Move to secret_conf.c and rename to virSecretLoadAllConfigs. Also includes moving/renaming the supporting virSecretLoad, virSecretLoadValue, and virSecretLoadValidateUUID. Signed-off-by: John Ferlan <jferlan@xxxxxxxxxx> --- src/conf/secret_conf.c | 175 +++++++++++++++++++++++++++++++++++++++++++++ src/conf/secret_conf.h | 3 + src/libvirt_private.syms | 1 + src/secret/secret_driver.c | 174 +------------------------------------------- 4 files changed, 181 insertions(+), 172 deletions(-) diff --git a/src/conf/secret_conf.c b/src/conf/secret_conf.c index 0e73c2d..f6eee6f 100644 --- a/src/conf/secret_conf.c +++ b/src/conf/secret_conf.c @@ -21,6 +21,9 @@ */ #include <config.h> +#include <dirent.h> +#include <fcntl.h> +#include <sys/stat.h> #include "internal.h" #include "virbuffer.h" @@ -33,6 +36,7 @@ #include "viruuid.h" #include "virhash.h" #include "virfile.h" +#include "base64.h" #define VIR_FROM_THIS VIR_FROM_SECRET @@ -969,3 +973,174 @@ virSecretDefFormat(const virSecretDef *def) virBufferFreeAndReset(&buf); return NULL; } + + +static int +virSecretLoadValidateUUID(virSecretDefPtr def, + const char *file) +{ + char uuidstr[VIR_UUID_STRING_BUFLEN]; + + virUUIDFormat(def->uuid, uuidstr); + + if (!virFileMatchesNameSuffix(file, uuidstr, ".xml")) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("<uuid> does not match secret file name '%s'"), + file); + return -1; + } + + return 0; +} + + +static int +virSecretLoadValue(virSecretObjPtr secret) +{ + int ret = -1, fd = -1; + struct stat st; + char *contents = NULL, *value = NULL; + size_t value_size; + + if ((fd = open(secret->base64File, O_RDONLY)) == -1) { + if (errno == ENOENT) { + ret = 0; + goto cleanup; + } + virReportSystemError(errno, _("cannot open '%s'"), + secret->base64File); + goto cleanup; + } + + if (fstat(fd, &st) < 0) { + virReportSystemError(errno, _("cannot stat '%s'"), + secret->base64File); + goto cleanup; + } + + if ((size_t)st.st_size != st.st_size) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("'%s' file does not fit in memory"), + secret->base64File); + goto cleanup; + } + + if (VIR_ALLOC_N(contents, st.st_size) < 0) + goto cleanup; + + if (saferead(fd, contents, st.st_size) != st.st_size) { + virReportSystemError(errno, _("cannot read '%s'"), + secret->base64File); + goto cleanup; + } + + VIR_FORCE_CLOSE(fd); + + if (!base64_decode_alloc(contents, st.st_size, &value, &value_size)) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("invalid base64 in '%s'"), + secret->base64File); + goto cleanup; + } + if (value == NULL) + goto cleanup; + + secret->value = (unsigned char *)value; + value = NULL; + secret->value_size = value_size; + + ret = 0; + + cleanup: + if (value != NULL) { + memset(value, 0, value_size); + VIR_FREE(value); + } + if (contents != NULL) { + memset(contents, 0, st.st_size); + VIR_FREE(contents); + } + VIR_FORCE_CLOSE(fd); + return ret; +} + + +static virSecretObjPtr +virSecretLoad(virSecretObjListPtr secrets, + const char *file, + const char *path, + const char *configDir) +{ + virSecretDefPtr def = NULL; + virSecretObjPtr secret = NULL, ret = NULL; + + if (!(def = virSecretDefParseFile(path))) + goto cleanup; + + if (virSecretLoadValidateUUID(def, file) < 0) + goto cleanup; + + if (!(secret = virSecretObjListAdd(secrets, def, configDir, NULL))) + goto cleanup; + def = NULL; + + if (virSecretLoadValue(secret) < 0) + goto cleanup; + + ret = secret; + secret = NULL; + + cleanup: + if (secret) + virSecretObjListRemove(secrets, secret); + virSecretDefFree(def); + return ret; +} + + +int +virSecretLoadAllConfigs(virSecretObjListPtr secrets, + const char *configDir) +{ + DIR *dir = NULL; + struct dirent *de; + + if (!(dir = opendir(configDir))) { + if (errno == ENOENT) + return 0; + virReportSystemError(errno, _("cannot open '%s'"), configDir); + return -1; + } + + /* Ignore errors reported by readdir or other calls within the + * loop (if any). It's better to keep the secrets we managed to find. */ + while (virDirRead(dir, &de, NULL) > 0) { + char *path; + virSecretObjPtr secret; + + if (STREQ(de->d_name, ".") || STREQ(de->d_name, "..")) + continue; + + if (!virFileHasSuffix(de->d_name, ".xml")) + continue; + + if (!(path = virFileBuildPath(configDir, de->d_name, NULL))) + continue; + + if (!