← Back to branch summary

~ubuntu-branches/ubuntu/saucy/libvirt/saucy

« back to all changes in this revision

Viewing changes to src/rpc/virnetserverclient.c

  • Committer: Package Import Robot
  • Author(s): Chuck Short
  • Date: 2013-05-02 10:21:49 UTC
  • mfrom: (1.2.18)
  • Revision ID: package-import@ubuntu.com-20130502102149-2ajbdvo0ii64m2qd
Tags: 1.0.5-0ubuntu1
* New upstream release: 
  + Dropped patches:
    - debian/patches/fix-virterror-namechange
    - debian/patches/apparmor-use-apparmor-setfdlabel
    - debian/patches/prevent-lxc-shutdown-host.patch
    - debian/patches/apparmor-no-need-to-check-security-model
    - debian/patches/nonblock-fix.patch
   + Refreshed patches:
    - debian/patches/9002-better_default_uri_virsh.patch
    - debian/patches/enable-kvm-spice.patch
    - debian/patches/patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch
 * debian/patches/Add-sanitytest.py.patch: Add patch to fix missing sanitytest.py
   when building the testsuite.
 * debian/libvirt-dev.install: dont't ship files for static linking.

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/rpc/virnetserverclient.c
64
64
    virNetSocketPtr sock;
65
65
    int auth;
66
66
    bool readonly;
67
 
    char *identity;
68
67
#if WITH_GNUTLS
69
68
    virNetTLSContextPtr tlsCtxt;
70
69
    virNetTLSSessionPtr tls;
75
74
    int sockTimer; /* Timer to be fired upon cached data,
76
75
                    * so we jump out from poll() immediately */
77
76
 
 
77
 
 
78
    virIdentityPtr identity;
 
79
 
78
80
    /* Count of messages in the 'tx' queue,
79
81
     * and the server worker pool queue
80
82
     * ie RPC calls in progress. Does not count
442
444
    virJSONValuePtr child;
443
445
    virNetServerClientPtr client = NULL;
444
446
    virNetSocketPtr sock;
445
 
    const char *identity = NULL;
446
447
    int auth;
447
448
    bool readonly;
448
449
    unsigned int nrequests_max;
463
464
                       _("Missing nrequests_client_max field in JSON state document"));
464
465
        return NULL;
465
466
    }
466
 
    if (virJSONValueObjectHasKey(object, "identity") &&
467
 
        (!(identity = virJSONValueObjectGetString(object, "identity")))) {
468
 
        virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
469
 
                       _("Missing identity field in JSON state document"));
470
 
        return NULL;
471
 
    }
472
467
 
473
468
    if (!(child = virJSONValueObjectGet(object, "sock"))) {
474
469
        virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
493
488
    }
494
489
    virObjectUnref(sock);
495
490
 
496
 
    if (identity &&
497
 
        virNetServerClientSetIdentity(client, identity) < 0)
498
 
        goto error;
499
 
 
500
491
    if (privNew) {
501
492
        if (!(child = virJSONValueObjectGet(object, "privateData"))) {
502
493
            virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
536
527
    if (virJSONValueObjectAppendNumberUint(object, "nrequests_max", client->nrequests_max) < 0)
537
528
        goto error;
538
529
 
539
 
    if (client->identity &&
540
 
        virJSONValueObjectAppendString(object, "identity", client->identity) < 0)
541
 
        goto error;
542
 
 
543
530
    if (!(child = virNetSocketPreExecRestart(client->sock)))
544
531
        goto error;
545
532
 
576
563
    return auth;
577
564
}
578
565
 
 
566
void virNetServerClientSetAuth(virNetServerClientPtr client, int auth)
 
567
{
 
568
    virObjectLock(client);
 
569
    client->auth = auth;
 
570
    virObjectUnlock(client);
 
571
}
 
572
 
579
573
bool virNetServerClientGetReadonly(virNetServerClientPtr client)
580
574
{
581
575
    bool readonly;
596
590
    return has;
597
591
}
598
592
 
 
593
 
 
594
virNetTLSSessionPtr virNetServerClientGetTLSSession(virNetServerClientPtr client)
 
595
{
 
596
    virNetTLSSessionPtr tls;
 
597
    virObjectLock(client);
 
598
    tls = client->tls;
 
599
    virObjectUnlock(client);
 
600
    return tls;
 
