[libvirt PATCH v3 16/18] qemu: pass sensitive data to nbdkit via pipe
Jonathon Jongsma
jjongsma at redhat.com
Thu Oct 20 21:59:07 UTC 2022
Rather than passing passwords and cookies (which could contain
passwords) to nbdkit via commandline arguments, use the alternate format
that nbdkit supports where we can specify a file descriptor which nbdkit
will read to get the password or cookies.
Signed-off-by: Jonathon Jongsma <jjongsma at redhat.com>
---
build-aux/syntax-check.mk | 4 +-
src/qemu/qemu_nbdkit.c | 64 ++++++++++++-----
src/util/vircommand.c | 3 +-
src/util/virutil.h | 2 +-
.../disk-cdrom-network.args.disk0 | 7 ++
.../disk-cdrom-network.args.disk1 | 9 +++
.../disk-cdrom-network.args.disk1.pipe.1778 | 1 +
.../disk-cdrom-network.args.disk2 | 9 +++
.../disk-cdrom-network.args.disk2.pipe.1780 | 1 +
.../disk-network-http.args.disk0 | 7 ++
.../disk-network-http.args.disk1 | 6 ++
.../disk-network-http.args.disk2 | 7 ++
.../disk-network-http.args.disk2.pipe.1778 | 1 +
.../disk-network-http.args.disk3 | 8 +++
.../disk-network-http.args.disk3.pipe.1780 | 1 +
...work-source-curl-nbdkit-backing.args.disk0 | 8 +++
...e-curl-nbdkit-backing.args.disk0.pipe.1778 | 1 +
.../disk-network-source-curl.args.disk0 | 8 +++
...k-network-source-curl.args.disk0.pipe.1778 | 1 +
.../disk-network-source-curl.args.disk1 | 8 +++
...k-network-source-curl.args.disk1.pipe.1780 | 1 +
.../disk-network-source-curl.args.disk2 | 8 +++
...k-network-source-curl.args.disk2.pipe.1782 | 1 +
.../disk-network-source-curl.args.disk3 | 7 ++
.../disk-network-source-curl.args.disk4 | 7 ++
tests/qemunbdkittest.c | 69 +++++++++++++++++--
26 files changed, 219 insertions(+), 30 deletions(-)
create mode 100644 tests/qemunbdkitdata/disk-cdrom-network.args.disk0
create mode 100644 tests/qemunbdkitdata/disk-cdrom-network.args.disk1
create mode 100644 tests/qemunbdkitdata/disk-cdrom-network.args.disk1.pipe.1778
create mode 100644 tests/qemunbdkitdata/disk-cdrom-network.args.disk2
create mode 100644 tests/qemunbdkitdata/disk-cdrom-network.args.disk2.pipe.1780
create mode 100644 tests/qemunbdkitdata/disk-network-http.args.disk0
create mode 100644 tests/qemunbdkitdata/disk-network-http.args.disk1
create mode 100644 tests/qemunbdkitdata/disk-network-http.args.disk2
create mode 100644 tests/qemunbdkitdata/disk-network-http.args.disk2.pipe.1778
create mode 100644 tests/qemunbdkitdata/disk-network-http.args.disk3
create mode 100644 tests/qemunbdkitdata/disk-network-http.args.disk3.pipe.1780
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl-nbdkit-backing.args.disk0
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl-nbdkit-backing.args.disk0.pipe.1778
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk0
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk0.pipe.1778
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk1
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk1.pipe.1780
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk2
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk2.pipe.1782
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk3
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk4
diff --git a/build-aux/syntax-check.mk b/build-aux/syntax-check.mk
index 68cd9dff5f..d44b1e5b17 100644
--- a/build-aux/syntax-check.mk
+++ b/build-aux/syntax-check.mk
