2007-02-14 09:40:09 +08:00
/*
* qemud . c : daemon start of day , guest process & i / o management
*
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
* Copyright ( C ) 2006 , 2007 , 2008 Red Hat , Inc .
2007-02-14 09:40:09 +08:00
* Copyright ( C ) 2006 Daniel P . Berrange
*
* This library is free software ; you can redistribute it and / or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation ; either
* version 2.1 of the License , or ( at your option ) any later version .
*
* This library is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the GNU
* Lesser General Public License for more details .
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library ; if not , write to the Free Software
* Foundation , Inc . , 59 Temple Place , Suite 330 , Boston , MA 02111 - 1307 USA
*
* Author : Daniel P . Berrange < berrange @ redhat . com >
*/
2008-01-30 02:15:54 +08:00
# include <config.h>
2007-02-14 23:42:55 +08:00
2007-02-14 09:40:09 +08:00
# include <sys/types.h>
# include <sys/wait.h>
# include <sys/stat.h>
# include <unistd.h>
# include <fcntl.h>
# include <paths.h>
# include <limits.h>
# include <sys/socket.h>
# include <sys/un.h>
# include <sys/poll.h>
# include <netinet/in.h>
2007-06-11 20:04:54 +08:00
# include <netinet/tcp.h>
2007-02-14 09:40:09 +08:00
# include <netdb.h>
# include <stdlib.h>
# include <pwd.h>
# include <stdio.h>
2007-02-17 02:30:55 +08:00
# include <stdarg.h>
# include <syslog.h>
2007-02-14 09:40:09 +08:00
# include <string.h>
# include <errno.h>
# include <getopt.h>
2007-06-11 20:04:54 +08:00
# include <fnmatch.h>
2007-09-19 10:28:01 +08:00
# include <grp.h>
2008-01-23 22:54:41 +08:00
# include <signal.h>
2007-04-11 07:17:46 +08:00
Wed Dec 5 13:48:00 UTC 2007 Richard W.M. Jones <rjones@redhat.com>
* python/libvir.c, python/libvirt_wrap.h, qemud/qemud.c,
qemud/remote.c, src/internal.h, src/openvz_conf.c,
src/openvz_driver.c, src/proxy_internal.h, src/qemu_conf.c,
src/qemu_driver.c, src/remote_internal.h, src/test.h, src/util.c,
src/xen_unified.c, src/xen_unified.h, tests/nodeinfotest.c,
tests/qemuxml2argvtest.c, tests/qemuxml2xmltest.c, tests/reconnect.c,
tests/sexpr2xmltest.c, tests/virshtest.c, tests/xencapstest.c,
tests/xmconfigtest.c, tests/xml2sexprtest.c:
Change #include <> to #include "" for local includes.
Removed many includes from src/internal.h and put them in
the C files which actually use them.
Removed <ansidecl.h> - unused.
Added a comment around __func__.
Removed a clashing redefinition of VERSION symbol.
All limits (PATH_MAX etc) now done in src/internal.h, so we
don't need to include those headers in other files.
2007-12-05 21:56:22 +08:00
# include "libvirt/virterror.h"
2007-02-14 09:40:09 +08:00
# include "internal.h"
Use gnulib, starting with its physmem and getaddrinfo modules.
New files go into these directories:
gnulib/lib
gnulib/m4
gnulib/tests
* bootstrap: A wrapper around gnulib-tool.
* configure.in: Invoke gl_EARLY and gl_INIT, being careful to put gl_EARLY
before any macro that uses AC_COMPILE_IFELSE.
(AC_OUTPUT): Add lib/Makefile and gl-tests/Makefile. Remove m4/Makefile.
* Makefile.am (SUBDIRS): Add gnulib/lib and remove m4. Add gnulib/tests
early enough that those tests run before any libvirt unit tests.
* m4/Makefile.am: Remove file. Not needed.
* src/Makefile.am (INCLUDES): Add -I$(top_srcdir)/gnulib/lib -I../gnulib/lib.
(LDADDS, libvirt_la_LIBADD): Add ../gnulib/lib/libgnu.la.
* src/nodeinfo.c: Include "physmem.h".
* qemud/qemud.c, src/remote_internal.c: Include "getaddrinfo.h".
(MEMINFO_PATH, linuxNodeInfoMemPopulate): Remove definitions.
(virNodeInfoPopulate): Use physmem_total, not linuxNodeInfoMemPopulate.
* tests/Makefile.am (INCLUDES): Add -I$(top_srcdir)/gnulib/lib -I../gnulib/lib.
(LDADDS): Add ../gnulib/lib/libgnu.la.
* qemud/Makefile.am (libvirtd_LDADD): Add ../gnulib/lib/libgnu.la.
* tests/nodeinfotest.c (linuxTestCompareFiles): No longer read total
memory from a file.
Update expected output not to include "Memory: NNNN"
* tests/nodeinfodata/linux-nodeinfo-1.txt:
* tests/nodeinfodata/linux-nodeinfo-2.txt:
* tests/nodeinfodata/linux-nodeinfo-3.txt:
* tests/nodeinfodata/linux-nodeinfo-4.txt:
* tests/nodeinfodata/linux-nodeinfo-5.txt:
* tests/nodeinfodata/linux-nodeinfo-6.txt:
* src/test.c [WITH_TEST]: Remove definition of _GNU_SOURCE that
would conflict with the one now in "config.h".
* autogen.sh: Add -I gnulib/m4.
* src/conf.c, src/sexpr.c: Don't define _GNU_SOURCE.
Instead, include "config.h".
* qemud/qemud.c: Remove definition of _GNU_SOURCE.
* src/openvz_driver.c: Likewise.
* src/qemu_driver.c: Likewise.
* src/remote_internal.c: Likewise.
* configure.in: Use AC_CONFIG_AUX_DIR(build-aux), so that a bunch
of gettextize-generated files go into build-aux/, rather than in
the top-level directory.
* .cvsignore: Adjust.
* build-aux/.cvsignore: New file.
Author: Jim Meyering <meyering@redhat.com>
2007-12-06 05:31:07 +08:00
# include "getaddrinfo.h"
2008-02-08 17:15:16 +08:00
# include "../src/util.h"
2007-06-11 20:04:54 +08:00
# include "../src/remote_internal.h"
# include "../src/conf.h"
2007-06-27 03:11:00 +08:00
# include "event.h"
2007-09-19 09:56:55 +08:00
# ifdef HAVE_AVAHI
# include "mdns.h"
# endif
2007-02-14 09:40:09 +08:00
2007-06-11 20:04:54 +08:00
static int godaemon = 0 ; /* -d: Be a daemon */
static int verbose = 0 ; /* -v: Verbose mode */
2007-06-27 07:48:46 +08:00
static int timeout = - 1 ; /* -t: Shutdown timeout */
2007-06-11 20:04:54 +08:00
static int sigwrite = - 1 ; /* Signal handler pipe */
2007-06-27 07:48:46 +08:00
static int ipsock = 0 ; /* -l Listen for TCP/IP */
2007-06-11 20:04:54 +08:00
2007-06-27 07:48:46 +08:00
/* Defaults for configuration file elements */
2007-06-11 20:04:54 +08:00
static int listen_tls = 1 ;
static int listen_tcp = 0 ;
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
static char * tls_port = ( char * ) LIBVIRTD_TLS_PORT ;
static char * tcp_port = ( char * ) LIBVIRTD_TCP_PORT ;
2007-06-11 20:04:54 +08:00
2007-09-19 10:28:01 +08:00
static gid_t unix_sock_gid = 0 ; /* Only root by default */
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
static int unix_sock_rw_mask = 0700 ; /* Allow user only */
static int unix_sock_ro_mask = 0777 ; /* Allow world */
2007-09-19 10:28:01 +08:00
2007-12-06 02:21:27 +08:00
# if HAVE_POLKIT
static int auth_unix_rw = REMOTE_AUTH_POLKIT ;
static int auth_unix_ro = REMOTE_AUTH_POLKIT ;
# else
2007-12-05 23:34:05 +08:00
static int auth_unix_rw = REMOTE_AUTH_NONE ;
static int auth_unix_ro = REMOTE_AUTH_NONE ;
2007-12-06 02:21:27 +08:00
# endif /* HAVE_POLKIT */
2007-12-05 23:34:05 +08:00
# if HAVE_SASL
static int auth_tcp = REMOTE_AUTH_SASL ;
# else
static int auth_tcp = REMOTE_AUTH_NONE ;
# endif
static int auth_tls = REMOTE_AUTH_NONE ;
2007-09-19 09:56:55 +08:00
static int mdns_adv = 1 ;
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
static char * mdns_name = NULL ;
2007-09-19 09:56:55 +08:00
2007-06-11 20:04:54 +08:00
static int tls_no_verify_certificate = 0 ;
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
static char * * tls_allowed_dn_list = NULL ;
2007-06-11 20:04:54 +08:00
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
static char * key_file = ( char * ) LIBVIRT_SERVERKEY ;
static char * cert_file = ( char * ) LIBVIRT_SERVERCERT ;
static char * ca_file = ( char * ) LIBVIRT_CACERT ;
static char * crl_file = ( char * ) " " ;
2007-06-11 20:04:54 +08:00
static gnutls_certificate_credentials_t x509_cred ;
static gnutls_dh_params_t dh_params ;
# define DH_BITS 1024
2007-02-17 02:28:17 +08:00
2007-03-27 18:28:45 +08:00
static sig_atomic_t sig_errors = 0 ;
static int sig_lasterrno = 0 ;
2007-02-17 02:28:17 +08:00
static void sig_handler ( int sig ) {
unsigned char sigc = sig ;
int origerrno ;
2007-03-27 18:28:45 +08:00
int r ;
2007-02-17 02:28:17 +08:00
if ( sig = = SIGCHLD ) /* We explicitly waitpid the child later */
return ;
origerrno = errno ;
Use safewrite in place of write, in many cases.
Also add "make syntax-check" rules to ensure no new uses sneak in.
There are many uses of write like this:
if (write (fd, xml, towrite) != towrite)
return -1;
The problem is that the syscall can succeed, yet write less than
the requested number of bytes, so the caller should retry
rather than simply failing.
This patch changes most of them to use util.c's safewrite wrapper,
which encapsulates the process. Also, there were a few cases in
which the retry loop was open-coded, and I replaced those, too.
* Makefile.maint (sc_avoid_write): New rule, to avoid recurrence.
* .x-sc_avoid_write: New file. Record two legitimate exemptions.
* qemud/qemud.c (sig_handler, qemudClientWriteBuf): Use safewrite, not write.
* src/conf.c (__virConfWriteFile): Likewise.
* src/qemu_conf.c (qemudSaveConfig, qemudSaveNetworkConfig): Likewise.
* src/qemu_driver.c (qemudWaitForMonitor, qemudStartVMDaemon)
(qemudVMData, PROC_IP_FORWARD): Likewise.
* proxy/libvirt_proxy.c: Include "util.h".
(proxyWriteClientSocket): Use safewrite.
* src/test.c (testDomainSave, testDomainCoreDump): Likewise.
* src/proxy_internal.c (virProxyWriteClientSocket): Likewise.
* src/virsh.c: Include "util-lib.h".
(vshOutputLogFile): Use safewrite.
* src/console.c: Include "util-lib.h".
(vshRunConsole): Use safewrite.