601
}
 
602
 
599
603
int virNetServerClientGetTLSKeySize(virNetServerClientPtr client)
600
604
{
601
605
    int size = 0;
617
621
    return fd;
618
622
}
619
623
 
 
624
 
 
625
bool virNetServerClientIsLocal(virNetServerClientPtr client)
 
626
{
 
627
    bool local = false;
 
628
    virObjectLock(client);
 
629
    if (client->sock)
 
630
        local = virNetSocketIsLocal(client->sock);
 
631
    virObjectUnlock(client);
 
632
    return local;
 
633
}
 
634
 
 
635
 
620
636
int virNetServerClientGetUNIXIdentity(virNetServerClientPtr client,
621
637
                                      uid_t *uid, gid_t *gid, pid_t *pid)
622
638
{
628
644
    return ret;
629
645
}
630
646
 
 
647
 
 
648
static virIdentityPtr
 
649
virNetServerClientCreateIdentity(virNetServerClientPtr client)
 
650
{
 
651
    char *processid = NULL;
 
652
    char *username = NULL;
 
653
    char *groupname = NULL;
 
654
#if WITH_SASL
 
655
    char *saslname = NULL;
 
656
#endif
 
657
    char *x509dname = NULL;
 
658
    char *seccontext = NULL;
 
659
    virIdentityPtr ret = NULL;
 
660
 
 
661
    if (client->sock && virNetSocketIsLocal(client->sock)) {
 
662
        gid_t gid;
 
663
        uid_t uid;
 
664
        pid_t pid;
 
665
        if (virNetSocketGetUNIXIdentity(client->sock, &uid, &gid, &pid) < 0)
 
666
            goto cleanup;
 
667
 
 
668
        if (!(username = virGetUserName(uid)))
 
669
            goto cleanup;
 
670
        if (!(groupname = virGetGroupName(gid)))
 
671
            goto cleanup;
 
672
        if (virAsprintf(&processid, "%lld",
 
673
                        (long long)pid) < 0) {
 
674
            virReportOOMError();
 
675
            goto cleanup;
 
676
        }
 
677
    }
 
678
 
 
679
#if WITH_SASL
 
680
    if (client->sasl) {
 
681
        const char *identity = virNetSASLSessionGetIdentity(client->sasl);
 
682
        if (identity &&
 
683
            !(saslname = strdup(identity))) {
 
684
            virReportOOMError();
 
685
            goto cleanup;
 
686
        }
 
687
    }
 
688
#endif
 
689
 
 
690
#if WITH_GNUTLS
 
691
    if (client->tls) {
 
692
        const char *identity = virNetTLSSessionGetX509DName(client->tls);
 
693
        if (identity &&
 
694
            !(x509dname = strdup(identity))) {
 
695
            virReportOOMError();
 
696
            goto cleanup;
 
697
        }
 
698
    }
 
699
#endif
 
700
 
 
701
    if (client->sock &&
 
702
        virNetSocketGetSecurityContext(client->sock, &seccontext) < 0)
 
703
        goto cleanup;
 
704
 
 
705
    if (!(ret = virIdentityNew()))
 
706
        goto cleanup;
 
707
 
 
708
    if (username &&
 
709
        virIdentitySetAttr(ret,
 
710
                           VIR_IDENTITY_ATTR_UNIX_USER_NAME,
 
711
                           username) < 0)
 
712
        goto error;
 
713
    if (groupname &&
 
714
        virIdentitySetAttr(ret,
 
715
                           VIR_IDENTITY_ATTR_UNIX_GROUP_NAME,
 
716
                           groupname) < 0)
 
717
        goto error;
 
718
    if (processid &&
 
719
        virIdentitySetAttr(ret,
 
720
                           VIR_IDENTITY_ATTR_UNIX_PROCESS_ID,
 
721
                           processid) < 0)
 
722
        goto error;
 
723
#if HAVE_SASL
 
724
    if (saslname &&
 
725
        virIdentitySetAttr(ret,
 
726
                           VIR_IDENTITY_ATTR_SASL_USER_NAME,
 
727
                           saslname) < 0)
 
728
        goto error;
 
729
#endif
 
730
    if (x509dname &&
 
731
        virIdentitySetAttr(ret,
 
732
                           VIR_IDENTITY_ATTR_X509_DISTINGUISHED_NAME,
 
733
                           x509dname) < 0)
 
