[PATCH 11/23] src: switch from fnmatch to g_pattern_match_simple

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The g_pattern_match function_simple is an acceptably close
approximation of fnmatch for libvirt's needs.

In contrast to fnmatch(), the '/' character can be matched
by the wildcards, there are no '[...]' character ranges and
'*' and '?' can not be escaped to include them literally in
a pattern.

Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx>
---
 src/qemu/qemu_firmware.c        |  4 +---
 src/remote/libvirtd.conf.in     |  8 ++++++--
 src/rpc/virnetsaslcontext.c     | 11 +----------
 src/rpc/virnettlscontext.c      | 10 +---------
 src/util/virlog.c               |  5 ++---
 tests/virconfdata/libvirtd.conf |  8 ++++++--
 tests/virconfdata/libvirtd.out  |  8 ++++++--
 tools/virt-login-shell-helper.c |  5 ++---
 8 files changed, 25 insertions(+), 34 deletions(-)

diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c
index f62ce90ac9..6a76d355f5 100644
--- a/src/qemu/qemu_firmware.c
+++ b/src/qemu/qemu_firmware.c
@@ -20,8 +20,6 @@
 
 #include <config.h>
 
-#include <fnmatch.h>
-
 #include "qemu_firmware.h"
 #include "qemu_interop_config.h"
 #include "configmake.h"
@@ -921,7 +919,7 @@ qemuFirmwareMatchesMachineArch(const qemuFirmware *fw,
             continue;
 
         for (j = 0; j < fw->targets[i]->nmachines; j++) {
-            if (fnmatch(fw->targets[i]->machines[j], machine, 0) == 0)
+            if (g_pattern_match_simple(fw->targets[i]->machines[j], machine))
                 return true;
         }
     }
diff --git a/src/remote/libvirtd.conf.in b/src/remote/libvirtd.conf.in
index f984ce0478..34741183cc 100644
--- a/src/remote/libvirtd.conf.in
+++ b/src/remote/libvirtd.conf.in
@@ -262,7 +262,9 @@
 #
 #    "C=GB,ST=London,L=London,O=Red Hat,CN=*"
 #
-# See the POSIX fnmatch function for the format of the wildcards.
+# See the g_pattern_match function for the format of the wildcards:
+#
+# https://developer.gnome.org/glib/stable/glib-Glob-style-pattern-matching.html
 #
 # NB If this is an empty list, no client can connect, so comment out
 # entirely rather than using empty list to disable these checks
@@ -288,7 +290,9 @@
 #
 #    "*@EXAMPLE.COM"
 #
-# See the POSIX fnmatch function for the format of the wildcards.
+# See the g_pattern_match function for the format of the wildcards.
+#
+# https://developer.gnome.org/glib/stable/glib-Glob-style-pattern-matching.html
 #
 # NB If this is an empty list, no client can connect, so comment out
 # entirely rather than using empty list to disable these checks
diff --git a/src/rpc/virnetsaslcontext.c b/src/rpc/virnetsaslcontext.c
index 01ff41b778..e7ed8f4390 100644
--- a/src/rpc/virnetsaslcontext.c
+++ b/src/rpc/virnetsaslcontext.c
@@ -20,8 +20,6 @@
 
 #include <config.h>
 
-#include <fnmatch.h>
-
 #include "virnetsaslcontext.h"
 #include "virnetmessage.h"
 
@@ -155,17 +153,10 @@ int virNetSASLContextCheckIdentity(virNetSASLContextPtr ctxt,
     }
 
     while (*wildcards) {
-        int rv = fnmatch(*wildcards, identity, 0);
-        if (rv == 0) {
+        if (g_pattern_match_simple(*wildcards, identity)) {
             ret = 1;
             goto cleanup; /* Successful match */
         }
-        if (rv != FNM_NOMATCH) {
-            virReportError(VIR_ERR_INTERNAL_ERROR,
-                           _("Malformed TLS whitelist regular expression '%s'"),
-                           *wildcards);
-            goto cleanup;
-        }
 
         wildcards++;
     }
diff --git a/src/rpc/virnettlscontext.c b/src/rpc/virnettlscontext.c
index 08944f6771..44f0dfce77 100644
--- a/src/rpc/virnettlscontext.c
+++ b/src/rpc/virnettlscontext.c
@@ -21,7 +21,6 @@
 #include <config.h>
 
 #include <unistd.h>
-#include <fnmatch.h>
 
 #include <gnutls/gnutls.h>
 #include <gnutls/crypto.h>
@@ -361,15 +360,8 @@ virNetTLSContextCheckCertDNWhitelist(const char *dname,
                                      const char *const*wildcards)
 {
     while (*wildcards) {
-        int ret = fnmatch(*wildcards, dname, 0);
-        if (ret == 0) /* Successful match */
+        if (g_pattern_match_simple(*wildcards, dname))
             return 1;
-        if (ret != FNM_NOMATCH) {
-            virReportError(VIR_ERR_INTERNAL_ERROR,
-                           _("Malformed TLS whitelist regular expression '%s'"),
-                           *wildcards);
-            return -1;
-        }
 
         wildcards++;
     }
diff --git a/src/util/virlog.c b/src/util/virlog.c
index 6bae56e2e3..aa98024e1c 100644
--- a/src/util/virlog.c
+++ b/src/util/virlog.c
@@ -36,7 +36,6 @@
 #if HAVE_SYS_UN_H
 # include <sys/un.h>
 #endif
-#include <fnmatch.h>
 