2008-02-22 23:55:04 +08:00
r = safewrite ( sigwrite , & sigc , 1 ) ;
2007-03-27 18:28:45 +08:00
if ( r = = - 1 ) {
sig_errors + + ;
sig_lasterrno = errno ;
}
2007-02-17 02:28:17 +08:00
errno = origerrno ;
2007-02-14 09:40:09 +08:00
}
2007-02-17 02:28:17 +08:00
2007-06-27 03:11:00 +08:00
static void qemudDispatchClientEvent ( int fd , int events , void * opaque ) ;
static void qemudDispatchServerEvent ( int fd , int events , void * opaque ) ;
static int qemudRegisterClientEvent ( struct qemud_server * server ,
struct qemud_client * client ,
2007-08-07 21:02:35 +08:00
int removeFirst ) ;
2007-06-27 03:11:00 +08:00
2007-07-12 22:54:45 +08:00
static int
remoteCheckCertFile ( const char * type , const char * file )
{
struct stat sb ;
if ( stat ( file , & sb ) < 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " Cannot access %s '%s': %s (%d) " ) ,
2007-07-12 22:54:45 +08:00
type , file , strerror ( errno ) , errno ) ;
return - 1 ;
}
return 0 ;
}
2007-06-11 20:04:54 +08:00
static int
remoteInitializeGnuTLS ( void )
{
int err ;
/* Initialise GnuTLS. */
gnutls_global_init ( ) ;
err = gnutls_certificate_allocate_credentials ( & x509_cred ) ;
if ( err ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " gnutls_certificate_allocate_credentials: %s " ) ,
2007-06-11 20:04:54 +08:00
gnutls_strerror ( err ) ) ;
return - 1 ;
}
if ( ca_file & & ca_file [ 0 ] ! = ' \0 ' ) {
2007-07-12 22:54:45 +08:00
if ( remoteCheckCertFile ( " CA certificate " , ca_file ) < 0 )
return - 1 ;
2007-06-11 20:04:54 +08:00
qemudDebug ( " loading CA cert from %s " , ca_file ) ;
err = gnutls_certificate_set_x509_trust_file ( x509_cred , ca_file ,
GNUTLS_X509_FMT_PEM ) ;
if ( err < 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " gnutls_certificate_set_x509_trust_file: %s " ) ,
2007-06-11 20:04:54 +08:00
gnutls_strerror ( err ) ) ;
return - 1 ;
}
}
if ( crl_file & & crl_file [ 0 ] ! = ' \0 ' ) {
2007-11-22 07:16:11 +08:00
if ( remoteCheckCertFile ( " CA revocation list " , crl_file ) < 0 )
2007-07-12 22:54:45 +08:00
return - 1 ;
2007-06-11 20:04:54 +08:00
qemudDebug ( " loading CRL from %s " , crl_file ) ;
err = gnutls_certificate_set_x509_crl_file ( x509_cred , crl_file ,
GNUTLS_X509_FMT_PEM ) ;
if ( err < 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " gnutls_certificate_set_x509_crl_file: %s " ) ,
2007-06-11 20:04:54 +08:00
gnutls_strerror ( err ) ) ;
return - 1 ;
}
}
if ( cert_file & & cert_file [ 0 ] ! = ' \0 ' & & key_file & & key_file [ 0 ] ! = ' \0 ' ) {
2007-07-12 22:54:45 +08:00
if ( remoteCheckCertFile ( " server certificate " , cert_file ) < 0 )
return - 1 ;
if ( remoteCheckCertFile ( " server key " , key_file ) < 0 )
return - 1 ;
2007-06-11 20:04:54 +08:00
qemudDebug ( " loading cert and key from %s and %s " ,
cert_file , key_file ) ;
err =
gnutls_certificate_set_x509_key_file ( x509_cred ,
cert_file , key_file ,
GNUTLS_X509_FMT_PEM ) ;
if ( err < 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " gnutls_certificate_set_x509_key_file: %s " ) ,
2007-06-11 20:04:54 +08:00
gnutls_strerror ( err ) ) ;
return - 1 ;
}
}
/* Generate Diffie Hellman parameters - for use with DHE
* kx algorithms . These should be discarded and regenerated
* once a day , once a week or once a month . Depending on the
* security requirements .
*/
err = gnutls_dh_params_init ( & dh_params ) ;
if ( err < 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " gnutls_dh_params_init: %s " ) ,
2007-06-11 20:04:54 +08:00
gnutls_strerror ( err ) ) ;
return - 1 ;
}
err = gnutls_dh_params_generate2 ( dh_params , DH_BITS ) ;
if ( err < 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " gnutls_dh_params_generate2: %s " ) ,
2007-06-11 20:04:54 +08:00
gnutls_strerror ( err ) ) ;
return - 1 ;
}
gnutls_certificate_set_dh_params ( x509_cred , dh_params ) ;
return 0 ;
}
2007-06-27 03:11:00 +08:00
static void qemudDispatchSignalEvent ( int fd ATTRIBUTE_UNUSED ,
int events ATTRIBUTE_UNUSED ,
void * opaque ) {
struct qemud_server * server = ( struct qemud_server * ) opaque ;
2007-02-17 02:28:17 +08:00
unsigned char sigc ;
int ret ;
2007-02-17 02:30:55 +08:00
if ( read ( server - > sigread , & sigc , 1 ) ! = 1 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " Failed to read from signal pipe: %s " ) ,
2007-02-17 02:30:55 +08:00
strerror ( errno ) ) ;
2007-06-27 03:11:00 +08:00
return ;
2007-02-17 02:30:55 +08:00
}
2007-02-17 02:28:17 +08:00
ret = 0 ;
switch ( sigc ) {
case SIGHUP :
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_INFO , " %s " , _ ( " Reloading configuration on SIGHUP " ) ) ;
2007-06-27 06:56:14 +08:00
if ( virStateReload ( ) < 0 )
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_WARN , " %s " , _ ( " Error while reloading drivers " ) ) ;
2007-02-17 02:28:17 +08:00
break ;
case SIGINT :
2007-02-20 00:59:15 +08:00
case SIGQUIT :
2007-02-17 02:28:17 +08:00
case SIGTERM :
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_WARN , _ ( " Shutting down on signal %d " ) , sigc ) ;
2007-02-17 02:28:17 +08:00
server - > shutdown = 1 ;
break ;
default :
break ;
}
2007-06-27 03:11:00 +08:00
if ( ret ! = 0 )
server - > shutdown = 1 ;
2007-02-17 02:28:17 +08:00
}
2007-02-14 09:40:09 +08:00
static int qemudSetCloseExec ( int fd ) {
int flags ;
2007-02-17 02:30:55 +08:00
if ( ( flags = fcntl ( fd , F_GETFD ) ) < 0 )
goto error ;
2007-02-14 09:40:09 +08:00
flags | = FD_CLOEXEC ;
2007-02-17 02:30:55 +08:00
if ( ( fcntl ( fd , F_SETFD , flags ) ) < 0 )
goto error ;
2007-02-14 09:40:09 +08:00
return 0 ;
2007-02-17 02:30:55 +08:00
error :
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_ERR ,
" %s " , _ ( " Failed to set close-on-exec file descriptor flag " ) ) ;
2007-02-17 02:30:55 +08:00
return - 1 ;
2007-02-14 09:40:09 +08:00
}
static int qemudSetNonBlock ( int fd ) {
int flags ;
2007-02-17 02:30:55 +08:00
if ( ( flags = fcntl ( fd , F_GETFL ) ) < 0 )
goto error ;
2007-02-14 09:40:09 +08:00
flags | = O_NONBLOCK ;
2007-02-17 02:30:55 +08:00
if ( ( fcntl ( fd , F_SETFL , flags ) ) < 0 )
goto error ;
2007-02-14 09:40:09 +08:00
return 0 ;
2007-02-17 02:30:55 +08:00
error :
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_ERR ,
" %s " , _ ( " Failed to set non-blocking file descriptor flag " ) ) ;
2007-02-17 02:30:55 +08:00
return - 1 ;
}
void qemudLog ( int priority , const char * fmt , . . . )
{
va_list args ;
va_start ( args , fmt ) ;
if ( godaemon ) {
int sysprio = - 1 ;
switch ( priority ) {
case QEMUD_ERR :
sysprio = LOG_ERR ;
break ;
case QEMUD_WARN :
sysprio = LOG_WARNING ;
break ;
case QEMUD_INFO :
if ( verbose )
sysprio = LOG_INFO ;
break ;
# ifdef ENABLE_DEBUG
case QEMUD_DEBUG :
if ( verbose )
sysprio = LOG_DEBUG ;
break ;
# endif
default :
break ;
}
if ( sysprio ! = - 1 )
vsyslog ( sysprio , fmt , args ) ;
} else {
switch ( priority ) {
case QEMUD_ERR :
case QEMUD_WARN :
vfprintf ( stderr , fmt , args ) ;
fputc ( ' \n ' , stderr ) ;
break ;
case QEMUD_INFO :
if ( verbose ) {
vprintf ( fmt , args ) ;
fputc ( ' \n ' , stdout ) ;
}
break ;
# ifdef ENABLE_DEBUG
case QEMUD_DEBUG :
if ( verbose ) {
vprintf ( fmt , args ) ;
fputc ( ' \n ' , stdout ) ;
}
break ;
# endif
default :
break ;
}
}
va_end ( args ) ;
2007-02-14 09:40:09 +08:00
}
static int qemudGoDaemon ( void ) {
int pid = fork ( ) ;
switch ( pid ) {
case 0 :
{
int stdinfd = - 1 ;
int stdoutfd = - 1 ;
2007-02-17 02:26:18 +08:00
int nextpid ;
2007-02-14 09:40:09 +08:00
if ( ( stdinfd = open ( _PATH_DEVNULL , O_RDONLY ) ) < 0 )
goto cleanup ;
if ( ( stdoutfd = open ( _PATH_DEVNULL , O_WRONLY ) ) < 0 )
goto cleanup ;
if ( dup2 ( stdinfd , STDIN_FILENO ) ! = STDIN_FILENO )
goto cleanup ;
if ( dup2 ( stdoutfd , STDOUT_FILENO ) ! = STDOUT_FILENO )
goto cleanup ;
if ( dup2 ( stdoutfd , STDERR_FILENO ) ! = STDERR_FILENO )
goto cleanup ;
if ( close ( stdinfd ) < 0 )
goto cleanup ;
stdinfd = - 1 ;
if ( close ( stdoutfd ) < 0 )
goto cleanup ;
stdoutfd = - 1 ;
if ( setsid ( ) < 0 )
goto cleanup ;
nextpid = fork ( ) ;
switch ( nextpid ) {
case 0 :
return 0 ;
case - 1 :
return - 1 ;
default :
return nextpid ;
}
cleanup :
if ( stdoutfd ! = - 1 )
close ( stdoutfd ) ;
if ( stdinfd ! = - 1 )
close ( stdinfd ) ;
return - 1 ;
}
case - 1 :
return - 1 ;
default :
{
int got , status = 0 ;
/* We wait to make sure the next child forked
successfully */
if ( ( got = waitpid ( pid , & status , 0 ) ) < 0 | |
got ! = pid | |
status ! = 0 ) {
return - 1 ;
}
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
2007-02-14 09:40:09 +08:00
return pid ;
}
}
}
2007-02-23 20:48:36 +08:00
static int qemudWritePidFile ( const char * pidFile ) {
int fd ;
FILE * fh ;
if ( pidFile [ 0 ] = = ' \0 ' )
return 0 ;
if ( ( fd = open ( pidFile , O_WRONLY | O_CREAT | O_EXCL , 0644 ) ) < 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " Failed to open pid file '%s' : %s " ) ,
2007-02-23 20:48:36 +08:00
pidFile , strerror ( errno ) ) ;
return - 1 ;
}
if ( ! ( fh = fdopen ( fd , " w " ) ) ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " Failed to fdopen pid file '%s' : %s " ) ,
2007-02-23 20:48:36 +08:00
pidFile , strerror ( errno ) ) ;
close ( fd ) ;
return - 1 ;
}
if ( fprintf ( fh , " %lu \n " , ( unsigned long ) getpid ( ) ) < 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " Failed to write to pid file '%s' : %s " ) ,
2007-02-23 20:48:36 +08:00
pidFile , strerror ( errno ) ) ;
close ( fd ) ;
return - 1 ;
}
if ( fclose ( fh ) = = EOF ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " Failed to close pid file '%s' : %s " ) ,
2007-02-23 20:48:36 +08:00
pidFile , strerror ( errno ) ) ;
return - 1 ;
}
return 0 ;
}
2007-02-14 09:40:09 +08:00
static int qemudListenUnix ( struct qemud_server * server ,
2007-12-05 23:34:05 +08:00
const char * path , int readonly , int auth ) {
2007-12-12 05:57:29 +08:00
struct qemud_socket * sock = calloc ( 1 , sizeof ( * sock ) ) ;
2007-02-14 09:40:09 +08:00
struct sockaddr_un addr ;
mode_t oldmask ;
2007-09-19 10:28:01 +08:00
gid_t oldgrp ;
2007-02-14 09:40:09 +08:00
2007-02-17 02:30:55 +08:00
if ( ! sock ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR ,
2008-02-23 00:26:13 +08:00
" %s " , _ ( " Failed to allocate memory for struct qemud_socket " ) ) ;
