)
Received: from DESKTOP-F1615D3.china.huawei.com (10.174.186.85) by
	DGGEMS409-HUB.china.huawei.com (10.3.19.209) with Microsoft SMTP Server
	id 14.3.498.0; Thu, 14 Jan 2021 16:18:42 +0800
X-MC-Unique: HE8cdxKLNTuT8slg2aQybQ-1
X-MC-Unique: j8LTl0yAO2m4iTqF5KK8IQ-1
From: Zihao Chang <changzihao1@huawei.com>
To: <libvir-list@redhat.com>
Subject: [PATCH 4/6] authz: support parsing the authz element in vnc
Date: Thu, 14 Jan 2021 16:18:19 +0800
Message-ID: <20210114081821.146-5-changzihao1@huawei.com>
In-Reply-To: <20210114081821.146-1-changzihao1@huawei.com>
References: <20210114081821.146-1-changzihao1@huawei.com>
MIME-Version: 1.0
X-Originating-IP: [10.174.186.85]
X-CFilter-Loop: Reflected
X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection
	Definition; Similar Internal Domain=false;
	Similar Monitored External Domain=false;
	Custom External Domain=false; Mimecast External Domain=false;
	Newly Observed Domain=false; Internal User Name=false;
	Custom Display Name List=false; Reply-to Address Mismatch=false;
	Targeted Threat Dictionary=false;
	Mimecast Threat Dictionary=false; Custom Threat Dictionary=false
X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5
X-MIME-Autoconverted: from quoted-printable to 8bit by
	lists01.pubmisc.prod.ext.phx2.redhat.com id 10E8cUJe022205
X-loop: libvir-list@redhat.com
Cc: oscar.zhangbo@huawei.com, changzihao1@huawei.com, xiexiangyou@huawei.com
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

support parsing the authz xml element in vnc.

Signed-off-by: Zihao Chang <changzihao1@huawei.com>
---
 src/conf/domain_conf.c  | 99 ++++++++++++++++++++++++++++++++++++++---
 src/conf/domain_conf.h  |  7 +++
 src/conf/virconftypes.h |  3 ++
 3 files changed, 104 insertions(+), 5 deletions(-)

