Using plain password is still supported for back-compat reason.
Example XML:
<auth type='chap' username='foo'>
<secret uuid='48dcd4a4-b25f-4fc6-8874-84797c6e3678'/>
</auth>
* docs/schemas/storagepool.rng (Add sourceinfoauthsecret as a choice)
* src/conf/storage_conf.h (union "passwd" and virStoragePoolAuthSecret)
* src/conf/storage_conf.c (s/chap\.passwd/chap\.u\.passwd/;
Add a helper virStoragePoolAuthDefFormat;
Parse the secret XMLs for "chap" auth)
* tests/storagepoolxml2xmlin/pool-iscsi-auth-secret.xml: (New tests)
* tests/storagepoolxml2xmlout/pool-iscsi-auth-secret.xml: (Likewise)
---
docs/schemas/storagepool.rng | 9 ++-
src/conf/storage_conf.c | 71 +++++++++++++++-------
src/conf/storage_conf.h | 11 +++-
.../pool-iscsi-auth-secret.xml | 19 ++++++
.../pool-iscsi-auth-secret.xml | 22 +++++++
5 files changed, 107 insertions(+), 25 deletions(-)
create mode 100644 tests/storagepoolxml2xmlin/pool-iscsi-auth-secret.xml
create mode 100644 tests/storagepoolxml2xmlout/pool-iscsi-auth-secret.xml
diff --git a/docs/schemas/storagepool.rng b/docs/schemas/storagepool.rng
index ba6c741..386de1b 100644
--- a/docs/schemas/storagepool.rng
+++ b/docs/schemas/storagepool.rng
@@ -295,9 +295,12 @@
<text/>
</attribute>
</choice>
- <attribute name='passwd'>
- <text/>
- </attribute>
+ <choice>
+ <attribute name='passwd'>
+ <text/>
+ </attribute>
+ <ref name='sourceinfoauthsecret'/>
+ </choice>
</interleave>
</group>
<group>
diff --git a/src/conf/storage_conf.c b/src/conf/storage_conf.c
index 0047372..8f83bae 100644
--- a/src/conf/storage_conf.c
+++ b/src/conf/storage_conf.c
@@ -349,7 +349,10 @@ virStoragePoolSourceClear(virStoragePoolSourcePtr source)
if (source->authType == VIR_STORAGE_POOL_AUTH_CHAP) {
VIR_FREE(source->auth.chap.login);
- VIR_FREE(source->auth.chap.passwd);
+ if (source->auth.chap.type == VIR_STORAGE_POOL_AUTH_CHAP_PLAIN_PASSWORD)
+ VIR_FREE(source->auth.chap.u.passwd);
+ else if (source->auth.chap.type == VIR_STORAGE_POOL_AUTH_CHAP_SECRET)
+ VIR_FREE(source->auth.chap.u.secret.usage);
}
if (source->authType == VIR_STORAGE_POOL_AUTH_CEPHX) {
@@ -483,6 +486,8 @@ virStoragePoolDefParseAuthChap(xmlXPathContextPtr ctxt,
{
char *login = NULL;
char *username = NULL;
+ char *passwd = NULL;
+ int rc;
login = virXPathString("string(./auth/@login)", ctxt);
username = virXPathString("string(./auth/@username)", ctxt);
@@ -507,10 +512,20 @@ virStoragePoolDefParseAuthChap(xmlXPathContextPtr ctxt,
else if (username)
auth->login = username;
- auth->passwd = virXPathString("string(./auth/@passwd)", ctxt);
- if (auth->passwd == NULL) {
+ passwd = virXPathString("string(./auth/@passwd)", ctxt);
+ rc = virStoragePoolDefParseAuthSecret(ctxt, &auth->u.secret);
+
+ if (passwd) {
+ auth->type = VIR_STORAGE_POOL_AUTH_CHAP_PLAIN_PASSWORD;
+ auth->u.passwd = passwd;
+ } else if (rc == 0) {
+ auth->type = VIR_STORAGE_POOL_AUTH_CHAP_SECRET;
+ } else if (rc < 0) {
+ return -1;
+ } else {
virReportError(VIR_ERR_XML_ERROR, "%s",
- _("missing auth passwd attribute"));
+ _("Either 'passwd' attribute or 'secret' element "
+ "should be specified"));
return -1;
}
@@ -1048,13 +1063,30 @@ virStoragePoolDefParseFile(const char *filename)
return virStoragePoolDefParse(NULL, filename);
}
+static void
+virStoragePoolAuthDefFormat(virBufferPtr buf,
+ virStoragePoolAuthSecret secret)
+{
+ char uuid[VIR_UUID_STRING_BUFLEN];
+
+ virBufferAddLit(buf, " <secret");
+ if (secret.uuidUsable) {
+ virUUIDFormat(secret.uuid, uuid);
+ virBufferAsprintf(buf, " uuid='%s'", uuid);
+ }
+
+ if (secret.usage != NULL) {
+ virBufferAsprintf(buf, " usage='%s'", secret.usage);
+ }
+ virBufferAddLit(buf, "/>\n");
+}
+
static int
virStoragePoolSourceFormat(virBufferPtr buf,
virStoragePoolOptionsPtr options,
virStoragePoolSourcePtr src)
{
int i, j;
- char uuid[VIR_UUID_STRING_BUFLEN];