2007-02-14 09:40:09 +08:00
return - 1 ;
2007-02-17 02:30:55 +08:00
}
2007-02-14 09:40:09 +08:00
sock - > readonly = readonly ;
2007-09-19 09:56:55 +08:00
sock - > port = - 1 ;
2007-12-05 23:27:08 +08:00
sock - > type = QEMUD_SOCK_TYPE_UNIX ;
2007-12-05 23:34:05 +08:00
sock - > auth = auth ;
2007-02-14 09:40:09 +08:00
2007-02-17 02:30:55 +08:00
if ( ( sock - > fd = socket ( PF_UNIX , SOCK_STREAM , 0 ) ) < 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " Failed to create socket: %s " ) ,
2007-02-17 02:30:55 +08:00
strerror ( errno ) ) ;
2007-06-27 03:11:00 +08:00
goto cleanup ;
2007-02-17 02:30:55 +08:00
}
2007-02-14 09:40:09 +08:00
2007-02-17 02:30:55 +08:00
if ( qemudSetCloseExec ( sock - > fd ) < 0 | |
qemudSetNonBlock ( sock - > fd ) < 0 )
2007-06-27 03:11:00 +08:00
goto cleanup ;
2007-02-14 09:40:09 +08:00
memset ( & addr , 0 , sizeof ( addr ) ) ;
addr . sun_family = AF_UNIX ;
strncpy ( addr . sun_path , path , sizeof ( addr . sun_path ) - 1 ) ;
if ( addr . sun_path [ 0 ] = = ' @ ' )
addr . sun_path [ 0 ] = ' \0 ' ;
2007-09-19 10:28:01 +08:00
oldgrp = getgid ( ) ;
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
oldmask = umask ( readonly ? ~ unix_sock_ro_mask : ~ unix_sock_rw_mask ) ;
2007-09-19 10:28:01 +08:00
if ( getuid ( ) = = 0 )
setgid ( unix_sock_gid ) ;
2007-02-17 02:30:55 +08:00
if ( bind ( sock - > fd , ( struct sockaddr * ) & addr , sizeof ( addr ) ) < 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " Failed to bind socket to '%s': %s " ) ,
2007-02-17 02:30:55 +08:00
path , strerror ( errno ) ) ;
2007-06-27 03:11:00 +08:00
goto cleanup ;
2007-02-17 02:30:55 +08:00
}
2007-02-14 09:40:09 +08:00
umask ( oldmask ) ;
2007-09-19 10:28:01 +08:00
if ( getuid ( ) = = 0 )
setgid ( oldgrp ) ;
2007-02-14 09:40:09 +08:00
2007-02-17 02:30:55 +08:00
if ( listen ( sock - > fd , 30 ) < 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " Failed to listen for connections on '%s': %s " ) ,
2007-02-17 02:30:55 +08:00
path , strerror ( errno ) ) ;
2007-06-27 03:11:00 +08:00
goto cleanup ;
}
2007-06-27 06:51:01 +08:00
if ( virEventAddHandleImpl ( sock - > fd ,
POLLIN | POLLERR | POLLHUP ,
qemudDispatchServerEvent ,
server ) < 0 ) {
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_ERR , " %s " , _ ( " Failed to add server event callback " ) ) ;
2007-06-27 03:11:00 +08:00
goto cleanup ;
2007-02-17 02:30:55 +08:00
}
2007-02-14 09:40:09 +08:00
2007-06-27 03:11:00 +08:00
sock - > next = server - > sockets ;
server - > sockets = sock ;
server - > nsockets + + ;
2007-02-14 09:40:09 +08:00
return 0 ;
2007-06-27 03:11:00 +08:00
cleanup :
if ( sock - > fd )
close ( sock - > fd ) ;
free ( sock ) ;
return - 1 ;
2007-02-14 09:40:09 +08:00
}
2007-06-11 20:04:54 +08:00
// See: http://people.redhat.com/drepper/userapi-ipv6.html
static int
remoteMakeSockets ( int * fds , int max_fds , int * nfds_r , const char * service )
{
struct addrinfo * ai ;
struct addrinfo hints ;
memset ( & hints , 0 , sizeof hints ) ;
hints . ai_flags = AI_PASSIVE | AI_ADDRCONFIG ;
hints . ai_socktype = SOCK_STREAM ;
int e = getaddrinfo ( NULL , service , & hints , & ai ) ;
if ( e ! = 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " getaddrinfo: %s \n " ) , gai_strerror ( e ) ) ;
2007-06-11 20:04:54 +08:00
return - 1 ;
}
struct addrinfo * runp = ai ;
while ( runp & & * nfds_r < max_fds ) {
fds [ * nfds_r ] = socket ( runp - > ai_family , runp - > ai_socktype ,
runp - > ai_protocol ) ;
if ( fds [ * nfds_r ] = = - 1 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " socket: %s " ) , strerror ( errno ) ) ;
2007-06-11 20:04:54 +08:00
return - 1 ;
}
int opt = 1 ;
setsockopt ( fds [ * nfds_r ] , SOL_SOCKET , SO_REUSEADDR , & opt , sizeof opt ) ;
if ( bind ( fds [ * nfds_r ] , runp - > ai_addr , runp - > ai_addrlen ) = = - 1 ) {
if ( errno ! = EADDRINUSE ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " bind: %s " ) , strerror ( errno ) ) ;
2007-06-11 20:04:54 +08:00
return - 1 ;
}
close ( fds [ * nfds_r ] ) ;
}
else {
if ( listen ( fds [ * nfds_r ] , SOMAXCONN ) = = - 1 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " listen: %s " ) , strerror ( errno ) ) ;
2007-06-11 20:04:54 +08:00
return - 1 ;
}
+ + * nfds_r ;
}
runp = runp - > ai_next ;
}
2007-02-23 17:10:28 +08:00
2007-06-11 20:04:54 +08:00
freeaddrinfo ( ai ) ;
return 0 ;
}
/* Listen on the named/numbered TCP port. On a machine with IPv4 and
* IPv6 interfaces this may generate several sockets .
*/
static int
remoteListenTCP ( struct qemud_server * server ,
const char * port ,
2007-12-05 23:27:08 +08:00
int type ,
2007-12-05 23:24:15 +08:00
int auth )
2007-06-11 20:04:54 +08:00
{
int fds [ 2 ] ;
int nfds = 0 ;
2007-02-23 17:10:28 +08:00
int i ;
2007-06-11 20:04:54 +08:00
struct qemud_socket * sock ;
if ( remoteMakeSockets ( fds , 2 , & nfds , port ) = = - 1 )
return - 1 ;
for ( i = 0 ; i < nfds ; + + i ) {
2007-09-19 09:56:55 +08:00
struct sockaddr_storage sa ;
socklen_t salen = sizeof ( sa ) ;
2007-06-11 20:04:54 +08:00
sock = calloc ( 1 , sizeof * sock ) ;
2007-02-20 17:04:27 +08:00
2007-06-11 20:04:54 +08:00
if ( ! sock ) {
qemudLog ( QEMUD_ERR ,
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
_ ( " remoteListenTCP: calloc: %s " ) , strerror ( errno ) ) ;
2007-06-11 20:04:54 +08:00
return - 1 ;
}
sock - > readonly = 0 ;
sock - > next = server - > sockets ;
server - > sockets = sock ;
server - > nsockets + + ;
sock - > fd = fds [ i ] ;
2007-12-05 23:27:08 +08:00
sock - > type = type ;
2007-12-05 23:24:15 +08:00
sock - > auth = auth ;
2007-02-14 09:40:09 +08:00
2007-09-19 09:56:55 +08:00
if ( getsockname ( sock - > fd , ( struct sockaddr * ) ( & sa ) , & salen ) < 0 )
return - 1 ;
if ( sa . ss_family = = AF_INET )
sock - > port = htons ( ( ( struct sockaddr_in * ) & sa ) - > sin_port ) ;
2007-11-26 19:56:41 +08:00
# ifdef AF_INET6
2007-09-19 09:56:55 +08:00
else if ( sa . ss_family = = AF_INET6 )
sock - > port = htons ( ( ( struct sockaddr_in6 * ) & sa ) - > sin6_port ) ;
2007-11-26 19:56:41 +08:00
# endif
2007-09-19 09:56:55 +08:00
else
sock - > port = - 1 ;
2007-06-11 20:04:54 +08:00
if ( qemudSetCloseExec ( sock - > fd ) < 0 | |
qemudSetNonBlock ( sock - > fd ) < 0 )
return - 1 ;
if ( listen ( sock - > fd , 30 ) < 0 ) {
qemudLog ( QEMUD_ERR ,
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
_ ( " remoteListenTCP: listen: %s " ) , strerror ( errno ) ) ;
2007-02-20 17:04:27 +08:00
return - 1 ;
}
2007-06-27 03:11:00 +08:00
2007-06-27 06:51:01 +08:00
if ( virEventAddHandleImpl ( sock - > fd ,
POLLIN | POLLERR | POLLHUP ,
qemudDispatchServerEvent ,
server ) < 0 ) {
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_ERR , " %s " , _ ( " Failed to add server event callback " ) ) ;
2007-06-27 03:11:00 +08:00
return - 1 ;
}
2007-06-11 20:04:54 +08:00
}
return 0 ;
}
static int qemudInitPaths ( struct qemud_server * server ,
char * sockname ,
char * roSockname ,
int maxlen ) {
2007-06-27 07:48:46 +08:00
uid_t uid = geteuid ( ) ;
2007-06-11 20:04:54 +08:00
2007-06-27 07:48:46 +08:00
if ( ! uid ) {
2007-06-11 20:04:54 +08:00
if ( snprintf ( sockname , maxlen , " %s/run/libvirt/libvirt-sock " ,
LOCAL_STATE_DIR ) > = maxlen )
2007-02-17 02:30:55 +08:00
goto snprintf_error ;
2007-02-14 09:40:09 +08:00
unlink ( sockname ) ;
2007-06-11 20:04:54 +08:00
if ( snprintf ( roSockname , maxlen , " %s/run/libvirt/libvirt-sock-ro " ,
LOCAL_STATE_DIR ) > = maxlen )
2007-02-17 02:30:55 +08:00
goto snprintf_error ;
2007-02-14 09:40:09 +08:00
2007-03-07 00:51:48 +08:00
unlink ( roSockname ) ;
2007-05-19 02:36:24 +08:00
2007-06-27 07:48:46 +08:00
if ( snprintf ( server - > logDir , PATH_MAX , " %s/log/libvirt/ " , LOCAL_STATE_DIR ) > = PATH_MAX )
2007-05-19 02:36:24 +08:00
goto snprintf_error ;
2007-02-14 09:40:09 +08:00
} else {
2007-06-11 20:04:54 +08:00
struct passwd * pw ;
2007-06-27 07:48:46 +08:00
if ( ! ( pw = getpwuid ( uid ) ) ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " Failed to find user record for uid '%d': %s " ) ,
2007-06-27 07:48:46 +08:00
uid , strerror ( errno ) ) ;
return - 1 ;
}
2007-06-11 20:04:54 +08:00
2007-06-27 07:48:46 +08:00
if ( snprintf ( sockname , maxlen , " @%s/.libvirt/libvirt-sock " , pw - > pw_dir ) > = maxlen )
goto snprintf_error ;
2007-06-11 20:04:54 +08:00
2007-06-27 07:48:46 +08:00
if ( snprintf ( server - > logDir , PATH_MAX , " %s/.libvirt/log " , pw - > pw_dir ) > = PATH_MAX )
goto snprintf_error ;
2007-06-27 06:13:21 +08:00
2007-06-11 20:04:54 +08:00
} /* !remote */
2007-02-14 09:40:09 +08:00
return 0 ;
2007-02-17 02:30:55 +08:00
snprintf_error :
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR ,
2008-02-23 00:26:13 +08:00
" %s " , _ ( " Resulting path to long for buffer in qemudInitPaths() " ) ) ;
2007-02-17 02:30:55 +08:00
return - 1 ;
2007-02-14 09:40:09 +08:00
}
2007-06-11 20:04:54 +08:00
static struct qemud_server * qemudInitialize ( int sigread ) {
2007-02-14 09:40:09 +08:00
struct qemud_server * server ;
2007-12-12 05:57:29 +08:00
if ( ! ( server = calloc ( 1 , sizeof ( * server ) ) ) ) {
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_ERR , " %s " , _ ( " Failed to allocate struct qemud_server " ) ) ;
2007-02-14 09:40:09 +08:00
return NULL ;
2007-02-17 02:30:55 +08:00
}
2007-02-14 09:40:09 +08:00
2007-02-17 02:28:17 +08:00
server - > sigread = sigread ;
2007-02-14 09:40:09 +08:00
2007-06-27 07:48:46 +08:00
__virEventRegisterImpl ( virEventAddHandleImpl ,
2007-09-19 09:27:32 +08:00
virEventUpdateHandleImpl ,
2007-06-27 07:48:46 +08:00
virEventRemoveHandleImpl ,
virEventAddTimeoutImpl ,
2007-09-19 09:27:32 +08:00
virEventUpdateTimeoutImpl ,
2007-06-27 07:48:46 +08:00
virEventRemoveTimeoutImpl ) ;
2007-06-27 06:56:14 +08:00
virStateInitialize ( ) ;
2007-12-05 23:34:05 +08:00
return server ;
}
static struct qemud_server * qemudNetworkInit ( struct qemud_server * server ) {
struct qemud_socket * sock ;
char sockname [ PATH_MAX ] ;
char roSockname [ PATH_MAX ] ;
2007-12-05 23:24:15 +08:00
# if HAVE_SASL
2007-12-05 23:34:05 +08:00
int err ;
# endif /* HAVE_SASL */
roSockname [ 0 ] = ' \0 ' ;
if ( qemudInitPaths ( server , sockname , roSockname , PATH_MAX ) < 0 )
goto cleanup ;