734
        goto error;
 
735
    if (seccontext &&
 
736
        virIdentitySetAttr(ret,
 
737
                           VIR_IDENTITY_ATTR_SECURITY_CONTEXT,
 
738
                           seccontext) < 0)
 
739
        goto error;
 
740
 
 
741
cleanup:
 
742
    VIR_FREE(username);
 
743
    VIR_FREE(groupname);
 
744
    VIR_FREE(processid);
 
745
    VIR_FREE(seccontext);
 
746
#if HAVE_SASL
 
747
    VIR_FREE(saslname);
 
748
#endif
 
749
    VIR_FREE(x509dname);
 
750
    return ret;
 
751
 
 
752
error:
 
753
    virObjectUnref(ret);
 
754
    ret = NULL;
 
755
    goto cleanup;
 
756
}
 
757
 
 
758
 
 
759
virIdentityPtr virNetServerClientGetIdentity(virNetServerClientPtr client)
 
760
{
 
761
    virIdentityPtr ret = NULL;
 
762
    virObjectLock(client);
 
763
    if (!client->identity)
 
764
        client->identity = virNetServerClientCreateIdentity(client);
 
765
    if (client->identity)
 
766
        ret = virObjectRef(client->identity);
 
767
    virObjectUnlock(client);
 
768
    return ret;
 
769
}
 
770
 
 
771
 
 
772
int virNetServerClientGetSecurityContext(virNetServerClientPtr client,
 
773
                                         char **context)
 
774
{
 
775
    int ret = 0;
 
776
    *context = NULL;
 
777
    virObjectLock(client);
 
778
    if (client->sock)
 
779
        ret = virNetSocketGetSecurityContext(client->sock, context);
 
780
    virObjectUnlock(client);
 
781
    return ret;
 
782
}
 
783
 
 
784
 
631
785
bool virNetServerClientIsSecure(virNetServerClientPtr client)
632
786
{
633
787
    bool secure = false;
660
814
    client->sasl = virObjectRef(sasl);
661
815
    virObjectUnlock(client);
662
816
}
 
817
 
 
818
 
 
819
virNetSASLSessionPtr virNetServerClientGetSASLSession(virNetServerClientPtr client)
 
820
{
 
821
    virNetSASLSessionPtr sasl;
 
822
    virObjectLock(client);
 
823
    sasl = client->sasl;
 
824
    virObjectUnlock(client);
 
825
    return sasl;
 
826
}
663
827
#endif
664
828
 
665
829
 
666
 
int virNetServerClientSetIdentity(virNetServerClientPtr client,
667
 
                                  const char *identity)
668
 
{
669
 
    int ret = -1;
670
 
    virObjectLock(client);
671
 
    if (!(client->identity = strdup(identity))) {
672
 
        virReportOOMError();
673
 
        goto error;
674
 
    }
675
 
    ret = 0;
676
 
 
677
 
error:
678
 
    virObjectUnlock(client);
679
 
    return ret;
680
 
}
681
 
 
682
 
const char *virNetServerClientGetIdentity(virNetServerClientPtr client)
683
 
{
684
 
    const char *identity;
685
 
    virObjectLock(client);
686
 
    identity = client->identity;
687
 
    virObjectUnlock(client);
688
 
    return identity;
689
 
}
690
 
 
691
 
 
692
830
void *virNetServerClientGetPrivateData(virNetServerClientPtr client)
693
831
{
694
832
    void *data;
739
877
{
740
878
    virNetServerClientPtr client = obj;
741
879
 
 
880
    PROBE(RPC_SERVER_CLIENT_DISPOSE,
 
881
          "client=%p", client);
 
882
 
 
883
    virObjectUnref(client->identity);
 
884
 
742
885
    if (client->privateData &&
743
886
        client->privateDataFreeFunc)
744
887
        client->privateDataFreeFunc(client->privateData);
745
888
 
746
 
    VIR_FREE(client->identity);
747
889
#if WITH_SASL
748
890
    virObjectUnref(client->sasl);
749
891
#endif
1319
1461
{
1320
1462
    bool need = false;
1321
1463
    virObjectLock(client);
1322
 
    if (client->auth && !client->identity)
 
1464
    if (client->auth)
1323
1465
        need = true;
1324
1466
    virObjectUnlock(client);
1325
1467
    return need;