@@ -1355,10 +1355,10 @@ exclude_file_name_regexp--sc_prohibit_strdup = \
^(docs/|examples/|tests/virnetserverclientmock.c|tests/commandhelper.c|tools/nss/libvirt_nss_(leases|macs)\.c$$)
exclude_file_name_regexp--sc_prohibit_close = \
- (\.p[yl]$$|\.spec\.in$$|^docs/|^(src/util/vir(file|event)\.c|src/libvirt-stream\.c|tests/(vir.+mock\.c|commandhelper\.c|qemusecuritymock\.c)|tools/nss/libvirt_nss_(leases|macs)\.c)|tools/virt-qemu-qmp-proxy$$)
+ (\.p[yl]$$|\.spec\.in$$|^docs/|^(src/util/vir(file|event)\.c|src/libvirt-stream\.c|tests/(vir.+mock\.c|commandhelper\.c|qemusecuritymock\.c|qemunbdkittest\.c)|tools/nss/libvirt_nss_(leases|macs)\.c)|tools/virt-qemu-qmp-proxy$$)
exclude_file_name_regexp--sc_prohibit_empty_lines_at_EOF = \
- (^tests/(nodedevmdevctl|virhostcpu|virpcitest|virstoragetest)data/|docs/js/.*\.js|docs/fonts/.*\.woff|\.diff|tests/virconfdata/no-newline\.conf$$)
+ (^tests/(nodedevmdevctl|virhostcpu|virpcitest|virstoragetest|qemunbdkit)data/|docs/js/.*\.js|docs/fonts/.*\.woff|\.diff|tests/virconfdata/no-newline\.conf$$)
exclude_file_name_regexp--sc_prohibit_fork_wrappers = \
(^(src/(util/(vircommand|virdaemon)|lxc/lxc_controller)|tests/testutils)\.c$$)
diff --git a/src/qemu/qemu_nbdkit.c b/src/qemu/qemu_nbdkit.c
index 882a074211..0a0dc5d2a4 100644
--- a/src/qemu/qemu_nbdkit.c
+++ b/src/qemu/qemu_nbdkit.c
@@ -55,6 +55,7 @@ VIR_ENUM_IMPL(qemuNbdkitCaps,
"filter-readahead", /* QEMU_NBDKIT_CAPS_FILTER_READAHEAD */
);
+
struct _qemuNbdkitCaps {
GObject parent;
@@ -71,6 +72,12 @@ struct _qemuNbdkitCaps {
G_DEFINE_TYPE(qemuNbdkitCaps, qemu_nbdkit_caps, G_TYPE_OBJECT);
+enum {
+ PIPE_FD_READ = 0,
+ PIPE_FD_WRITE = 1
+};
+
+
static void
qemuNbdkitCheckCommandCap(qemuNbdkitCaps *nbdkit,
virCommand *cmd,
@@ -729,6 +736,29 @@ qemuNbdkitStopStorageSource(virStorageSource *src)
}
+static int
+qemuNbdkitCommandPassDataByPipe(virCommand *cmd,
+ const char *argName,
+ unsigned char *buf,
+ size_t buflen)
+{
+ g_autofree char *fdfmt = NULL;
+ int fd = virCommandSetSendBuffer(cmd, buf, buflen);
+
+ if (fd < 0)
+ return -1;
+
+ /* some nbdkit arguments accept a variation where nbdkit will read the data
+ * from a file descriptor, e.g. password=-FD */
+ fdfmt = g_strdup_printf("-%i", fd);
+ virCommandAddArgPair(cmd, argName, fdfmt);
+
+ virCommandDoAsyncIO(cmd);
+
+ return 0;
+}
+
+
static int
qemuNbdkitProcessBuildCommandCurl(qemuNbdkitProcess *proc,
virCommand *cmd)
@@ -744,10 +774,10 @@ qemuNbdkitProcessBuildCommandCurl(qemuNbdkitProcess *proc,
if (proc->source->auth) {
g_autoptr(virConnect) conn = virGetConnectSecret();
- g_autofree uint8_t *secret = NULL;
+ uint8_t *secret = NULL;
size_t secretlen = 0;
- g_autofree char *password = NULL;
int secrettype;
+ virStorageAuthDef *authdef = proc->source->auth;
virCommandAddArgPair(cmd, "user",
proc->source->auth->username);
@@ -760,7 +790,7 @@ qemuNbdkitProcessBuildCommandCurl(qemuNbdkitProcess *proc,
}
if (virSecretGetSecretString(conn,
- &proc->source->auth->seclookupdef,
+ &authdef->seclookupdef,
secrettype,
&secret,
&secretlen) < 0) {
@@ -769,24 +799,20 @@ qemuNbdkitProcessBuildCommandCurl(qemuNbdkitProcess *proc,
return -1;
}
- /* ensure that the secret is a NULL-terminated string */
- password = g_strndup((char*)secret, secretlen);
-
- /* for now, just report an error rather than passing the password in