if ( qemudListenUnix ( server , sockname , 0 , auth_unix_rw ) < 0 )
2007-12-05 23:24:15 +08:00
goto cleanup ;
2007-12-05 23:34:05 +08:00
if ( roSockname [ 0 ] ! = ' \0 ' & & qemudListenUnix ( server , roSockname , 1 , auth_unix_ro ) < 0 )
goto cleanup ;
# if HAVE_SASL
if ( auth_unix_rw = = REMOTE_AUTH_SASL | |
auth_unix_ro = = REMOTE_AUTH_SASL | |
auth_tcp = = REMOTE_AUTH_SASL | |
auth_tls = = REMOTE_AUTH_SASL ) {
if ( ( err = sasl_server_init ( NULL , " libvirt " ) ) ! = SASL_OK ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR ,
_ ( " Failed to initialize SASL authentication %s " ) ,
2007-12-05 23:34:05 +08:00
sasl_errstring ( err , NULL , NULL ) ) ;
goto cleanup ;
}
2007-12-05 23:24:15 +08:00
}
# endif
2007-12-06 02:21:27 +08:00
# ifdef HAVE_POLKIT
if ( auth_unix_rw = = REMOTE_AUTH_POLKIT | |
auth_unix_ro = = REMOTE_AUTH_POLKIT ) {
DBusError derr ;
dbus_error_init ( & derr ) ;
server - > sysbus = dbus_bus_get ( DBUS_BUS_SYSTEM , & derr ) ;
if ( ! ( server - > sysbus ) ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR ,
_ ( " Failed to connect to system bus for PolicyKit auth: %s " ) ,
2007-12-06 02:21:27 +08:00
derr . message ) ;
dbus_error_free ( & derr ) ;
goto cleanup ;
}
}
# endif
2007-06-27 07:48:46 +08:00
if ( ipsock ) {
2007-12-05 23:34:05 +08:00
if ( listen_tcp & & remoteListenTCP ( server , tcp_port , QEMUD_SOCK_TYPE_TCP , auth_tcp ) < 0 )
2007-06-11 20:04:54 +08:00
goto cleanup ;
if ( listen_tls ) {
if ( remoteInitializeGnuTLS ( ) < 0 )
goto cleanup ;
2007-12-05 23:34:05 +08:00
if ( remoteListenTCP ( server , tls_port , QEMUD_SOCK_TYPE_TLS , auth_tls ) < 0 )
2007-06-11 20:04:54 +08:00
goto cleanup ;
}
2007-02-14 09:40:09 +08:00
}
2007-09-19 09:56:55 +08:00
# ifdef HAVE_AVAHI
if ( getuid ( ) = = 0 & & mdns_adv ) {
struct libvirtd_mdns_group * group ;
int port = 0 ;
server - > mdns = libvirtd_mdns_new ( ) ;
if ( ! mdns_name ) {
char groupname [ 64 ] , localhost [ HOST_NAME_MAX + 1 ] , * tmp ;
/* Extract the host part of the potentially FQDN */
gethostname ( localhost , HOST_NAME_MAX ) ;
localhost [ HOST_NAME_MAX ] = ' \0 ' ;
if ( ( tmp = strchr ( localhost , ' . ' ) ) )
* tmp = ' \0 ' ;
snprintf ( groupname , sizeof ( groupname ) - 1 , " Virtualization Host %s " , localhost ) ;
groupname [ sizeof ( groupname ) - 1 ] = ' \0 ' ;
group = libvirtd_mdns_add_group ( server - > mdns , groupname ) ;
} else {
group = libvirtd_mdns_add_group ( server - > mdns , mdns_name ) ;
}
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
/*
2007-09-19 09:56:55 +08:00
* See if there ' s a TLS enabled port we can advertise . Cowardly
* don ' t bother to advertise TCP since we don ' t want people using
* them for real world apps
*/
sock = server - > sockets ;
while ( sock ) {
2007-12-05 23:27:08 +08:00
if ( sock - > port ! = - 1 & & sock - > type = = QEMUD_SOCK_TYPE_TLS ) {
2007-09-19 09:56:55 +08:00
port = sock - > port ;
break ;
}
sock = sock - > next ;
}
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
2007-09-19 09:56:55 +08:00
/*
* Add the primary entry - we choose SSH because its most likely to always
* be available
*/
libvirtd_mdns_add_entry ( group , " _libvirt._tcp " , port ) ;
libvirtd_mdns_start ( server - > mdns ) ;
}
# endif
2007-02-14 09:40:09 +08:00
return server ;
cleanup :
if ( server ) {
2007-09-19 09:56:55 +08:00
sock = server - > sockets ;
2007-02-14 09:40:09 +08:00
while ( sock ) {
close ( sock - > fd ) ;
sock = sock - > next ;
}
2007-12-06 02:21:27 +08:00
# ifdef HAVE_POLKIT
if ( server - > sysbus )
dbus_connection_unref ( server - > sysbus ) ;
# endif
2007-02-14 09:40:09 +08:00
free ( server ) ;
}
return NULL ;
}
2007-06-11 20:04:54 +08:00
static gnutls_session_t
remoteInitializeTLSSession ( void )
{
gnutls_session_t session ;
int err ;
err = gnutls_init ( & session , GNUTLS_SERVER ) ;
if ( err ! = 0 ) goto failed ;
/* avoid calling all the priority functions, since the defaults
* are adequate .
*/
err = gnutls_set_default_priority ( session ) ;
if ( err ! = 0 ) goto failed ;
err = gnutls_credentials_set ( session , GNUTLS_CRD_CERTIFICATE , x509_cred ) ;
if ( err ! = 0 ) goto failed ;
/* request client certificate if any.
*/
gnutls_certificate_server_set_request ( session , GNUTLS_CERT_REQUEST ) ;
gnutls_dh_set_prime_bits ( session , DH_BITS ) ;
return session ;
failed :
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " remoteInitializeTLSSession: %s " ) ,
2007-06-11 20:04:54 +08:00
gnutls_strerror ( err ) ) ;
return NULL ;
}
/* Check DN is on tls_allowed_dn_list. */
static int
remoteCheckDN ( gnutls_x509_crt_t cert )
{
char name [ 256 ] ;
size_t namesize = sizeof name ;
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
char * * wildcards ;
2007-06-11 20:04:54 +08:00
int err ;
err = gnutls_x509_crt_get_dn ( cert , name , & namesize ) ;
if ( err ! = 0 ) {
qemudLog ( QEMUD_ERR ,
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
_ ( " remoteCheckDN: gnutls_x509_cert_get_dn: %s " ) ,
2007-06-11 20:04:54 +08:00
gnutls_strerror ( err ) ) ;
return 0 ;
}
/* If the list is not set, allow any DN. */
wildcards = tls_allowed_dn_list ;
if ( ! wildcards )
return 1 ;
while ( * wildcards ) {
if ( fnmatch ( * wildcards , name , 0 ) = = 0 )
return 1 ;
wildcards + + ;
}
2007-06-11 21:24:45 +08:00
# ifdef ENABLE_DEBUG
2007-06-11 20:04:54 +08:00
/* Print the client's DN. */
qemudLog ( QEMUD_DEBUG ,
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
_ ( " remoteCheckDN: failed: client DN is %s " ) , name ) ;
2007-06-11 21:24:45 +08:00
# endif
2007-06-11 20:04:54 +08:00
return 0 ; // Not found.
}
static int
remoteCheckCertificate ( gnutls_session_t session )
{
int ret ;
unsigned int status ;
const gnutls_datum_t * certs ;
unsigned int nCerts , i ;
time_t now ;
if ( ( ret = gnutls_certificate_verify_peers2 ( session , & status ) ) < 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " remoteCheckCertificate: verify failed: %s " ) ,
2007-06-11 20:04:54 +08:00
gnutls_strerror ( ret ) ) ;
return - 1 ;
}
if ( status ! = 0 ) {
if ( status & GNUTLS_CERT_INVALID )
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_ERR , " %s " ,
_ ( " remoteCheckCertificate: "
" the client certificate is not trusted. " ) ) ;
2007-06-11 20:04:54 +08:00
if ( status & GNUTLS_CERT_SIGNER_NOT_FOUND )
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_ERR , " %s " ,
_ ( " remoteCheckCertificate: the client "
" certificate has unknown issuer. " ) ) ;
2007-06-11 20:04:54 +08:00
if ( status & GNUTLS_CERT_REVOKED )
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_ERR , " %s " ,
_ ( " remoteCheckCertificate: "
" the client certificate has been revoked. " ) ) ;
2007-06-11 20:04:54 +08:00
2007-08-07 21:02:35 +08:00
# ifndef GNUTLS_1_0_COMPAT
2007-06-11 20:04:54 +08:00
if ( status & GNUTLS_CERT_INSECURE_ALGORITHM )
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_ERR , " %s " ,
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
_ ( " remoteCheckCertificate: the client certificate "
" uses an insecure algorithm. " ) ) ;
2007-08-07 21:02:35 +08:00
# endif
2007-06-11 20:04:54 +08:00
return - 1 ;
}
if ( gnutls_certificate_type_get ( session ) ! = GNUTLS_CRT_X509 ) {
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_ERR ,
" %s " , _ ( " remoteCheckCertificate: certificate is not X.509 " ) ) ;
2007-06-11 20:04:54 +08:00
return - 1 ;
}
if ( ! ( certs = gnutls_certificate_get_peers ( session , & nCerts ) ) ) {
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_ERR , " %s " , _ ( " remoteCheckCertificate: no peers " ) ) ;
2007-06-11 20:04:54 +08:00
return - 1 ;
}
now = time ( NULL ) ;
for ( i = 0 ; i < nCerts ; i + + ) {
gnutls_x509_crt_t cert ;
if ( gnutls_x509_crt_init ( & cert ) < 0 ) {
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_ERR , " %s " ,
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
_ ( " remoteCheckCertificate: gnutls_x509_crt_init failed " ) ) ;
2007-06-11 20:04:54 +08:00
return - 1 ;
}
if ( gnutls_x509_crt_import ( cert , & certs [ i ] , GNUTLS_X509_FMT_DER ) < 0 ) {
gnutls_x509_crt_deinit ( cert ) ;
return - 1 ;
}
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
2007-06-11 20:04:54 +08:00
if ( gnutls_x509_crt_get_expiration_time ( cert ) < now ) {
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_ERR , " %s " , _ ( " remoteCheckCertificate: "
" the client certificate has expired " ) ) ;
2007-06-11 20:04:54 +08:00
gnutls_x509_crt_deinit ( cert ) ;
return - 1 ;
}
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
2007-06-11 20:04:54 +08:00
if ( gnutls_x509_crt_get_activation_time ( cert ) > now ) {
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_ERR , " %s " , _ ( " remoteCheckCertificate: the client "
" certificate is not yet activated " ) ) ;
2007-06-11 20:04:54 +08:00
gnutls_x509_crt_deinit ( cert ) ;
return - 1 ;
}
if ( i = = 0 ) {
if ( ! remoteCheckDN ( cert ) ) {
/* This is the most common error: make it informative. */
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_ERR , " %s " , _ ( " remoteCheckCertificate: client's Distinguished Name is not on the list of allowed clients (tls_allowed_dn_list). Use 'openssl x509 -in clientcert.pem -text' to view the Distinguished Name field in the client certificate, or run this daemon with --verbose option. " ) ) ;
2007-06-11 20:04:54 +08:00
gnutls_x509_crt_deinit ( cert ) ;
return - 1 ;
}
}
}
return 0 ;
}
/* Check the client's access. */
static int
remoteCheckAccess ( struct qemud_client * client )
{
/* Verify client certificate. */
2007-12-05 23:27:08 +08:00
if ( remoteCheckCertificate ( client - > tlssession ) = = - 1 ) {
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_ERR , " %s " ,
_ ( " remoteCheckCertificate: "
" failed to verify client's certificate " ) ) ;
2007-06-11 20:04:54 +08:00
if ( ! tls_no_verify_certificate ) return - 1 ;
2008-02-23 00:26:13 +08:00
else qemudLog ( QEMUD_INFO , " %s " ,
_ ( " remoteCheckCertificate: tls_no_verify_certificate "
" is set so the bad certificate is ignored " ) ) ;
2007-06-11 20:04:54 +08:00
}
/* Checks have succeeded. Write a '\1' byte back to the client to
* indicate this ( otherwise the socket is abruptly closed ) .
* ( NB . The ' \1 ' byte is sent in an encrypted record ) .