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 540f1706fd23..e303bd76b779 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -12751,9 +12751,9 @@ virDomainTimerDefParseXML(xmlNodePtr node,
=20
=20
 static int
-virDomainGraphicsAuthDefParseXML(xmlNodePtr node,
-                                 virDomainGraphicsAuthDefPtr def,
-                                 int type)
+virDomainGraphicsPasswdDefParseXML(xmlNodePtr node,
+                                   virDomainGraphicsAuthDefPtr def,
+                                   int type)
 {
     g_autofree char *validTo =3D NULL;
     g_autofree char *connected =3D virXMLPropString(node, "connected");
@@ -12819,6 +12819,95 @@ virDomainGraphicsAuthDefParseXML(xmlNodePtr node,
 }
=20
=20
+static int
+virDomainGraphicsAuthzDefParseXML(virDomainGraphicsAuthzDefPtr def,
+                                  xmlNodePtr node)
+{
+   int ret =3D -1;
+   g_autofree char *type =3D virXMLPropString(node, "type");
+   g_autofree char *id =3D virXMLPropString(node, "index");
+   unsigned int idVal;
+   int typeVal;
+
+   if (!type || !id) {
+       virReportError(VIR_ERR_XML_ERROR, "%s",
+                      _("graphics authz type and id must be specified"));
+       goto error;
+   }
+
+   if ((typeVal =3D virDomainAuthzTypeTypeFromString(type)) < 0) {
+       virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                      _("unknown graphics authz type '%s'"), type);
+       goto error;
+   }
+
+   if ((virStrToLong_uip(id, NULL, 10, &idVal) < 0)) {
+       virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                      _("invalid graphics authz index: %s"), id);
+       goto error;
+   }
+
+   def->type =3D typeVal;
+   def->index =3D idVal;
+
+   ret =3D 0;
+ error:
+   return ret;
+}
+
+
+static int
+virDomainGraphicsAuthzsDefParseXML(xmlNodePtr node,
+                                   virDomainGraphicsAuthDefPtr def,
+                                   xmlXPathContextPtr ctxt)
+{
+    VIR_XPATH_NODE_AUTORESTORE(ctxt)
+    int nAuthzs;
+    int ret =3D -1;
+    g_autofree xmlNodePtr *authzNodes =3D NULL;
+
+    ctxt->node =3D node;
+
+    /* parse the <authz> subelements for graphics types that support it */
+    nAuthzs =3D virXPathNodeSet("./authz", ctxt, &authzNodes);
+    if (nAuthzs < 0) {
+        goto cleanup;
+    }
+
+    if (nAuthzs > 0) {
+        size_t i;
+
+        def->authzs =3D g_new0(virDomainGraphicsAuthzDef, nAuthzs);
+
+        for (i =3D 0; i < nAuthzs; i++) {
+            if (virDomainGraphicsAuthzDefParseXML(&def->authzs[i],
+                                                  authzNodes[i]) < 0)
+                goto cleanup;
+
+            def->nAuthzs++;
+        }
+    }
+
+    ret =3D 0;
+
+ cleanup:
+    return ret;
+}
+
+
+static int
+virDomainGraphicsAuthDefParseXML(xmlNodePtr node,
+                                 virDomainGraphicsAuthDefPtr def,
+                                 xmlXPathContextPtr ctxt,
+                                 int type)
+{
+    if (virDomainGraphicsPasswdDefParseXML(node, def, type) ||
+        virDomainGraphicsAuthzsDefParseXML(node, def, ctxt))
+        return -1;
+    return 0;
+}
+
+
 /**
  * virDomainGraphicsListenDefParseXML:
  * @def: listen def pointer to be filled
@@ -13126,7 +13215,7 @@ virDomainGraphicsDefParseXMLVNC(virDomainGraphicsDe=
fPtr def,
     def->data.vnc.keymap =3D virXMLPropString(node, "keymap");
=20
     if (virDomainGraphicsAuthDefParseXML(node, &def->data.vnc.auth,
-                                         def->type) < 0)
+                                         ctxt, def->type) < 0)
         return -1;
=20
     return 0;
@@ -13312,7 +13401,7 @@ virDomainGraphicsDefParseXMLSpice(virDomainGraphics=
DefPtr def,
     def->data.spice.keymap =3D virXMLPropString(node, "keymap");
=20
     if (virDomainGraphicsAuthDefParseXML(node, &def->data.spice.auth,
-                                         def->type) < 0)
+                                         ctxt, def->type) < 0)
         return -1;
=20
     cur =3D node->children;
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 01e04250c28b..8cf7440f08aa 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1613,11 +1613,18 @@ typedef enum {
     VIR_DOMAIN_GRAPHICS_AUTH_CONNECTED_LAST
 } virDomainGraphicsAuthConnectedType;
=20
+struct _virDomainGraphicsAuthzDef {
+    virDomainAuthzType type;
+    unsigned long index;
+};
+
 struct _virDomainGraphicsAuthDef {
     char *passwd;
     bool expires; /* Whether there is an expiry time set */
     time_t validTo;  /* seconds since epoch */
     int connected; /* action if connected */
+    size_t nAuthzs;
+    virDomainGraphicsAuthzDefPtr authzs;
 };
=20
 typedef enum {
diff --git a/src/conf/virconftypes.h b/src/conf/virconftypes.h
index 697bd60a04e2..e66f3c5124e7 100644
--- a/src/conf/virconftypes.h
+++ b/src/conf/virconftypes.h
@@ -162,6 +162,9 @@ typedef virDomainGraphicsDef *virDomainGraphicsDefPtr;
 typedef struct _virDomainGraphicsListenDef virDomainGraphicsListenDef;
 typedef virDomainGraphicsListenDef *virDomainGraphicsListenDefPtr;
=20
+typedef struct _virDomainGraphicsAuthzDef virDomainGraphicsAuthzDef;
+typedef virDomainGraphicsAuthzDef *virDomainGraphicsAuthzDefPtr;
+
 typedef struct _virDomainHostdevCaps virDomainHostdevCaps;
 typedef virDomainHostdevCaps *virDomainHostdevCapsPtr;
=20
--=20
2.28.0