From nobody Sun Feb  8 22:35:21 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1565952018; cv=none;
	d=zoho.com; s=zohoarc;
	b=T4VwC2fR+9+R9EbrgMbCj87r5lx8gRzWvxbUPZOQv70kXlG+dBgKw7apVRfCpszosp2erxJgRVV1PGPcyft1GXhBQ4mOef/Z3j+cSta7lXl69s7cttcS8qckOOQVM5sxGIFSV7XQD4uycVRGCPzhw6sXKDOCAUFe9edMfTxF4rQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1565952018;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=K5+vADlCY03Sgtgy5o9bfQUiz+qSYq7/GuFFwVOmPDk=;
	b=d/jbEMQZoY1THOu4yLNpaO1vuS8C0DzdpoDn9s+paOBPzW73oOIzVh5ZLMxjKwkRghH0OSJIfUwPoe0DQGE23WibTvzpJpRS/7wOrpbrmMqLr+xHFy+9RBVPPRinZdGZg76UEt3eUFUAYAwIaYikbjLPDS10fdPvnNG7WpGjkIg=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<pkrempa@redhat.com> (p=none dis=none)
 header.from=<pkrempa@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 156595201847579.32648533594045;
 Fri, 16 Aug 2019 03:40:18 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com
 [10.5.11.22])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id D13FB300177F;
	Fri, 16 Aug 2019 10:40:16 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id A6B00100197A;
	Fri, 16 Aug 2019 10:40:16 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 5C5C6E203;
	Fri, 16 Aug 2019 10:40:16 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x7GAe3Wu021652 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 16 Aug 2019 06:40:03 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id C62F6A4FA6; Fri, 16 Aug 2019 10:40:03 +0000 (UTC)
Received: from angien.brq.redhat.com (unknown [10.43.2.229])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 4DAB1A4FA4
	for <libvir-list@redhat.com>; Fri, 16 Aug 2019 10:40:00 +0000 (UTC)
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 16 Aug 2019 12:39:35 +0200
Message-Id: 
 <bc802ed79cf790207cf735317b4d14a7f9b4af42.1565951850.git.pkrempa@redhat.com>
In-Reply-To: <cover.1565951850.git.pkrempa@redhat.com>
References: <cover.1565951850.git.pkrempa@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH 14/14] util: storagefile: Flag backing store
	strings with authentication
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.46]);
 Fri, 16 Aug 2019 10:40:17 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

Using inline authentication for storage volumes will not work properly
as libvirt requires use of the secret driver for the auth data and
thus would not be able to represent the passwords stored in the backing
store string.

Make sure that the backing store parsers return 1 which is a sign for
the caller to not use the file in certain cases.

The test data include iscsi via a json pseudo-protocol string and URIs
with the userinfo part being present.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: J=C3=A1n Tomko <jtomko@redhat.com>
---
 src/util/virstoragefile.c | 11 +++++++++--
 tests/virstoragetest.c    | 28 ++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+), 2 deletions(-)

diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c
index efc1d84048..437dcc015d 100644
--- a/src/util/virstoragefile.c
+++ b/src/util/virstoragefile.c
@@ -2705,8 +2705,6 @@ virStorageSourceParseBackingURI(virStorageSourcePtr s=
rc,
             return -1;
     }

-    /* XXX We currently don't support auth, so don't bother parsing it */
-
     /* uri->path is NULL if the URI does not contain slash after host:
      * transport://host:port */
     if (uri->path)
@@ -2756,6 +2754,10 @@ virStorageSourceParseBackingURI(virStorageSourcePtr =
src,
     if (VIR_STRDUP(src->hosts->name, uri->server) < 0)
         return -1;

+    /* Libvirt doesn't handle inline authentication. Make the caller aware=
. */
+    if (uri->user)
+        return 1;
+
     return 0;
 }