*/
client - > bufferLength = 1 ;
client - > bufferOffset = 0 ;
client - > buffer [ 0 ] = ' \1 ' ;
client - > mode = QEMUD_MODE_TX_PACKET ;
return 0 ;
}
2007-02-14 09:40:09 +08:00
static int qemudDispatchServer ( struct qemud_server * server , struct qemud_socket * sock ) {
int fd ;
struct sockaddr_storage addr ;
2007-06-11 20:04:54 +08:00
socklen_t addrlen = ( socklen_t ) ( sizeof addr ) ;
2007-02-14 09:40:09 +08:00
struct qemud_client * client ;
2007-06-11 20:04:54 +08:00
int no_slow_start = 1 ;
2007-02-14 09:40:09 +08:00
if ( ( fd = accept ( sock - > fd , ( struct sockaddr * ) & addr , & addrlen ) ) < 0 ) {
if ( errno = = EAGAIN )
return 0 ;
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " Failed to accept connection: %s " ) , strerror ( errno ) ) ;
2007-02-14 09:40:09 +08:00
return - 1 ;
}
2007-06-11 20:04:54 +08:00
/* Disable Nagle. Unix sockets will ignore this. */
setsockopt ( fd , IPPROTO_TCP , TCP_NODELAY , ( void * ) & no_slow_start ,
sizeof no_slow_start ) ;
2007-02-17 02:30:55 +08:00
if ( qemudSetCloseExec ( fd ) < 0 | |
qemudSetNonBlock ( fd ) < 0 ) {
2007-02-14 09:40:09 +08:00
close ( fd ) ;
return - 1 ;
}
2007-12-12 05:57:29 +08:00
client = calloc ( 1 , sizeof ( * client ) ) ;
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
if ( client = = NULL )
goto cleanup ;
2007-06-11 20:04:54 +08:00
client - > magic = QEMUD_CLIENT_MAGIC ;
2007-02-14 09:40:09 +08:00
client - > fd = fd ;
client - > readonly = sock - > readonly ;
2007-12-05 23:27:08 +08:00
client - > type = sock - > type ;
2007-12-05 23:24:15 +08:00
client - > auth = sock - > auth ;
2007-06-11 20:04:54 +08:00
memcpy ( & client - > addr , & addr , sizeof addr ) ;
client - > addrlen = addrlen ;
2007-12-05 23:27:08 +08:00
if ( client - > type ! = QEMUD_SOCK_TYPE_TLS ) {
2007-06-11 20:04:54 +08:00
client - > mode = QEMUD_MODE_RX_HEADER ;
2007-11-17 19:17:48 +08:00
client - > bufferLength = REMOTE_MESSAGE_HEADER_XDR_LEN ;
2007-06-27 03:11:00 +08:00
if ( qemudRegisterClientEvent ( server , client , 0 ) < 0 )
goto cleanup ;
2007-06-11 20:04:54 +08:00
} else {
int ret ;
2007-12-05 23:27:08 +08:00
client - > tlssession = remoteInitializeTLSSession ( ) ;
if ( client - > tlssession = = NULL )
2007-06-27 03:11:00 +08:00
goto cleanup ;
2007-06-11 20:04:54 +08:00
2007-12-05 23:27:08 +08:00
gnutls_transport_set_ptr ( client - > tlssession ,
2007-06-11 20:04:54 +08:00
( gnutls_transport_ptr_t ) ( long ) fd ) ;
/* Begin the TLS handshake. */
2007-12-05 23:27:08 +08:00
ret = gnutls_handshake ( client - > tlssession ) ;
2007-06-11 20:04:54 +08:00
if ( ret = = 0 ) {
/* Unlikely, but ... Next step is to check the certificate. */
if ( remoteCheckAccess ( client ) = = - 1 )
2007-06-27 03:11:00 +08:00
goto cleanup ;
if ( qemudRegisterClientEvent ( server , client , 0 ) < 0 )
goto cleanup ;
2007-06-11 20:04:54 +08:00
} else if ( ret = = GNUTLS_E_INTERRUPTED | | ret = = GNUTLS_E_AGAIN ) {
/* Most likely. */
client - > mode = QEMUD_MODE_TLS_HANDSHAKE ;
client - > bufferLength = - 1 ;
2007-06-27 03:11:00 +08:00
if ( qemudRegisterClientEvent ( server , client , 0 ) < 0 )
goto cleanup ;
2007-06-11 20:04:54 +08:00
} else {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " TLS handshake failed: %s " ) ,
2007-06-11 20:04:54 +08:00
gnutls_strerror ( ret ) ) ;
2007-06-27 03:11:00 +08:00
goto cleanup ;
2007-06-11 20:04:54 +08:00
}
}
2007-02-14 09:40:09 +08:00
client - > next = server - > clients ;
server - > clients = client ;
server - > nclients + + ;
return 0 ;
2007-06-11 20:04:54 +08:00
2007-06-27 03:11:00 +08:00
cleanup :
2007-12-05 23:27:08 +08:00
if ( client - > tlssession ) gnutls_deinit ( client - > tlssession ) ;
2007-06-11 20:04:54 +08:00
close ( fd ) ;
free ( client ) ;
return - 1 ;
2007-02-14 09:40:09 +08:00
}
static void qemudDispatchClientFailure ( struct qemud_server * server , struct qemud_client * client ) {
struct qemud_client * tmp = server - > clients ;
struct qemud_client * prev = NULL ;
while ( tmp ) {
if ( tmp = = client ) {
if ( prev = = NULL )
server - > clients = client - > next ;
else
prev - > next = client - > next ;
server - > nclients - - ;
break ;
}
prev = tmp ;
tmp = tmp - > next ;
}
2007-06-11 20:04:54 +08:00
2007-06-27 06:51:01 +08:00
virEventRemoveHandleImpl ( client - > fd ) ;
2007-06-27 03:11:00 +08:00
2007-07-12 23:04:05 +08:00
if ( client - > conn )
virConnectClose ( client - > conn ) ;
2007-12-05 23:24:15 +08:00
# if HAVE_SASL
if ( client - > saslconn ) sasl_dispose ( & client - > saslconn ) ;
2008-01-30 01:41:07 +08:00
free ( client - > saslUsername ) ;
2007-12-05 23:24:15 +08:00
# endif
2007-12-05 23:27:08 +08:00
if ( client - > tlssession ) gnutls_deinit ( client - > tlssession ) ;
2007-02-14 09:40:09 +08:00
close ( client - > fd ) ;
free ( client ) ;
}
2007-12-05 23:27:08 +08:00
static int qemudClientReadBuf ( struct qemud_server * server ,
struct qemud_client * client ,
char * data , unsigned len ) {
int ret ;
2007-06-11 20:04:54 +08:00
/*qemudDebug ("qemudClientRead: len = %d", len);*/
2007-12-05 23:27:08 +08:00
if ( ! client - > tlssession ) {
2007-06-11 20:04:54 +08:00
if ( ( ret = read ( client - > fd , data , len ) ) < = 0 ) {
if ( ret = = 0 | | errno ! = EAGAIN ) {
if ( ret ! = 0 )
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " read: %s " ) , strerror ( errno ) ) ;
2007-06-11 20:04:54 +08:00
qemudDispatchClientFailure ( server , client ) ;
}
return - 1 ;
}
} else {
2007-12-05 23:27:08 +08:00
ret = gnutls_record_recv ( client - > tlssession , data , len ) ;
2007-06-27 03:11:00 +08:00
if ( qemudRegisterClientEvent ( server , client , 1 ) < 0 )
qemudDispatchClientFailure ( server , client ) ;
2007-07-12 23:04:05 +08:00
else if ( ret < = 0 ) {
2007-06-11 20:04:54 +08:00
if ( ret = = 0 | | ( ret ! = GNUTLS_E_AGAIN & &
ret ! = GNUTLS_E_INTERRUPTED ) ) {
if ( ret ! = 0 )
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " gnutls_record_recv: %s " ) ,
2007-06-11 20:04:54 +08:00
gnutls_strerror ( ret ) ) ;
qemudDispatchClientFailure ( server , client ) ;
}
return - 1 ;
}
2007-02-14 09:40:09 +08:00
}
2007-06-11 20:04:54 +08:00
2007-12-05 23:27:08 +08:00
return ret ;
}
static int qemudClientReadPlain ( struct qemud_server * server ,
struct qemud_client * client ) {
int ret ;
ret = qemudClientReadBuf ( server , client ,
client - > buffer + client - > bufferOffset ,
client - > bufferLength - client - > bufferOffset ) ;
if ( ret < 0 )
return ret ;
2007-06-11 20:04:54 +08:00
client - > bufferOffset + = ret ;
return 0 ;
2007-02-14 09:40:09 +08:00
}
2007-12-05 23:27:08 +08:00
# if HAVE_SASL
static int qemudClientReadSASL ( struct qemud_server * server ,
struct qemud_client * client ) {
int got , want ;
/* We're doing a SSF data read, so now its times to ensure
* future writes are under SSF too .
*
* cf remoteSASLCheckSSF in remote . c
*/
client - > saslSSF | = QEMUD_SASL_SSF_WRITE ;
/* Need to read some more data off the wire */
if ( client - > saslDecoded = = NULL ) {
char encoded [ 8192 ] ;
int encodedLen = sizeof ( encoded ) ;
encodedLen = qemudClientReadBuf ( server , client , encoded , encodedLen ) ;
if ( encodedLen < 0 )
return - 1 ;
sasl_decode ( client - > saslconn , encoded , encodedLen ,
& client - > saslDecoded , & client - > saslDecodedLength ) ;
client - > saslDecodedOffset = 0 ;
}
/* Some buffered decoded data to return now */
got = client - > saslDecodedLength - client - > saslDecodedOffset ;
want = client - > bufferLength - client - > bufferOffset ;
if ( want > got )
want = got ;
memcpy ( client - > buffer + client - > bufferOffset ,
client - > saslDecoded + client - > saslDecodedOffset , want ) ;
client - > saslDecodedOffset + = want ;
client - > bufferOffset + = want ;
if ( client - > saslDecodedOffset = = client - > saslDecodedLength ) {
client - > saslDecoded = NULL ;
client - > saslDecodedOffset = client - > saslDecodedLength = 0 ;
}
return 0 ;
}
# endif
static int qemudClientRead ( struct qemud_server * server ,
struct qemud_client * client ) {
# if HAVE_SASL
if ( client - > saslSSF & QEMUD_SASL_SSF_READ )
return qemudClientReadSASL ( server , client ) ;
else
# endif
return qemudClientReadPlain ( server , client ) ;
}
2007-02-14 09:40:09 +08:00
static void qemudDispatchClientRead ( struct qemud_server * server , struct qemud_client * client ) {
2007-06-11 20:04:54 +08:00
/*qemudDebug ("qemudDispatchClientRead: mode = %d", client->mode);*/
2007-02-14 09:40:09 +08:00
2007-06-11 20:04:54 +08:00
switch ( client - > mode ) {
case QEMUD_MODE_RX_HEADER : {
XDR x ;
2007-11-17 19:17:48 +08:00
unsigned int len ;
2007-06-11 20:04:54 +08:00
if ( qemudClientRead ( server , client ) < 0 )
return ; /* Error, or blocking */
if ( client - > bufferOffset < client - > bufferLength )
return ; /* Not read enough */
xdrmem_create ( & x , client - > buffer , client - > bufferLength , XDR_DECODE ) ;
2007-11-17 19:17:48 +08:00
if ( ! xdr_u_int ( & x , & len ) ) {
xdr_destroy ( & x ) ;
qemudDebug ( " Failed to decode packet length " ) ;
2007-02-14 09:40:09 +08:00
qemudDispatchClientFailure ( server , client ) ;
return ;
}
2007-11-17 19:17:48 +08:00
xdr_destroy ( & x ) ;
2007-06-11 20:04:54 +08:00
2007-11-17 19:17:48 +08:00
if ( len > REMOTE_MESSAGE_MAX ) {
qemudDebug ( " Packet length %u too large " , len ) ;
2007-06-11 20:04:54 +08:00
qemudDispatchClientFailure ( server , client ) ;
return ;
2007-02-14 09:40:09 +08:00
}
2007-06-11 20:04:54 +08:00
2007-11-17 19:17:48 +08:00
/* Length include length of the length field itself, so
* check minimum size requirements */
if ( len < = REMOTE_MESSAGE_HEADER_XDR_LEN ) {
qemudDebug ( " Packet length %u too small " , len ) ;
2007-06-11 20:04:54 +08:00
qemudDispatchClientFailure ( server , client ) ;
return ;
}
client - > mode = QEMUD_MODE_RX_PAYLOAD ;
2007-11-17 19:17:48 +08:00
client - > bufferLength = len - REMOTE_MESSAGE_HEADER_XDR_LEN ;
client - > bufferOffset = 0 ;
2007-06-11 20:04:54 +08:00
2007-06-27 03:11:00 +08:00
if ( qemudRegisterClientEvent ( server , client , 1 ) < 0 ) {
qemudDispatchClientFailure ( server , client ) ;
return ;
}
2007-06-11 20:04:54 +08:00
/* Fall through */
2007-02-14 09:40:09 +08:00
}
2007-06-11 20:04:54 +08:00
case QEMUD_MODE_RX_PAYLOAD : {
if ( qemudClientRead ( server , client ) < 0 )
return ; /* Error, or blocking */
if ( client - > bufferOffset < client - > bufferLength )
return ; /* Not read enough */
2007-11-17 19:17:48 +08:00
remoteDispatchClientRequest ( server , client ) ;
if ( qemudRegisterClientEvent ( server , client , 1 ) < 0 )
2007-06-11 20:04:54 +08:00
qemudDispatchClientFailure ( server , client ) ;
break ;
}
case QEMUD_MODE_TLS_HANDSHAKE : {
int ret ;
/* Continue the handshake. */
2007-12-05 23:27:08 +08:00
ret = gnutls_handshake ( client - > tlssession ) ;
2007-06-11 20:04:54 +08:00
if ( ret = = 0 ) {
/* Finished. Next step is to check the certificate. */
if ( remoteCheckAccess ( client ) = = - 1 )
qemudDispatchClientFailure ( server , client ) ;
2007-07-12 23:04:05 +08:00
else if ( qemudRegisterClientEvent ( server , client , 1 ) < 0 )
2007-06-27 03:11:00 +08:00
qemudDispatchClientFailure ( server , client ) ;
2007-06-11 20:04:54 +08:00
} else if ( ret ! = GNUTLS_E_AGAIN & & ret ! = GNUTLS_E_INTERRUPTED ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " TLS handshake failed: %s " ) ,
2007-06-11 20:04:54 +08:00
gnutls_strerror ( ret ) ) ;
qemudDispatchClientFailure ( server , client ) ;
2007-06-27 03:11:00 +08:00
} else {
if ( qemudRegisterClientEvent ( server , client , 1 ) < 0 )
qemudDispatchClientFailure ( server , client ) ;
}
2007-06-11 20:04:54 +08:00
break ;
}
default :
qemudDebug ( " Got unexpected data read while in %d mode " , client - > mode ) ;
qemudDispatchClientFailure ( server , client ) ;
2007-02-14 09:40:09 +08:00
}
}
2007-12-05 23:27:08 +08:00
static int qemudClientWriteBuf ( struct qemud_server * server ,
struct qemud_client * client ,
const char * data , int len ) {
int ret ;
if ( ! client - > tlssession ) {
Use safewrite in place of write, in many cases.