- * cleartext on the commandline */
- virReportError(VIR_ERR_INTERNAL_ERROR,
- "%s",
- "Password not yet supported for nbdkit sources");
- return -1;
+ if (qemuNbdkitCommandPassDataByPipe(cmd, "password",
+ secret, secretlen) < 0)
+ return -1;
}
- if (proc->source->ncookies > 0) {
- /* for now, just report an error rather than passing cookies in
- * cleartext on the commandline */
- virReportError(VIR_ERR_INTERNAL_ERROR,
- "%s",
- "Cookies not yet supported for nbdkit sources");
- return -1;
+ /* Create a pipe to send the cookies to the nbdkit process. */
+ if (proc->source->ncookies) {
+ char *cookies =
+ qemuBlockStorageSourceGetCookieString(proc->source);
+
+ if (qemuNbdkitCommandPassDataByPipe(cmd, "cookie",
+ (unsigned char*)cookies,
+ strlen(cookies)) < 0)
+ return -1;
}
if (proc->source->sslverify == VIR_TRISTATE_BOOL_NO) {
diff --git a/src/util/vircommand.c b/src/util/vircommand.c
index 014bab9196..838eb6bd16 100644
--- a/src/util/vircommand.c
+++ b/src/util/vircommand.c
@@ -1703,7 +1703,8 @@ virCommandSetSendBuffer(virCommand *cmd,
return -1;
}
- if (fcntl(pipefd[1], F_SETFL, O_NONBLOCK) < 0) {
+ if (!(dryRunBuffer || dryRunCallback) &&
+ fcntl(pipefd[1], F_SETFL, O_NONBLOCK) < 0) {
cmd->has_error = errno;
VIR_FORCE_CLOSE(pipefd[0]);
VIR_FORCE_CLOSE(pipefd[1]);
diff --git a/src/util/virutil.h b/src/util/virutil.h
index ab8511bf8d..094b399859 100644
--- a/src/util/virutil.h
+++ b/src/util/virutil.h
@@ -186,7 +186,7 @@ char *virGetPassword(void);
*
* Returns: -1 on error, 0 on success
*/
-int virPipe(int fds[2]);
+int virPipe(int fds[2]) G_NO_INLINE;
/*
* virPipeQuiet:
diff --git a/tests/qemunbdkitdata/disk-cdrom-network.args.disk0 b/tests/qemunbdkitdata/disk-cdrom-network.args.disk0
new file mode 100644
index 0000000000..5f3a795ba0
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-cdrom-network.args.disk0
@@ -0,0 +1,7 @@
+nbdkit \
+--exit-with-parent \
+--unix /tmp/statedir-0/nbdkit-test-disk-0.socket \
+--foreground \
+--readonly curl \
+protocols=ftp \
+url=ftp://host.name:21/url/path/file.iso
diff --git a/tests/qemunbdkitdata/disk-cdrom-network.args.disk1 b/tests/qemunbdkitdata/disk-cdrom-network.args.disk1
new file mode 100644
index 0000000000..12c0dcaf0e
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-cdrom-network.args.disk1
@@ -0,0 +1,9 @@
+nbdkit \
+--exit-with-parent \
+--unix /tmp/statedir-1/nbdkit-test-disk-1.socket \
+--foreground \
+--readonly curl \
+protocols=ftps \
+url=ftps://host.name:990/url/path/file.iso \
+user=testuser \
+password=-1777
diff --git a/tests/qemunbdkitdata/disk-cdrom-network.args.disk1.pipe.1778 b/tests/qemunbdkitdata/disk-cdrom-network.args.disk1.pipe.1778
new file mode 100644
index 0000000000..ccdd4033fc
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-cdrom-network.args.disk1.pipe.1778
@@ -0,0 +1 @@
+iscsi-mycluster_myname-secret
\ No newline at end of file
diff --git a/tests/qemunbdkitdata/disk-cdrom-network.args.disk2 b/tests/qemunbdkitdata/disk-cdrom-network.args.disk2
new file mode 100644
index 0000000000..d41337a089
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-cdrom-network.args.disk2
@@ -0,0 +1,9 @@
+nbdkit \
+--exit-with-parent \
+--unix /tmp/statedir-2/nbdkit-test-disk-2.socket \
+--foreground \
+--readonly curl \