(secret = virSecretLoad(secrets, de->d_name, path, configDir))) { + virErrorPtr err = virGetLastError(); + + VIR_ERROR(_("Error reading secret: %s"), + err != NULL ? err->message: _("unknown error")); + virResetError(err); + VIR_FREE(path); + continue; + } + + VIR_FREE(path); + virSecretObjEndAPI(&secret); + } + + closedir(dir); + return 0; +} diff --git a/src/conf/secret_conf.h b/src/conf/secret_conf.h index 1c9de52..d3bd10c 100644 --- a/src/conf/secret_conf.h +++ b/src/conf/secret_conf.h @@ -131,4 +131,7 @@ char *virSecretDefFormat(const virSecretDef *def); (VIR_CONNECT_LIST_SECRETS_FILTERS_EPHEMERAL | \ VIR_CONNECT_LIST_SECRETS_FILTERS_PRIVATE) +int virSecretLoadAllConfigs(virSecretObjListPtr secrets, + const char *configDir); + #endif diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 18a30ce..4e1ee8e 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -785,6 +785,7 @@ virSecretDefFormat; virSecretDefFree; virSecretDefParseFile; virSecretDefParseString; +virSecretLoadAllConfigs; virSecretObjEndAPI; virSecretObjListAdd; virSecretObjListExport; diff --git a/src/secret/secret_driver.c b/src/secret/secret_driver.c index 13ab365..b8d9ecc 100644 --- a/src/secret/secret_driver.c +++ b/src/secret/secret_driver.c @@ -22,7 +22,6 @@ #include <config.h> -#include <dirent.h> #include <fcntl.h> #include <string.h> #include <sys/stat.h> @@ -189,175 +188,6 @@ secretDeleteSaved(const virSecretObj *secret) return 0; } -static int -secretLoadValidateUUID(virSecretDefPtr def, - const char *file) -{ - char uuidstr[VIR_UUID_STRING_BUFLEN]; - - virUUIDFormat(def->uuid, uuidstr); - - if (!virFileMatchesNameSuffix(file, uuidstr, ".xml")) { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("<uuid> does not match secret file name '%s'"), - file); - return -1; - } - - return 0; -} - -static int -secretLoadValue(virSecretObjPtr secret) -{ - int ret = -1, fd = -1; - struct stat st; - char *contents = NULL, *value = NULL; - size_t value_size; - - if ((fd = open(secret->base64File, O_RDONLY)) == -1) { - if (errno == ENOENT) { - ret = 0; - goto cleanup; - } - virReportSystemError(errno, _("cannot open '%s'"), - secret->base64File); - goto cleanup; - } - - if (fstat(fd, &st) < 0) { - virReportSystemError(errno, _("cannot stat '%s'"), - secret->base64File); - goto cleanup; - } - - if ((size_t)st.st_size != st.st_size) { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("'%s' file does not fit in memory"), - secret->base64File); - goto cleanup; - } - - if (VIR_ALLOC_N(contents, st.st_size) < 0) - goto cleanup; - - if (saferead(fd, contents, st.st_size) != st.st_size) { - virReportSystemError(errno, _("cannot read '%s'"), - secret->base64File); - goto cleanup; - } - - VIR_FORCE_CLOSE(fd); - - if (!base64_decode_alloc(contents, st.st_size, &value, &value_size)) { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("invalid base64 in '%s'"), - secret->base64File); - goto cleanup; - } - if (value == NULL) - goto cleanup; - - secret->value = (unsigned char *)value; - value = NULL; - secret->value_size = value_size; - - ret = 0; - - cleanup: - if (value != NULL) { - memset(value, 0, value_size); - VIR_FREE(value); - } - if (contents != NULL) { - memset(contents, 0, st.st_size); - VIR_FREE(contents); - } - VIR_FORCE_CLOSE(fd); - return ret; -} - - -static virSecretObjPtr -secretLoad(virSecretObjListPtr secrets, - const char *file, - const char *path, - const char *configDir) -{ - virSecretDefPtr def = NULL; - virSecretObjPtr secret = NULL, ret = NULL; - - if (!(def = virSecretDefParseFile(path))) - goto cleanup; - - if (secretLoadValidateUUID(def, file) < 0) - goto cleanup; - - if (!(secret = virSecretObjListAdd(secrets, def, configDir, NULL))) - goto cleanup; - def = NULL; - - if (secretLoadValue(secret) < 0) - goto cleanup; - - ret = secret; - secret = NULL; - - cleanup: - if (secret) - virSecretObjListRemove(secrets, secret); - virSecretDefFree(def); - return ret; -} - - -static int -secretLoadAllConfigs(virSecretObjListPtr secrets, - const char *configDir) -{ - DIR *dir = NULL; - struct dirent *de; - - if (!(dir = opendir(configDir))) { - if (errno == ENOENT) - return 0; - virReportSystemError(errno, _("cannot open '%s'"), configDir); - return -1; - } - - /* Ignore errors reported by readdir or other calls within the - * loop (if any). It's better to keep the secrets we managed to find. */ - while (virDirRead(dir, &de, NULL) > 0) { - char *path; - virSecretObjPtr secret; - - if (STREQ(de->d_name, ".") || STREQ(de->d_name, "..")) - continue; - - if (!virFileHasSuffix(de->d_name, ".xml")) - continue; - - if (!(path = virFileBuildPath(configDir, de->d_name, NULL))) - continue; - - if (!(secret = secretLoad(secrets, de->d_name, path, configDir))) { - virErrorPtr err = virGetLastError(); - - VIR_ERROR(_("Error reading secret: %s"), - err != NULL ? err->message: _("unknown error")); - virResetError(err); - VIR_FREE(path); - continue; - } - - VIR_FREE(path); - virSecretObjEndAPI(&secret); - } - - closedir(dir); - return 0; -} - /* Driver functions */ static int @@ -721,7 +551,7 @@ secretStateInitialize(bool privileged, if (!(driver->secrets = virSecretObjListNew())) goto error; - if (secretLoadAllConfigs(driver->secrets, driver->configDir) < 0) + if (virSecretLoadAllConfigs(driver->secrets, driver->configDir) < 0) goto error; secretDriverUnlock(); @@ -742,7 +572,7 @@ secretStateReload(void) secretDriverLock(); - ignore_value(secretLoadAllConfigs(driver->secrets, driver->configDir)); + ignore_value(virSecretLoadAllConfigs(driver->secrets, driver->configDir)); secretDriverUnlock(); return 0; -- 2.5.0 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list