Also add "make syntax-check" rules to ensure no new uses sneak in.
There are many uses of write like this:
if (write (fd, xml, towrite) != towrite)
return -1;
The problem is that the syscall can succeed, yet write less than
the requested number of bytes, so the caller should retry
rather than simply failing.
This patch changes most of them to use util.c's safewrite wrapper,
which encapsulates the process. Also, there were a few cases in
which the retry loop was open-coded, and I replaced those, too.
* Makefile.maint (sc_avoid_write): New rule, to avoid recurrence.
* .x-sc_avoid_write: New file. Record two legitimate exemptions.
* qemud/qemud.c (sig_handler, qemudClientWriteBuf): Use safewrite, not write.
* src/conf.c (__virConfWriteFile): Likewise.
* src/qemu_conf.c (qemudSaveConfig, qemudSaveNetworkConfig): Likewise.
* src/qemu_driver.c (qemudWaitForMonitor, qemudStartVMDaemon)
(qemudVMData, PROC_IP_FORWARD): Likewise.
* proxy/libvirt_proxy.c: Include "util.h".
(proxyWriteClientSocket): Use safewrite.
* src/test.c (testDomainSave, testDomainCoreDump): Likewise.
* src/proxy_internal.c (virProxyWriteClientSocket): Likewise.
* src/virsh.c: Include "util-lib.h".
(vshOutputLogFile): Use safewrite.
* src/console.c: Include "util-lib.h".
(vshRunConsole): Use safewrite.
2008-02-22 23:55:04 +08:00
if ( ( ret = safewrite ( client - > fd , data , len ) ) = = - 1 ) {
qemudLog ( QEMUD_ERR , _ ( " write: %s " ) , strerror ( errno ) ) ;
qemudDispatchClientFailure ( server , client ) ;
2007-06-11 20:04:54 +08:00
return - 1 ;
}
} else {
2007-12-05 23:27:08 +08:00
ret = gnutls_record_send ( client - > tlssession , data , len ) ;
2007-06-27 03:11:00 +08:00
if ( qemudRegisterClientEvent ( server , client , 1 ) < 0 )
qemudDispatchClientFailure ( server , client ) ;
2007-07-12 23:04:05 +08:00
else if ( ret < 0 ) {
2007-06-11 20:04:54 +08:00
if ( ret ! = GNUTLS_E_INTERRUPTED & & ret ! = GNUTLS_E_AGAIN ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " gnutls_record_send: %s " ) ,
2007-06-11 20:04:54 +08:00
gnutls_strerror ( ret ) ) ;
qemudDispatchClientFailure ( server , client ) ;
}
return - 1 ;
}
2007-02-14 09:40:09 +08:00
}
2007-12-05 23:27:08 +08:00
return ret ;
}
2007-06-11 20:04:54 +08:00
2007-12-05 23:27:08 +08:00
static int qemudClientWritePlain ( struct qemud_server * server ,
struct qemud_client * client ) {
int ret = qemudClientWriteBuf ( server , client ,
client - > buffer + client - > bufferOffset ,
client - > bufferLength - client - > bufferOffset ) ;
if ( ret < 0 )
return - 1 ;
2007-06-11 20:04:54 +08:00
client - > bufferOffset + = ret ;
return 0 ;
2007-02-14 09:40:09 +08:00
}
2007-12-05 23:27:08 +08:00
# if HAVE_SASL
static int qemudClientWriteSASL ( struct qemud_server * server ,
struct qemud_client * client ) {
int ret ;
/* Not got any pending encoded data, so we need to encode raw stuff */
if ( client - > saslEncoded = = NULL ) {
int err ;
err = sasl_encode ( client - > saslconn ,
client - > buffer + client - > bufferOffset ,
client - > bufferLength - client - > bufferOffset ,
& client - > saslEncoded ,
& client - > saslEncodedLength ) ;
client - > saslEncodedOffset = 0 ;
}
/* Send some of the encoded stuff out on the wire */
ret = qemudClientWriteBuf ( server , client ,
client - > saslEncoded + client - > saslEncodedOffset ,
client - > saslEncodedLength - client - > saslEncodedOffset ) ;
if ( ret < 0 )
return - 1 ;
/* Note how much we sent */
client - > saslEncodedOffset + = ret ;
/* Sent all encoded, so update raw buffer to indicate completion */
if ( client - > saslEncodedOffset = = client - > saslEncodedLength ) {
client - > saslEncoded = NULL ;
client - > saslEncodedOffset = client - > saslEncodedLength = 0 ;
client - > bufferOffset = client - > bufferLength ;
}
return 0 ;
}
# endif
static int qemudClientWrite ( struct qemud_server * server ,
struct qemud_client * client ) {
# if HAVE_SASL
if ( client - > saslSSF & QEMUD_SASL_SSF_WRITE )
return qemudClientWriteSASL ( server , client ) ;
else
# endif
return qemudClientWritePlain ( server , client ) ;
}
2007-02-14 09:40:09 +08:00
static void qemudDispatchClientWrite ( struct qemud_server * server , struct qemud_client * client ) {
2007-06-11 20:04:54 +08:00
switch ( client - > mode ) {
case QEMUD_MODE_TX_PACKET : {
if ( qemudClientWrite ( server , client ) < 0 )
return ;
if ( client - > bufferOffset = = client - > bufferLength ) {
/* Done writing, switch back to receive */
client - > mode = QEMUD_MODE_RX_HEADER ;
2007-11-17 19:17:48 +08:00
client - > bufferLength = REMOTE_MESSAGE_HEADER_XDR_LEN ;
2007-06-11 20:04:54 +08:00
client - > bufferOffset = 0 ;
2007-06-27 03:11:00 +08:00
if ( qemudRegisterClientEvent ( server , client , 1 ) < 0 )
qemudDispatchClientFailure ( server , client ) ;
2007-06-11 20:04:54 +08:00
}
/* Still writing */
break ;
}
case QEMUD_MODE_TLS_HANDSHAKE : {
int ret ;
/* Continue the handshake. */
2007-12-05 23:27:08 +08:00
ret = gnutls_handshake ( client - > tlssession ) ;
2007-06-11 20:04:54 +08:00
if ( ret = = 0 ) {
/* Finished. Next step is to check the certificate. */
if ( remoteCheckAccess ( client ) = = - 1 )
qemudDispatchClientFailure ( server , client ) ;
2007-07-12 23:04:05 +08:00
else if ( qemudRegisterClientEvent ( server , client , 1 ) )
2007-06-27 03:11:00 +08:00
qemudDispatchClientFailure ( server , client ) ;
2007-06-11 20:04:54 +08:00
} else if ( ret ! = GNUTLS_E_AGAIN & & ret ! = GNUTLS_E_INTERRUPTED ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " TLS handshake failed: %s " ) ,
2007-06-11 20:04:54 +08:00
gnutls_strerror ( ret ) ) ;
qemudDispatchClientFailure ( server , client ) ;
2007-06-27 03:11:00 +08:00
} else {
if ( qemudRegisterClientEvent ( server , client , 1 ) )
qemudDispatchClientFailure ( server , client ) ;
}
2007-06-11 20:04:54 +08:00
break ;
}
default :
qemudDebug ( " Got unexpected data write while in %d mode " , client - > mode ) ;
qemudDispatchClientFailure ( server , client ) ;
2007-02-14 09:40:09 +08:00
}
}
2007-06-27 03:11:00 +08:00
static void qemudDispatchClientEvent ( int fd , int events , void * opaque ) {
struct qemud_server * server = ( struct qemud_server * ) opaque ;
struct qemud_client * client = server - > clients ;
2007-02-23 16:39:49 +08:00
2007-03-06 01:15:20 +08:00
while ( client ) {
2007-06-27 03:11:00 +08:00
if ( client - > fd = = fd )
break ;
client = client - > next ;
}
2007-06-11 20:04:54 +08:00
2007-06-27 03:11:00 +08:00
if ( ! client )
return ;
2007-06-11 20:04:54 +08:00
2007-06-27 03:11:00 +08:00
if ( events = = POLLOUT )
qemudDispatchClientWrite ( server , client ) ;
else if ( events = = POLLIN )
qemudDispatchClientRead ( server , client ) ;
else
qemudDispatchClientFailure ( server , client ) ;
}
static int qemudRegisterClientEvent ( struct qemud_server * server ,
struct qemud_client * client ,
int removeFirst ) {
2007-12-05 23:27:08 +08:00
int mode ;
switch ( client - > mode ) {
case QEMUD_MODE_TLS_HANDSHAKE :
if ( gnutls_record_get_direction ( client - > tlssession ) = = 0 )
mode = POLLIN ;
else
mode = POLLOUT ;
break ;
case QEMUD_MODE_RX_HEADER :
case QEMUD_MODE_RX_PAYLOAD :
mode = POLLIN ;
break ;
case QEMUD_MODE_TX_PACKET :
mode = POLLOUT ;
break ;
default :
return - 1 ;
}
2007-06-27 03:11:00 +08:00
if ( removeFirst )
2007-06-27 06:51:01 +08:00
if ( virEventRemoveHandleImpl ( client - > fd ) < 0 )
2007-06-27 03:11:00 +08:00
return - 1 ;
2007-12-05 23:27:08 +08:00
if ( virEventAddHandleImpl ( client - > fd ,
mode | POLLERR | POLLHUP ,
qemudDispatchClientEvent ,
server ) < 0 )
2007-06-27 03:11:00 +08:00
return - 1 ;
return 0 ;
}
static void qemudDispatchServerEvent ( int fd , int events , void * opaque ) {
struct qemud_server * server = ( struct qemud_server * ) opaque ;
struct qemud_socket * sock = server - > sockets ;
2007-03-06 01:15:20 +08:00
while ( sock ) {
2007-06-27 03:11:00 +08:00
if ( sock - > fd = = fd )
break ;
sock = sock - > next ;
2007-03-06 01:15:20 +08:00
}
2007-02-14 09:40:09 +08:00
2007-06-27 03:11:00 +08:00
if ( ! sock )
return ;
if ( events )
qemudDispatchServer ( server , sock ) ;
}
2007-06-27 04:51:00 +08:00
static int qemudOneLoop ( void ) {
2007-03-27 18:28:45 +08:00
sig_atomic_t errors ;
2007-02-14 09:40:09 +08:00
2007-06-27 03:11:00 +08:00
if ( virEventRunOnce ( ) < 0 )
2007-02-14 09:40:09 +08:00
return - 1 ;
2007-03-27 18:28:45 +08:00
/* Check for any signal handling errors and log them. */
errors = sig_errors ;
if ( errors ) {
sig_errors - = errors ;
qemudLog ( QEMUD_ERR ,
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
_ ( " Signal handler reported %d errors: last error: %s " ) ,
2007-03-27 18:28:45 +08:00
errors , strerror ( sig_lasterrno ) ) ;
return - 1 ;
}
2007-02-14 09:40:09 +08:00
return 0 ;
}
2007-06-27 06:56:14 +08:00
static void qemudInactiveTimer ( int timer ATTRIBUTE_UNUSED , void * data ) {
struct qemud_server * server = ( struct qemud_server * ) data ;
qemudDebug ( " Got inactive timer expiry " ) ;
if ( ! virStateActive ( ) ) {
qemudDebug ( " No state active, shutting down " ) ;
server - > shutdown = 1 ;
}
}
2007-06-11 20:04:54 +08:00
static int qemudRunLoop ( struct qemud_server * server ) {
2007-06-27 06:56:14 +08:00
int timerid = - 1 ;
for ( ; ; ) {
/* A shutdown timeout is specified, so check
* if any drivers have active state , if not
* shutdown after timeout seconds
*/
if ( timeout > 0 & & ! virStateActive ( ) & & ! server - > clients ) {
timerid = virEventAddTimeoutImpl ( timeout * 1000 , qemudInactiveTimer , server ) ;
qemudDebug ( " Scheduling shutdown timer %d " , timerid ) ;
}
if ( qemudOneLoop ( ) < 0 )
break ;
2007-02-14 09:40:09 +08:00
2007-06-27 06:56:14 +08:00
/* Unregister any timeout that's active, since we
* just had an event processed
*/
if ( timerid ! = - 1 ) {
qemudDebug ( " Removing shutdown timer %d " , timerid ) ;
virEventRemoveTimeoutImpl ( timerid ) ;
timerid = - 1 ;
}
2007-02-14 09:40:09 +08:00
2007-06-27 06:56:14 +08:00
if ( server - > shutdown )
return 0 ;
}
return - 1 ;
2007-02-14 09:40:09 +08:00
}
static void qemudCleanup ( struct qemud_server * server ) {
2007-02-21 01:51:41 +08:00
struct qemud_socket * sock ;
2007-02-17 02:28:17 +08:00
close ( server - > sigread ) ;
2007-02-21 01:51:41 +08:00
sock = server - > sockets ;
2007-02-14 09:40:09 +08:00
while ( sock ) {
2007-02-21 01:51:41 +08:00
struct qemud_socket * next = sock - > next ;
2007-02-14 09:40:09 +08:00
close ( sock - > fd ) ;
2007-02-21 01:51:41 +08:00
free ( sock ) ;
sock = next ;
2007-02-14 09:40:09 +08:00
}
2007-02-21 01:51:41 +08:00
2007-12-06 03:25:44 +08:00
# ifdef HAVE_SASL
2007-12-05 23:34:05 +08:00
if ( server - > saslUsernameWhitelist ) {
char * * list = server - > saslUsernameWhitelist ;
while ( * list ) {
2008-01-30 01:41:07 +08:00
free ( * list ) ;
2007-12-05 23:34:05 +08:00
list + + ;
}
}
2007-12-06 03:25:44 +08:00
# endif
2007-02-21 01:51:41 +08:00
2007-06-27 06:56:14 +08:00
virStateCleanup ( ) ;
2007-06-11 20:04:54 +08:00
2007-02-14 09:40:09 +08:00
free ( server ) ;
}
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
/* Allocate an array of malloc'd strings from the config file, filename
* ( used only in diagnostics ) , using handle " conf " . Upon error , return - 1
* and free any allocated memory . Otherwise , save the array in * list_arg
* and return 0.