@@ -3311,6 +3313,11 @@ virStorageSourceParseBackingJSONiSCSI(virStorageSour=
cePtr src,
     if (virAsprintf(&src->path, "%s/%s", target, lun) < 0)
         return -1;

+    /* Libvirt doesn't handle inline authentication. Make the caller aware=
. */
+    if (virJSONValueObjectGetString(json, "user") ||
+        virJSONValueObjectGetString(json, "password"))
+        return 1;
+
     return 0;
 }

diff --git a/tests/virstoragetest.c b/tests/virstoragetest.c
index be5cb98262..1d06abe8b6 100644
--- a/tests/virstoragetest.c
+++ b/tests/virstoragetest.c
@@ -1260,6 +1260,10 @@ mymain(void)
                        "<source protocol=3D'http' name=3D'file'>\n"
                        "  <host name=3D'example.com' port=3D'80'/>\n"
                        "</source>\n");
+    TEST_BACKING_PARSE_FULL("http://user:pass@example.com/file",
+                            "<source protocol=3D'http' name=3D'file'>\n"
+                            "  <host name=3D'example.com' port=3D'80'/>\n"
+                            "</source>\n", 1);
     TEST_BACKING_PARSE("rbd:testshare:id=3Dasdf:mon_host=3Dexample.com",
                        "<source protocol=3D'rbd' name=3D'testshare'>\n"
                        "  <host name=3D'example.com'/>\n"
@@ -1280,6 +1284,10 @@ mymain(void)
                        "<source protocol=3D'nbd' name=3D'exportname'>\n"
                        "  <host name=3D'example.org' port=3D'1234'/>\n"
                        "</source>\n");
+    TEST_BACKING_PARSE_FULL("iscsi://testuser:testpass@example.org:1234/ex=
portname",
+                            "<source protocol=3D'iscsi' name=3D'exportname=
'>\n"
+                            "  <host name=3D'example.org' port=3D'1234'/>\=
n"
+                            "</source>\n", 1);

 #ifdef WITH_YAJL
     TEST_BACKING_PARSE("json:", NULL);
@@ -1484,6 +1492,26 @@ mymain(void)
                        "<source protocol=3D'iscsi' name=3D'iqn.2016-12.com=
.virttest:emulated-iscsi-noauth.target/0'>\n"
                        "  <host name=3D'test.org' port=3D'3260'/>\n"
                        "</source>\n");
+    TEST_BACKING_PARSE_FULL("json:{\"file\":{\"driver\":\"iscsi\","
+                                            "\"transport\":\"tcp\","
+                                            "\"portal\":\"test.org\","
+                                            "\"user\":\"testuser\","
+                                            "\"target\":\"iqn.2016-12.com.=
virttest:emulated-iscsi-auth.target\""
+                                            "}"
+                            "}",
+                       "<source protocol=3D'iscsi' name=3D'iqn.2016-12.com=
.virttest:emulated-iscsi-auth.target/0'>\n"
+                       "  <host name=3D'test.org' port=3D'3260'/>\n"
+                       "</source>\n", 1);
+    TEST_BACKING_PARSE_FULL("json:{\"file\":{\"driver\":\"iscsi\","
+                                            "\"transport\":\"tcp\","
+                                            "\"portal\":\"test.org\","
+                                            "\"password\":\"testpass\","
+                                            "\"target\":\"iqn.2016-12.com.=
virttest:emulated-iscsi-auth.target\""
+                                            "}"
+                            "}",
+                       "<source protocol=3D'iscsi' name=3D'iqn.2016-12.com=
.virttest:emulated-iscsi-auth.target/0'>\n"
+                       "  <host name=3D'test.org' port=3D'3260'/>\n"
+                       "</source>\n", 1);
     TEST_BACKING_PARSE("json:{\"file\":{\"driver\":\"iscsi\","
                                        "\"transport\":\"tcp\","
                                        "\"portal\":\"test.org:1234\","
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list