virBufferAddLit(buf," <source>\n");
if ((options->flags & VIR_STORAGE_POOL_SOURCE_HOST) && src->nhost) {
@@ -1129,26 +1161,23 @@ virStoragePoolSourceFormat(virBufferPtr buf,
virBufferAsprintf(buf," <format type='%s'/>\n", format);
}
- if (src->authType == VIR_STORAGE_POOL_AUTH_CHAP)
- virBufferAsprintf(buf," <auth type='chap' username='%s' passwd='%s'/>\n",
- src->auth.chap.login,
- src->auth.chap.passwd);
+ if (src->authType == VIR_STORAGE_POOL_AUTH_CHAP) {
+ virBufferAsprintf(buf," <auth type='chap' username='%s'",
+ src->auth.chap.login);
+ if (src->auth.chap.type == VIR_STORAGE_POOL_AUTH_CHAP_PLAIN_PASSWORD) {
+ virBufferAsprintf(buf, " passwd='%s'/>\n",
+ src->auth.chap.u.passwd);
+ } else if (src->auth.chap.type == VIR_STORAGE_POOL_AUTH_CHAP_SECRET) {
+ virBufferAddLit(buf, ">\n");
+ virStoragePoolAuthDefFormat(buf, src->auth.chap.u.secret);
+ virBufferAddLit(buf," </auth>\n");
+ }
+ }
if (src->authType == VIR_STORAGE_POOL_AUTH_CEPHX) {
virBufferAsprintf(buf," <auth username='%s' type='ceph'>\n",
src->auth.cephx.username);
-
- virBufferAddLit(buf," <secret");
- if (src->auth.cephx.secret.uuidUsable) {
- virUUIDFormat(src->auth.cephx.secret.uuid, uuid);
- virBufferAsprintf(buf," uuid='%s'", uuid);
- }
-
- if (src->auth.cephx.secret.usage != NULL) {
- virBufferAsprintf(buf," usage='%s'", src->auth.cephx.secret.usage);
- }
- virBufferAddLit(buf,"/>\n");
-
+ virStoragePoolAuthDefFormat(buf, src->auth.cephx.secret);
virBufferAddLit(buf," </auth>\n");
}
diff --git a/src/conf/storage_conf.h b/src/conf/storage_conf.h
index aff1393..b52cdc4 100644
--- a/src/conf/storage_conf.h
+++ b/src/conf/storage_conf.h
@@ -153,11 +153,20 @@ struct _virStoragePoolAuthSecret {
bool uuidUsable;
};
+enum virStoragePoolAuthChapType {
+ VIR_STORAGE_POOL_AUTH_CHAP_PLAIN_PASSWORD,
+ VIR_STORAGE_POOL_AUTH_CHAP_SECRET,
+};
+
typedef struct _virStoragePoolAuthChap virStoragePoolAuthChap;
typedef virStoragePoolAuthChap *virStoragePoolAuthChapPtr;
struct _virStoragePoolAuthChap {
char *login;
- char *passwd;
+ int type; /* enum virStoragePoolAuthChapType */
+ union {
+ char *passwd;
+ virStoragePoolAuthSecret secret;
+ } u;
};
typedef struct _virStoragePoolAuthCephx virStoragePoolAuthCephx;
diff --git a/tests/storagepoolxml2xmlin/pool-iscsi-auth-secret.xml b/tests/storagepoolxml2xmlin/pool-iscsi-auth-secret.xml
new file mode 100644
index 0000000..c897cc6
--- /dev/null
+++ b/tests/storagepoolxml2xmlin/pool-iscsi-auth-secret.xml
@@ -0,0 +1,19 @@
+<pool type='iscsi'>
+ <name>virtimages</name>
+ <uuid>e9392370-2917-565e-692b-d057f46512d6</uuid>
+ <source>
+ <host name="iscsi.example.com"/>
+ <device path="demo-target"/>
+ <auth type='chap' username='foobar'>
+ <secret uuid='2ec115d7-3a88-3ceb-bc12-0ac909a6fd87'/>
+ </auth>
+ </source>
+ <target>
+ <path>/dev/disk/by-path</path>
+ <permissions>
+ <mode>0700</mode>
+ <owner>0</owner>
+ <group>0</group>
+ </permissions>
+ </target>
+</pool>
diff --git a/tests/storagepoolxml2xmlout/pool-iscsi-auth-secret.xml b/tests/storagepoolxml2xmlout/pool-iscsi-auth-secret.xml
new file mode 100644
index 0000000..0ab3b3d
--- /dev/null
+++ b/tests/storagepoolxml2xmlout/pool-iscsi-auth-secret.xml
@@ -0,0 +1,22 @@
+<pool type='iscsi'>
+ <name>virtimages</name>
+ <uuid>e9392370-2917-565e-692b-d057f46512d6</uuid>
+ <capacity unit='bytes'>0</capacity>
+ <allocation unit='bytes'>0</allocation>
+ <available unit='bytes'>0</available>
+ <source>
+ <host name='iscsi.example.com'/>
+ <device path='demo-target'/>
+ <auth type='chap' username='foobar'>
+ <secret uuid='2ec115d7-3a88-3ceb-bc12-0ac909a6fd87'/>
+ </auth>
+ </source>
+ <target>
+ <path>/dev/disk/by-path</path>
+ <permissions>
+ <mode>0700</mode>
+ <owner>0</owner>
+ <group>0</group>
+ </permissions>
+ </target>
+</pool>
--
1.8.1.4
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list