 #include "virerror.h"
 #include "virlog.h"
@@ -488,7 +487,7 @@ virLogSourceUpdate(virLogSourcePtr source)
         size_t i;
 
         for (i = 0; i < virLogNbFilters; i++) {
-            if (fnmatch(virLogFilters[i]->match, source->name, 0) == 0) {
+            if (g_pattern_match_simple(virLogFilters[i]->match, source->name)) {
                 priority = virLogFilters[i]->priority;
                 break;
             }
@@ -1338,7 +1337,7 @@ virLogFilterNew(const char *match,
         return NULL;
     }
 
-    /* We must treat 'foo' as equiv to '*foo*' for fnmatch
+    /* We must treat 'foo' as equiv to '*foo*' for g_pattern_match
      * todo substring matches, so add 2 extra bytes
      */
     if (VIR_ALLOC_N_QUIET(mdup, mlen + 3) < 0)
diff --git a/tests/virconfdata/libvirtd.conf b/tests/virconfdata/libvirtd.conf
index 602aa08d92..791d6c972b 100644
--- a/tests/virconfdata/libvirtd.conf
+++ b/tests/virconfdata/libvirtd.conf
@@ -183,7 +183,9 @@ tls_no_verify_certificate = 1
 #
 #    "C=GB,ST=London,L=London,O=Red Hat,CN=*"
 #
-# See the POSIX fnmatch function for the format of the wildcards.
+# See the g_pattern_match function for the format of the wildcards.
+#
+# https://developer.gnome.org/glib/stable/glib-Glob-style-pattern-matching.html
 #
 # NB If this is an empty list, no client can connect, so comment out
 # entirely rather than using empty list to disable these checks
@@ -200,7 +202,9 @@ tls_allowed_dn_list = ["DN1", "DN2"]
 #
 #    "*@EXAMPLE.COM"
 #
-# See the POSIX fnmatch function for the format of the wildcards.
+# See the g_pattern_match function for the format of the wildcards.
+#
+# https://developer.gnome.org/glib/stable/glib-Glob-style-pattern-matching.html
 #
 # NB If this is an empty list, no client can connect, so comment out
 # entirely rather than using empty list to disable these checks
diff --git a/tests/virconfdata/libvirtd.out b/tests/virconfdata/libvirtd.out
index d3f2bd20a7..cfdd23fd21 100644
--- a/tests/virconfdata/libvirtd.out
+++ b/tests/virconfdata/libvirtd.out
@@ -147,7 +147,9 @@ tls_no_verify_certificate = 1
 #
 #    "C=GB,ST=London,L=London,O=Red Hat,CN=*"
 #
-# See the POSIX fnmatch function for the format of the wildcards.
+# See the g_pattern_match function for the format of the wildcards.
+#
+# https://developer.gnome.org/glib/stable/glib-Glob-style-pattern-matching.html
 #
 # NB If this is an empty list, no client can connect, so comment out
 # entirely rather than using empty list to disable these checks
@@ -162,7 +164,9 @@ tls_allowed_dn_list = [ "DN1", "DN2" ]
 #
 #    "*@EXAMPLE.COM"
 #
-# See the POSIX fnmatch function for the format of the wildcards.
+# See the g_pattern_match function for the format of the wildcards.
+#
+# https://developer.gnome.org/glib/stable/glib-Glob-style-pattern-matching.html
 #
 # NB If this is an empty list, no client can connect, so comment out
 # entirely rather than using empty list to disable these checks
diff --git a/tools/virt-login-shell-helper.c b/tools/virt-login-shell-helper.c
index 87735833d9..e3aefc2c06 100644
--- a/tools/virt-login-shell-helper.c
+++ b/tools/virt-login-shell-helper.c
@@ -19,7 +19,6 @@
  */
 #include <config.h>
 
-#include <fnmatch.h>
 #include <getopt.h>
 #include <signal.h>
 #include <stdarg.h>
@@ -67,14 +66,14 @@ static int virLoginShellAllowedUser(virConfPtr conf,
             for (i = 0; i < ngroups; i++) {
                 if (!(gname = virGetGroupName(groups[i])))
                     continue;
-                if (fnmatch(entry, gname, 0) == 0) {
+                if (g_pattern_match_simple(entry, gname)) {
                     ret = 0;
                     goto cleanup;
                 }
                 VIR_FREE(gname);
             }
         } else {
-            if (fnmatch(entry, name, 0) == 0) {
+            if (g_pattern_match_simple(entry, name)) {
                 ret = 0;
                 goto cleanup;
             }
-- 
2.24.1

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux