From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>
When dispatching an RPC API call, setup the current identity to
hold the identity of the network client associated with the
RPC message being dispatched. The setting is thread-local, so
only affects the API call in this thread
Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
---
src/rpc/virnetserverprogram.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/src/rpc/virnetserverprogram.c b/src/rpc/virnetserverprogram.c
index 414b978..b80923d 100644
--- a/src/rpc/virnetserverprogram.c
+++ b/src/rpc/virnetserverprogram.c
@@ -375,6 +375,7 @@ virNetServerProgramDispatchCall(virNetServerProgramPtr prog,
virNetServerProgramProcPtr dispatcher;
virNetMessageError rerr;
size_t i;
+ virIdentityPtr identity = NULL;
memset(&rerr, 0, sizeof(rerr));
@@ -419,6 +420,12 @@ virNetServerProgramDispatchCall(virNetServerProgramPtr prog,
if (virNetMessageDecodePayload(msg, dispatcher->arg_filter, arg) < 0)
goto error;
+ if (!(identity = virNetServerClientGetIdentity(client)))
+ goto error;
+
+ if (virIdentitySetCurrent(identity) < 0)
+ goto error;
+
/*
* When the RPC handler is called:
*
@@ -431,6 +438,9 @@ virNetServerProgramDispatchCall(virNetServerProgramPtr prog,
*/
rv = (dispatcher->func)(server, client, msg, &rerr, arg, ret);
+ if (virIdentitySetCurrent(NULL) < 0)
+ goto error;
+
/*
* If rv == 1, this indicates the dispatch func has
* populated 'msg' with a list of FDs to return to
@@ -481,6 +491,7 @@ virNetServerProgramDispatchCall(virNetServerProgramPtr prog,
VIR_FREE(arg);
VIR_FREE(ret);
+ virObjectUnref(identity);
/* Put reply on end of tx queue to send out */
return virNetServerClientSendMessage(client, msg);
@@ -491,6 +502,7 @@ error:
VIR_FREE(arg);
VIR_FREE(ret);
+ virObjectUnref(identity);
return rv;
}
--
1.8.1.4
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list