conf: Don't format http cookies unless VIR_DOMAIN_DEF_FORMAT_SECURE is used

Starting with 3b076391be (v6.1.0-122-g3b076391be) we support http cookies. Since they may contain somewhat sensitive information we should not format them into the XML unless VIR_DOMAIN_DEF_FORMAT_SECURE is asserted. Reported-by: Han Han <hhan@redhat.com> Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-04-14 10:31:02 +02:00 · 2020-04-14 10:31:02 +02:00 · a5b064bf4b
parent 524de6cc35
commit a5b064bf4b
1 changed files with 6 additions and 2 deletions
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@ -24636,11 +24636,15 @@ virDomainSourceDefFormatSeclabel(virBufferPtr buf,

 static void
 virDomainDiskSourceFormatNetworkCookies(virBufferPtr buf,
-                                        virStorageSourcePtr src)
+                                        virStorageSourcePtr src,
+                                        unsigned int flags)
 {
    g_auto(virBuffer) childBuf = VIR_BUFFER_INIT_CHILD(buf);
    size_t i;

+    if (!(flags & VIR_DOMAIN_DEF_FORMAT_SECURE))
+        return;
+
    for (i = 0; i < src->ncookies; i++) {
        virBufferEscapeString(&childBuf, "<cookie name='%s'>", src->cookies[i]->name);
        virBufferEscapeString(&childBuf, "%s</cookie>\n", src->cookies[i]->value);
@ -24701,7 +24705,7 @@ virDomainDiskSourceFormatNetwork(virBufferPtr attrBuf,
                          virTristateBoolTypeToString(src->sslverify));
    }

-    virDomainDiskSourceFormatNetworkCookies(childBuf, src);
+    virDomainDiskSourceFormatNetworkCookies(childBuf, src, flags);

    if (src->readahead)
        virBufferAsprintf(childBuf, "<readahead size='%llu'/>\n", src->readahead);