*/
static int
remoteConfigGetStringList ( virConfPtr conf , const char * key , char * * * list_arg ,
const char * filename )
{
char * * list ;
virConfValuePtr p = virConfGetValue ( conf , key ) ;
if ( ! p )
return 0 ;
switch ( p - > type ) {
case VIR_CONF_STRING :
list = malloc ( 2 * sizeof ( * list ) ) ;
if ( list = = NULL ) {
qemudLog ( QEMUD_ERR ,
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
_ ( " failed to allocate memory for %s config list " ) , key ) ;
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
return - 1 ;
}
list [ 0 ] = strdup ( p - > str ) ;
list [ 1 ] = NULL ;
if ( list [ 0 ] = = NULL ) {
qemudLog ( QEMUD_ERR ,
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
_ ( " failed to allocate memory for %s config list value " ) ,
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
key ) ;
free ( list ) ;
return - 1 ;
}
break ;
case VIR_CONF_LIST : {
int i , len = 0 ;
virConfValuePtr pp ;
for ( pp = p - > list ; pp ; pp = pp - > next )
len + + ;
list = calloc ( 1 + len , sizeof ( * list ) ) ;
if ( list = = NULL ) {
qemudLog ( QEMUD_ERR ,
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
_ ( " failed to allocate memory for %s config list " ) , key ) ;
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
return - 1 ;
}
for ( i = 0 , pp = p - > list ; pp ; + + i , pp = pp - > next ) {
if ( pp - > type ! = VIR_CONF_STRING ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " remoteReadConfigFile: %s: %s: "
" must be a string or list of strings \n " ) ,
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
filename , key ) ;
free ( list ) ;
return - 1 ;
}
list [ i ] = strdup ( pp - > str ) ;
if ( list [ i ] = = NULL ) {
int j ;
for ( j = 0 ; j < i ; j + + )
free ( list [ j ] ) ;
free ( list ) ;
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " failed to allocate memory "
" for %s config list value " ) , key ) ;
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
return - 1 ;
}
}
list [ i ] = NULL ;
break ;
}
default :
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " remoteReadConfigFile: %s: %s: "
" must be a string or list of strings \n " ) ,
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
filename , key ) ;
return - 1 ;
}
* list_arg = list ;
return 0 ;
}
/* A helper function used by each of the following macros. */
static int
checkType ( virConfValuePtr p , const char * filename ,
const char * key , virConfType required_type )
{
if ( p - > type ! = required_type ) {
qemudLog ( QEMUD_ERR ,
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
_ ( " remoteReadConfigFile: %s: %s: invalid type: "
" got %s; expected %s \n " ) , filename , key ,
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
virConfTypeName ( p - > type ) ,
virConfTypeName ( required_type ) ) ;
return - 1 ;
}
return 0 ;
}
/* If there is no config data for the key, #var_name, then do nothing.
If there is valid data of type VIR_CONF_STRING , and strdup succeeds ,
store the result in var_name . Otherwise , ( i . e . invalid type , or strdup
failure ) , give a diagnostic and " goto " the cleanup - and - fail label . */
# define GET_CONF_STR(conf, filename, var_name) \
do { \
virConfValuePtr p = virConfGetValue ( conf , # var_name ) ; \
if ( p ) { \
if ( checkType ( p , filename , # var_name , VIR_CONF_STRING ) < 0 ) \
goto free_and_fail ; \
( var_name ) = strdup ( p - > str ) ; \
if ( ( var_name ) = = NULL ) { \
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " remoteReadConfigFile: %s \n " ) , \
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
strerror ( errno ) ) ; \
goto free_and_fail ; \
} \
} \
} while ( 0 )
/* Like GET_CONF_STR, but for integral values. */
# define GET_CONF_INT(conf, filename, var_name) \
do { \
virConfValuePtr p = virConfGetValue ( conf , # var_name ) ; \
if ( p ) { \
if ( checkType ( p , filename , # var_name , VIR_CONF_LONG ) < 0 ) \
goto free_and_fail ; \
( var_name ) = p - > l ; \
} \
} while ( 0 )
2007-12-05 23:34:05 +08:00
static int remoteConfigGetAuth ( virConfPtr conf , const char * key , int * auth , const char * filename ) {
virConfValuePtr p ;
p = virConfGetValue ( conf , key ) ;
if ( ! p )
return 0 ;
2007-12-12 05:20:13 +08:00
if ( checkType ( p , filename , key , VIR_CONF_STRING ) < 0 )
2007-12-05 23:34:05 +08:00
return - 1 ;
if ( ! p - > str )
return 0 ;
if ( STREQ ( p - > str , " none " ) ) {
* auth = REMOTE_AUTH_NONE ;
# if HAVE_SASL
} else if ( STREQ ( p - > str , " sasl " ) ) {
* auth = REMOTE_AUTH_SASL ;
2007-12-06 02:21:27 +08:00
# endif
# if HAVE_POLKIT
} else if ( STREQ ( p - > str , " polkit " ) ) {
* auth = REMOTE_AUTH_POLKIT ;
2007-12-05 23:34:05 +08:00
# endif
} else {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR ,
_ ( " remoteReadConfigFile: %s: %s: unsupported auth %s \n " ) ,
filename , key , p - > str ) ;
2007-12-05 23:34:05 +08:00
return - 1 ;
}
return 0 ;
}
2007-12-06 03:25:44 +08:00
# ifdef HAVE_SASL
static inline int
remoteReadSaslAllowedUsernameList ( virConfPtr conf ,
struct qemud_server * server ,
const char * filename )
{
return
remoteConfigGetStringList ( conf , " sasl_allowed_username_list " ,
& server - > saslUsernameWhitelist , filename ) ;
}
# else
static inline int
remoteReadSaslAllowedUsernameList ( virConfPtr conf ATTRIBUTE_UNUSED ,
struct qemud_server * server ATTRIBUTE_UNUSED ,
const char * filename ATTRIBUTE_UNUSED )
{
return 0 ;
}
# endif
2007-06-11 20:04:54 +08:00
/* Read the config file if it exists.
* Only used in the remote case , hence the name .
*/
static int
2007-12-05 23:34:05 +08:00
remoteReadConfigFile ( struct qemud_server * server , const char * filename )
2007-06-11 20:04:54 +08:00
{
virConfPtr conf ;
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
/* The following variable names must match the corresponding
configuration strings . */
char * unix_sock_ro_perms = NULL ;
char * unix_sock_rw_perms = NULL ;
char * unix_sock_group = NULL ;
2007-06-11 20:04:54 +08:00
/* Just check the file is readable before opening it, otherwise
* libvirt emits an error .
*/
if ( access ( filename , R_OK ) = = - 1 ) return 0 ;
conf = virConfReadFile ( filename ) ;
if ( ! conf ) return 0 ;
2007-12-06 02:56:27 +08:00
GET_CONF_INT ( conf , filename , listen_tcp ) ;
GET_CONF_INT ( conf , filename , listen_tls ) ;
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
GET_CONF_STR ( conf , filename , tls_port ) ;
GET_CONF_STR ( conf , filename , tcp_port ) ;
2007-06-11 20:04:54 +08:00
2007-12-05 23:34:05 +08:00
if ( remoteConfigGetAuth ( conf , " auth_unix_rw " , & auth_unix_rw , filename ) < 0 )
return - 1 ;
2007-12-06 02:21:27 +08:00
# if HAVE_POLKIT
/* Change default perms to be wide-open if PolicyKit is enabled.
* Admin can always override in config file
*/
if ( auth_unix_rw = = REMOTE_AUTH_POLKIT )
unix_sock_rw_mask = 0777 ;
# endif
2007-12-05 23:34:05 +08:00
if ( remoteConfigGetAuth ( conf , " auth_unix_ro " , & auth_unix_ro , filename ) < 0 )
return - 1 ;
if ( remoteConfigGetAuth ( conf , " auth_tcp " , & auth_tcp , filename ) < 0 )
return - 1 ;
if ( remoteConfigGetAuth ( conf , " auth_tls " , & auth_tls , filename ) < 0 )
return - 1 ;
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
GET_CONF_STR ( conf , filename , unix_sock_group ) ;
if ( unix_sock_group ) {
2007-09-19 10:28:01 +08:00
if ( getuid ( ) ! = 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_WARN ,
2008-02-23 00:26:13 +08:00
" %s " , _ ( " Cannot set group when not running as root " ) ) ;
2007-09-19 10:28:01 +08:00
} else {
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
struct group * grp = getgrnam ( unix_sock_group ) ;
2007-09-19 10:28:01 +08:00
if ( ! grp ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " Failed to lookup group '%s' " ) ,
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
unix_sock_group ) ;
goto free_and_fail ;
2007-09-19 10:28:01 +08:00
}
unix_sock_gid = grp - > gr_gid ;
}
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
free ( unix_sock_group ) ;
unix_sock_group = NULL ;
2007-09-19 10:28:01 +08:00
}
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
GET_CONF_STR ( conf , filename , unix_sock_ro_perms ) ;
if ( unix_sock_ro_perms ) {
2008-02-08 17:15:16 +08:00
if ( virStrToLong_i ( unix_sock_ro_perms , NULL , 8 , & unix_sock_ro_mask ) ! = 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " Failed to parse mode '%s' " ) ,
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
unix_sock_ro_perms ) ;
goto free_and_fail ;
2007-09-19 10:28:01 +08:00
}
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
free ( unix_sock_ro_perms ) ;
unix_sock_ro_perms = NULL ;
2007-09-19 10:28:01 +08:00
}
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
GET_CONF_STR ( conf , filename , unix_sock_rw_perms ) ;
if ( unix_sock_rw_perms ) {
2008-02-08 17:15:16 +08:00
if ( virStrToLong_i ( unix_sock_rw_perms , NULL , 8 , & unix_sock_rw_mask ) ! = 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " Failed to parse mode '%s' " ) ,
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
unix_sock_rw_perms ) ;
goto free_and_fail ;
2007-09-19 10:28:01 +08:00
}
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
free ( unix_sock_rw_perms ) ;
unix_sock_rw_perms = NULL ;
2007-09-19 10:28:01 +08:00
}
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
GET_CONF_INT ( conf , filename , mdns_adv ) ;
GET_CONF_STR ( conf , filename , mdns_name ) ;
2007-09-19 09:56:55 +08:00
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
GET_CONF_INT ( conf , filename , tls_no_verify_certificate ) ;
2007-06-11 20:04:54 +08:00
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
GET_CONF_STR ( conf , filename , key_file ) ;
GET_CONF_STR ( conf , filename , cert_file ) ;
GET_CONF_STR ( conf , filename , ca_file ) ;
GET_CONF_STR ( conf , filename , crl_file ) ;
2007-06-11 20:04:54 +08:00
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
if ( remoteConfigGetStringList ( conf , " tls_allowed_dn_list " ,
& tls_allowed_dn_list , filename ) < 0 )
goto free_and_fail ;
2007-06-11 20:04:54 +08:00
2007-12-06 03:25:44 +08:00
if ( remoteReadSaslAllowedUsernameList ( conf , server , filename ) < 0 )
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
goto free_and_fail ;
2007-06-11 20:04:54 +08:00
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
virConfFree ( conf ) ;
return 0 ;
2007-06-11 20:04:54 +08:00
Detect heap allocation failure; factor out some duplication.
* qemud/qemud.c (tls_port, tcp_port, mdns_name, tls_allowed_ip_list):
(tls_allowed_dn_list): Remove "const", now that we free these.
(unix_sock_rw_mask): Rename from unix_sock_rw_perms, so that
the latter name can be used as a local string variable, so that the
variable name matches the config attribute name.
(unix_sock_ro_mask): Rename from unix_sock_ro_perms, likewise.
(remoteCheckDN, remoteCheckAccess): Adapt to const removal.
(qemudDispatchServer): Check for heap allocation failure.
(remoteConfigGetStringList): New function, based on code from Dan Berrangé.
(CHECK_TYPE): Remove macro.
(checkType): New function.
(GET_CONF_INT, GET_CONF_STR): New macros.
