The 'domdisplay' command didn't properly evaluate '--include-password'
option.
---
tools/virsh.c | 35 +++++++++++++++++++++++------------
1 files changed, 23 insertions(+), 12 deletions(-)
diff --git a/tools/virsh.c b/tools/virsh.c
index 5888d6c..e0765ba 100644
--- a/tools/virsh.c
+++ b/tools/virsh.c
@@ -66,6 +66,7 @@
#include "virtypedparam.h"
#include "intprops.h"
#include "conf/virdomainlist.h"
+#include "datatypes.h"
static char *progname;
@@ -13882,7 +13883,16 @@ cmdDomDisplay(vshControl *ctl, const vshCmd *cmd)
goto cleanup;
}
- doc = virDomainGetXMLDesc(dom, 0);
+ if (!vshCommandOptBool(cmd, "include-password"))
+ doc = virDomainGetXMLDesc(dom, 0);
+ else {
+ if (ctl->conn->flags & VIR_DOMAIN_XML_SECURE) {
+ vshError(ctl, _("Cannot get password with read-only connection"));
+ goto cleanup;
+ }
+ doc = virDomainGetXMLDesc(dom, VIR_DOMAIN_XML_SECURE);
+ }
+
if (!doc)
goto cleanup;
@@ -13944,19 +13954,20 @@ cmdDomDisplay(vshControl *ctl, const vshCmd *cmd)
if (tmp)
tls_port = 0;
- if (vshCommandOptBool(cmd, "daemon")) {
- /* Create our XPATH lookup for the SPICE password */
- virAsprintf(&xpath, "string(/domain/devices/graphics"
+ /* Create our XPATH lookup for the SPICE password */
+ virAsprintf(&xpath, "string(/domain/devices/graphics"
"[@type='%s']/@passwd)", scheme[iter]);
- if (!xpath) {
- virReportOOMError();
- goto cleanup;
- }
-
- /* Attempt to get the SPICE password */
- passwd = virXPathString(xpath, ctxt);
- VIR_FREE(xpath);
+ if (!xpath) {
+ virReportOOMError();
+ goto cleanup;
}
+
+ /* Attempt to get the SPICE password
+ *
+ * This will return NULL automatically if the
+ * virDomainGetXMLDesc wasn't secure */
+ passwd = virXPathString(xpath, ctxt);
+ VIR_FREE(xpath);
}
/* Build up the full URI, starting with the scheme */
--
1.7.8.6
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list