From nobody Sun May 19 00:43:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) client-ip=63.128.21.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1607433067; cv=none; d=zohomail.com; s=zohoarc; b=bxaONBtKFeSXMVo0sihZFIn7SnLZTKLcnlYdzvOMHGaKopdYINGkwC2lfUgTDPN1kMC/gMdKBY9NR/tEe/+QnDqvEc64/iCp6RfW4GvRm/YB7mOOSCkBQv+gEGXbOUCJZrvs3zEt1uRc5H5NR7LXcjFRjhGvL7VOy1ZkHf/r9NY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1607433067; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=oiNRVTC2GCcELmyyRk+InFZhE4khA75WxW3GU45qfQ0=; b=H8jWPY9Tzwc7ykuLQWJNg6EN0yxePG3TslQTu0oLFWTnR3ef7bOjm6RNhuHDLpUsBGCqHsxH+bbqqYKHoskAw0AdEnkltl6fYL4SaR4QqiVedBvAI8lMzdx2foL4KNP50/EKkh7jR7Od7qEE5ltr1++Lrk0emlBipW9/CYRQovg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by mx.zohomail.com with SMTPS id 160743306711973.32076994096417; Tue, 8 Dec 2020 05:11:07 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-130-s5GPZnzmMu-S9JYNKuSG2Q-1; Tue, 08 Dec 2020 08:11:02 -0500 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id BFBD0858187; Tue, 8 Dec 2020 13:10:56 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 6ECF05D719; Tue, 8 Dec 2020 13:10:56 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id BF1B64A7C6; Tue, 8 Dec 2020 13:10:55 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 0B8DAT86015958 for ; Tue, 8 Dec 2020 08:10:29 -0500 Received: by smtp.corp.redhat.com (Postfix) id 299EB5D719; Tue, 8 Dec 2020 13:10:29 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.193.169]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9CA685D6D5 for ; Tue, 8 Dec 2020 13:10:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1607433066; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=oiNRVTC2GCcELmyyRk+InFZhE4khA75WxW3GU45qfQ0=; b=AD1Rnk5eCnPYVc3/EQdSikF57g0hpBwC1M7R/ipdEUcsUcuef0L9IoPn3b8rnFBMEetRmG QrgNJpwMDbuKwM9egCJfFwjjjZPbgN17fqQhFnPZHsemq5ZxLQpQu0DG/6Hd8rg6h5/i8x 3XOeAsnnyvF+JXZuN6tfFPX9tn2qvvE= X-MC-Unique: s5GPZnzmMu-S9JYNKuSG2Q-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 1/2] virsh: Fix logical error in cmdSetUserSSHKeys() Date: Tue, 8 Dec 2020 14:10:25 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" In v6.10.0-rc1~104 I've added a virsh command that exposes virDomainAuthorizedSSHKeysSet() API under "set-user-sshkeys" command. The command accepts mutually exclusive "--reset" and "--remove" options (among others). While the former controls the VIR_DOMAIN_AUTHORIZED_SSH_KEYS_SET_APPEND flag, the latter controls the VIR_DOMAIN_AUTHORIZED_SSH_KEYS_SET_REMOVE flag. These flags are also mutually exclusive. But the code that sets them has a logical error which may result in both flags being set. In fact, this results in user being not able to set just the remove flag. Fixes: 87d12effbea8b414c250b6fefd93154c62a99370 Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=3D1904674 Signed-off-by: Michal Privoznik Reviewed-by: J=C3=83=C2=A1n Tomko --- tools/virsh-domain.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c index 1fb4189b4b..6266c7acd2 100644 --- a/tools/virsh-domain.c +++ b/tools/virsh-domain.c @@ -14375,17 +14375,18 @@ cmdSetUserSSHKeys(vshControl *ctl, const vshCmd *= cmd) if (vshCommandOptStringReq(ctl, cmd, "file", &from) < 0) goto cleanup; =20 - if (!vshCommandOptBool(cmd, "reset")) { - flags |=3D VIR_DOMAIN_AUTHORIZED_SSH_KEYS_SET_APPEND; - - if (!from) { - vshError(ctl, _("Option --file is required")); - goto cleanup; - } - } - - if (vshCommandOptBool(cmd, "remove")) + if (vshCommandOptBool(cmd, "remove")) { flags |=3D VIR_DOMAIN_AUTHORIZED_SSH_KEYS_SET_REMOVE; + } else { + if (!vshCommandOptBool(cmd, "reset")) { + flags |=3D VIR_DOMAIN_AUTHORIZED_SSH_KEYS_SET_APPEND; + + if (!from) { + vshError(ctl, _("Option --file is required")); + goto cleanup; + } + } + } =20 if (from) { if (virFileReadAll(from, VSH_MAX_XML_FILE, &buffer) < 0) { --=20 2.26.2 From nobody Sun May 19 00:43:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1607433085; cv=none; d=zohomail.com; s=zohoarc; b=e2nCzY5K9vDIMuKVrlZ2uYlgygECWaclnWp2O8sEP5Vh0zsmsPSraACuitchun0XBsICq2F3WnvZu3NyBQ24C2QXNjzWanVz6BrPJVBatzymtwc42kndco4ROIGshl64Qx7/K8/jSTuSkArkRg91HVgvp8casQNN/oFByf9DL5U= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1607433085; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=/hf/m56EJKcWUQ1FYEEbSfz+ror8M0EH5x/KM3pCGbg=; b=hxnsktZAanRnTPV3Cum6LPlMCPRiCwEudFp0h66aHvDtbxTp2EwmkEOgOLNJU+GU25XDXYDTZZCzw/hPsje+TMU1Y/agKhyboemZqdeurWgFckKDY51FZF3auJ6xX4EZejMQZvDwhVbPXKrw7KM3HdUUM/aiqsuyHH12pQ7bBVc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1607433085567486.03706316518844; Tue, 8 Dec 2020 05:11:25 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-255-TwTPBoinN0iAWZtCjz6XKg-1; Tue, 08 Dec 2020 08:11:22 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id AFF8E858186; Tue, 8 Dec 2020 13:11:15 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 857A960877; Tue, 8 Dec 2020 13:11:15 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 4BB091809C9F; Tue, 8 Dec 2020 13:11:15 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 0B8DAUD1015966 for ; Tue, 8 Dec 2020 08:10:30 -0500 Received: by smtp.corp.redhat.com (Postfix) id 088105D6AB; Tue, 8 Dec 2020 13:10:30 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.193.169]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7B9665D6D5 for ; Tue, 8 Dec 2020 13:10:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1607433084; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=/hf/m56EJKcWUQ1FYEEbSfz+ror8M0EH5x/KM3pCGbg=; b=XDs5qI7ulujP8U6L+He7NutaVCHEPhG+rg26UURQl9PZK7tZpSz1t1EPCdE0r/llDOD7Is 9I77TNWqR/Qyxye16lxEuE3w3hMoH5Q3QIvxu4kBQGt88iV8FCFT1qOdUKQQbrJ/poXZH+ 4dFQphhJdn8M12SZon4JP65r0tm7P/o= X-MC-Unique: TwTPBoinN0iAWZtCjz6XKg-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 2/2] virsh: cmdSetUserSSHKeys: Error early if the file doesn't contain any keys Date: Tue, 8 Dec 2020 14:10:26 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" When removing SSH keys via set-user-sshkeys virsh command, then files to remove are read from passed file. But when experimenting, I've passed /dev/null as the file which resulted in API checks which caught that @keys argument of virDomainAuthorizedSSHKeysSet() can't be NULL. This is because if the file is empty then its content is an empty string and thus the buffer the file was read in to is not NULL. Long story short, error is reported correctly, but it's not necessary to go through public API to catch it. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=83=C2=A1n Tomko --- tools/virsh-domain.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c index 6266c7acd2..befa8d2448 100644 --- a/tools/virsh-domain.c +++ b/tools/virsh-domain.c @@ -14398,6 +14398,10 @@ cmdSetUserSSHKeys(vshControl *ctl, const vshCmd *c= md) goto cleanup; =20 nkeys =3D virStringListLength((const char **) keys); + if (nkeys =3D=3D 0) { + vshError(ctl, _("File %s contains no keys"), from); + goto cleanup; + } } =20 if (virDomainAuthorizedSSHKeysSet(dom, user, --=20 2.26.2