(remoteReadConfigFile): Use new macros to avoid duplication and to
check for allocation failure.
* src/conf.h (virConfTypeName): New static inline function.
2007-11-30 23:43:42 +08:00
free_and_fail :
virConfFree ( conf ) ;
free ( mdns_name ) ;
mdns_name = NULL ;
free ( unix_sock_ro_perms ) ;
free ( unix_sock_rw_perms ) ;
free ( unix_sock_group ) ;
/* Don't bother trying to free tcp_port, tls_port, key_file, cert_file,
ca_file , or crl_file , since they are initialized to non - malloc ' d
strings . Besides , these are static variables , and callers are
unlikely to call this function more than once , so there wouldn ' t
even be a real leak . */
if ( tls_allowed_dn_list ) {
int i ;
for ( i = 0 ; tls_allowed_dn_list [ i ] ; i + + )
free ( tls_allowed_dn_list [ i ] ) ;
free ( tls_allowed_dn_list ) ;
tls_allowed_dn_list = NULL ;
}
return - 1 ;
2007-06-11 20:04:54 +08:00
}
2007-04-04 17:32:00 +08:00
/* Print command-line usage. */
static void
usage ( const char * argv0 )
{
fprintf ( stderr ,
2007-06-11 20:04:54 +08:00
" \n \
Usage : \ n \
% s [ options ] \ n \
\ n \
Options : \ n \
- v | - - verbose Verbose messages . \ n \
- d | - - daemon Run as a daemon & write PID file . \ n \
2007-06-27 07:48:46 +08:00
- l | - - listen Listen for TCP / IP connections . \ n \
- t | - - timeout < secs > Exit after timeout period . \ n \
2007-08-07 21:24:22 +08:00
- f | - - config < file > Configuration file . \ n \
2007-06-11 20:04:54 +08:00
- p | - - pid - file < file > Change name of PID file . \ n \
\ n \
2007-06-27 07:48:46 +08:00
libvirt management daemon : \ n \
2007-06-11 20:04:54 +08:00
\ n \
Default paths : \ n \
\ n \
2007-06-27 07:48:46 +08:00
Configuration file ( unless overridden by - c ) : \ n \
2007-06-11 20:04:54 +08:00
" SYSCONF_DIR " / libvirt / libvirtd . conf \ n \
\ n \
2007-06-27 07:48:46 +08:00
Sockets ( as root ) : \ n \
2007-06-11 20:04:54 +08:00
" LOCAL_STATE_DIR " / run / libvirt / libvirt - sock \ n \
" LOCAL_STATE_DIR " / run / libvirt / libvirt - sock - ro \ n \
2007-06-27 07:48:46 +08:00
\ n \
Sockets ( as non - root ) : \ n \
$ HOME / . libvirt / libvirt - sock ( in UNIX abstract namespace ) \ n \
2007-06-11 20:04:54 +08:00
\ n \
TLS : \ n \
CA certificate : " LIBVIRT_CACERT " \ n \
Server certificate : " LIBVIRT_SERVERCERT " \ n \
Server private key : " LIBVIRT_SERVERKEY " \ n \
\ n \
PID file ( unless overridden by - - pid - file ) : \ n \
% s \ n \
\ n " ,
argv0 ,
REMOTE_PID_FILE [ 0 ] ! = ' \0 '
? REMOTE_PID_FILE
: " (disabled in ./configure) " ) ;
2007-04-04 17:32:00 +08:00
}
2007-02-14 09:40:09 +08:00
# define MAX_LISTEN 5
int main ( int argc , char * * argv ) {
struct qemud_server * server ;
2007-02-17 02:28:17 +08:00
struct sigaction sig_action ;
int sigpipe [ 2 ] ;
2007-06-11 20:04:54 +08:00
const char * pid_file = NULL ;
const char * remote_config_file = SYSCONF_DIR " /libvirt/libvirtd.conf " ;
2007-02-23 20:48:36 +08:00
int ret = 1 ;
2007-02-14 09:40:09 +08:00
struct option opts [ ] = {
{ " verbose " , no_argument , & verbose , 1 } ,
{ " daemon " , no_argument , & godaemon , 1 } ,
2007-06-27 07:48:46 +08:00
{ " listen " , no_argument , & ipsock , 1 } ,
2007-08-07 21:24:22 +08:00
{ " config " , required_argument , NULL , ' f ' } ,
2007-04-04 17:32:00 +08:00
{ " timeout " , required_argument , NULL , ' t ' } ,
{ " pid-file " , required_argument , NULL , ' p ' } ,
{ " help " , no_argument , NULL , ' ? ' } ,
2007-02-14 09:40:09 +08:00
{ 0 , 0 , 0 , 0 }
} ;
while ( 1 ) {
int optidx = 0 ;
int c ;
char * tmp ;
2007-08-07 21:24:22 +08:00
c = getopt_long ( argc , argv , " ldf:p:t:v " , opts , & optidx ) ;
2007-02-14 09:40:09 +08:00
if ( c = = - 1 ) {
break ;
}
switch ( c ) {
case 0 :
/* Got one of the flags */
break ;
case ' v ' :
verbose = 1 ;
break ;
case ' d ' :
godaemon = 1 ;
break ;
2007-06-27 07:48:46 +08:00
case ' l ' :
ipsock = 1 ;
2007-02-14 09:40:09 +08:00
break ;
case ' t ' :
2008-02-08 17:15:16 +08:00
if ( virStrToLong_i ( optarg , & tmp , 10 , & timeout ) ! = 0
2007-11-14 18:53:05 +08:00
| | timeout < = 0
/* Ensure that we can multiply by 1000 without overflowing. */
| | timeout > INT_MAX / 1000 )
2007-02-14 09:40:09 +08:00
timeout = - 1 ;
break ;
2007-02-23 20:48:36 +08:00
case ' p ' :
2007-06-11 20:04:54 +08:00
pid_file = optarg ;
break ;
case ' f ' :
remote_config_file = optarg ;
2007-02-23 20:48:36 +08:00
break ;
2007-02-14 09:40:09 +08:00
case ' ? ' :
2007-04-04 17:32:00 +08:00
usage ( argv [ 0 ] ) ;
2007-02-14 09:40:09 +08:00
return 2 ;
default :
2007-08-07 21:24:22 +08:00
fprintf ( stderr , " libvirtd: internal error: unknown flag: %c \n " ,
c ) ;
exit ( 1 ) ;
2007-02-14 09:40:09 +08:00
}
}
2007-02-17 02:28:17 +08:00
if ( pipe ( sigpipe ) < 0 | |
qemudSetNonBlock ( sigpipe [ 0 ] ) < 0 | |
2008-02-20 23:47:06 +08:00
qemudSetNonBlock ( sigpipe [ 1 ] ) < 0 | |
qemudSetCloseExec ( sigpipe [ 0 ] ) < 0 | |
qemudSetCloseExec ( sigpipe [ 1 ] ) < 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " Failed to create pipe: %s " ) ,
2007-02-17 02:30:55 +08:00
strerror ( errno ) ) ;
2007-02-23 20:48:36 +08:00
goto error1 ;
2007-02-17 02:30:55 +08:00
}
2007-02-17 02:28:17 +08:00
sigwrite = sigpipe [ 1 ] ;
2007-12-05 23:34:05 +08:00
if ( ! ( server = qemudInitialize ( sigpipe [ 0 ] ) ) ) {
ret = 2 ;
goto error1 ;
}
2007-02-17 02:28:17 +08:00
2007-12-05 23:34:05 +08:00
/* Read the config file (if it exists). */
if ( remoteReadConfigFile ( server , remote_config_file ) < 0 )
goto error1 ;
2007-02-14 09:40:09 +08:00
if ( godaemon ) {
2007-12-05 23:34:05 +08:00
int pid ;
openlog ( " libvirtd " , 0 , 0 ) ;
pid = qemudGoDaemon ( ) ;
2007-02-17 02:30:55 +08:00
if ( pid < 0 ) {
Mark all qemudLog diagnostics for translation.
* po/POTFILES.in: Add names of many new files.
* Makefile.maint (err_func_re): Add qemudLog.
Mark diagnostics with _(...). Split some long lines.
* qemud/qemud.c (remoteCheckCertFile, remoteInitializeGnuTLS):
(qemudDispatchSignalEvent, qemudSetCloseExec, qemudSetNonBlock):
(qemudWritePidFile, qemudListenUnix, remoteMakeSockets):
(remoteListenTCP, qemudInitPaths, qemudInitialize):
(qemudNetworkInit, remoteInitializeTLSSession, remoteCheckDN):
(remoteCheckCertificate, remoteCheckAccess, qemudDispatchServer):
(qemudClientReadBuf, qemudDispatchClientRead):
(qemudClientWriteBuf, qemudDispatchClientWrite, qemudOneLoop):
(remoteConfigGetStringList, checkType, GET_CONF_STR):
(remoteConfigGetAuth, remoteReadConfigFile, main):
* qemud/remote.c (remoteDispatchAuthSaslInit, remoteSASLCheckSSF):
(remoteSASLCheckAccess, remoteDispatchAuthSaslStart):
(remoteDispatchAuthSaslStep, remoteDispatchAuthSaslInit):
(remoteDispatchAuthSaslStart, remoteDispatchAuthSaslStep):
(qemudGetSocketIdentity, remoteDispatchAuthPolkit):
* src/iptables.c (notifyRulesUpdated, MAX_FILE_LEN, iptRulesSave):
(iptRulesReload):
* src/qemu_conf.c (qemudExtractVersionInfo, qemudLoadConfig):
(qemudLoadNetworkConfig, qemudScanConfigDir):
* src/qemu_driver.c (qemudSetCloseExec, qemudSetNonBlock):
(qemudAutostartConfigs, qemudStartup, qemudReload):
(qemudWaitForMonitor, qemudStartVMDaemon, qemudVMData):
(qemudShutdownVMDaemon, qemudStartNetworkDaemon):
(qemudShutdownNetworkDaemon, qemudMonitorCommand):
(qemudDomainUndefine, qemudNetworkUndefine):
* src/uuid.c (virUUIDGenerate):
* src/xm_internal.c (xenXMAttachInterface):
2008-02-08 00:50:17 +08:00
qemudLog ( QEMUD_ERR , _ ( " Failed to fork as daemon: %s " ) ,
2007-02-17 02:30:55 +08:00
strerror ( errno ) ) ;
2007-02-23 20:48:36 +08:00
goto error1 ;
2007-02-17 02:30:55 +08:00
}
2007-02-14 09:40:09 +08:00
if ( pid > 0 )
2007-02-23 20:48:36 +08:00
goto out ;
2007-06-11 20:04:54 +08:00
/* Choose the name of the PID file. */
if ( ! pid_file ) {
2007-06-27 07:48:46 +08:00
if ( REMOTE_PID_FILE [ 0 ] ! = ' \0 ' )
pid_file = REMOTE_PID_FILE ;
2007-06-11 20:04:54 +08:00
}
if ( pid_file & & qemudWritePidFile ( pid_file ) < 0 )
2007-02-23 20:48:36 +08:00
goto error1 ;
2007-02-14 09:40:09 +08:00
}
2007-12-05 23:34:05 +08:00
sig_action . sa_handler = sig_handler ;
sig_action . sa_flags = 0 ;
sigemptyset ( & sig_action . sa_mask ) ;
sigaction ( SIGHUP , & sig_action , NULL ) ;
sigaction ( SIGINT , & sig_action , NULL ) ;
sigaction ( SIGQUIT , & sig_action , NULL ) ;
sigaction ( SIGTERM , & sig_action , NULL ) ;
sigaction ( SIGCHLD , & sig_action , NULL ) ;
sig_action . sa_handler = SIG_IGN ;
sigaction ( SIGPIPE , & sig_action , NULL ) ;
2007-02-14 09:40:09 +08:00
2007-06-27 06:51:01 +08:00
if ( virEventAddHandleImpl ( sigpipe [ 0 ] ,
POLLIN ,
qemudDispatchSignalEvent ,
server ) < 0 ) {
2008-02-23 00:26:13 +08:00
qemudLog ( QEMUD_ERR ,
" %s " , _ ( " Failed to register callback for signal pipe " ) ) ;
2007-06-27 03:11:00 +08:00
ret = 3 ;
goto error2 ;
}
2007-12-05 23:34:05 +08:00
if ( ! ( server = qemudNetworkInit ( server ) ) ) {
ret = 2 ;
goto error2 ;
}
2007-06-11 20:04:54 +08:00
qemudRunLoop ( server ) ;
2007-02-14 09:40:09 +08:00
qemudCleanup ( server ) ;
2007-02-17 02:28:17 +08:00
close ( sigwrite ) ;
2007-02-17 02:30:55 +08:00
if ( godaemon )
closelog ( ) ;
2007-02-23 20:48:36 +08:00
out :
ret = 0 ;
error2 :
2007-06-11 20:04:54 +08:00
if ( godaemon & & pid_file )
unlink ( pid_file ) ;
2007-02-23 20:48:36 +08:00
error1 :
return ret ;
2007-02-14 09:40:09 +08:00
}
/*
* Local variables :
* indent - tabs - mode : nil
* c - indent - level : 4
* c - basic - offset : 4
* tab - width : 4
* End :
*/