On 04/08/2013 10:45 AM, Daniel P. Berrange wrote: > On Mon, Apr 08, 2013 at 12:35:40PM -0400, Milos Vyletel wrote: >> Even though http://libvirt.org/formatdomain.html#elementsMetadata >> states that it requires RFC4122 compliance UUIDs that are generated >> by virUUIDGenerate() are not. Neither does virUUIDIsValid() check >> for RFC4122 compliance. Following patch modifies virUUIDGenerate() >> to generate valid UUIDs and adds check to virUUIDIsValid() to validate >> UUIDs. >> >> >> + /* >> + * RFC4122 defines version 1 to 5 (section 4.1.3) >> + * RFC4122 defined variant is desribed in section 4.1.1 >> + */ >> + version = (uuid[6] >> 4); >> + variant = (uuid[8] >> 6); >> + if (!(version > 0 && version <= 5) || variant != 2) >> + return 0; >> + >> c = uuid[0]; >> >> for (i = 1; i < VIR_UUID_BUFLEN; i++) > > but NACk to this part > > What you're checking here is just one possible valid scheme for UUIDs. > We shouldn't reject UUIDs just because they use a different scheme than > the one we do. Furthermore, if we took this hunk, but a user is running a guest created by a previous version of libvirt that happened to generate an invalid UUID, we would lose the ability to manage that older guest. It _might_ be appropriate to warn the user when a UUID is not valid according to the schemes we recognize, but it must be a warning and not a fatal error; furthermore, if we do add such a warning, we'd need to recognize ALL of the schemes that are valid in the RFCs, not just the particular scheme we use when generating a uuid ourselves, so as to minimize false negative printouts of the warning. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list