+protocols=https \
+'url=https://host.name:443/url/path/file.iso?test=val' \
+user=testuser \
+password=-1779
diff --git a/tests/qemunbdkitdata/disk-cdrom-network.args.disk2.pipe.1780 b/tests/qemunbdkitdata/disk-cdrom-network.args.disk2.pipe.1780
new file mode 100644
index 0000000000..ccdd4033fc
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-cdrom-network.args.disk2.pipe.1780
@@ -0,0 +1 @@
+iscsi-mycluster_myname-secret
\ No newline at end of file
diff --git a/tests/qemunbdkitdata/disk-network-http.args.disk0 b/tests/qemunbdkitdata/disk-network-http.args.disk0
new file mode 100644
index 0000000000..fa8ef90cd1
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-network-http.args.disk0
@@ -0,0 +1,7 @@
+nbdkit \
+--exit-with-parent \
+--unix /tmp/statedir-0/nbdkit-test-disk-0.socket \
+--foreground curl \
+protocols=http \
+url=http://example.org:80/test.img \
+timeout=1234
diff --git a/tests/qemunbdkitdata/disk-network-http.args.disk1 b/tests/qemunbdkitdata/disk-network-http.args.disk1
new file mode 100644
index 0000000000..9bac3fe229
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-network-http.args.disk1
@@ -0,0 +1,6 @@
+nbdkit \
+--exit-with-parent \
+--unix /tmp/statedir-1/nbdkit-test-disk-1.socket \
+--foreground curl \
+protocols=https \
+url=https://example.org:443/test2.img
diff --git a/tests/qemunbdkitdata/disk-network-http.args.disk2 b/tests/qemunbdkitdata/disk-network-http.args.disk2
new file mode 100644
index 0000000000..2d39b6c259
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-network-http.args.disk2
@@ -0,0 +1,7 @@
+nbdkit \
+--exit-with-parent \
+--unix /tmp/statedir-2/nbdkit-test-disk-2.socket \
+--foreground curl \
+protocols=http \
+url=http://example.org:1234/test3.img \
+cookie=-1777
diff --git a/tests/qemunbdkitdata/disk-network-http.args.disk2.pipe.1778 b/tests/qemunbdkitdata/disk-network-http.args.disk2.pipe.1778
new file mode 100644
index 0000000000..2c42c95930
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-network-http.args.disk2.pipe.1778
@@ -0,0 +1 @@
+test=testcookievalue; test2="blurb"
\ No newline at end of file
diff --git a/tests/qemunbdkitdata/disk-network-http.args.disk3 b/tests/qemunbdkitdata/disk-network-http.args.disk3
new file mode 100644
index 0000000000..54f12f5c9e
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-network-http.args.disk3
@@ -0,0 +1,8 @@
+nbdkit \
+--exit-with-parent \
+--unix /tmp/statedir-3/nbdkit-test-disk-3.socket \
+--foreground curl \
+protocols=https \
+'url=https://example.org:1234/test4.img?par=val&other=ble' \
+cookie=-1779 \
+sslverify=false
diff --git a/tests/qemunbdkitdata/disk-network-http.args.disk3.pipe.1780 b/tests/qemunbdkitdata/disk-network-http.args.disk3.pipe.1780
new file mode 100644
index 0000000000..2c42c95930
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-network-http.args.disk3.pipe.1780
@@ -0,0 +1 @@
+test=testcookievalue; test2="blurb"
\ No newline at end of file
diff --git a/tests/qemunbdkitdata/disk-network-source-curl-nbdkit-backing.args.disk0 b/tests/qemunbdkitdata/disk-network-source-curl-nbdkit-backing.args.disk0
new file mode 100644
index 0000000000..eb479b996f
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-network-source-curl-nbdkit-backing.args.disk0
@@ -0,0 +1,8 @@
+nbdkit \
+--exit-with-parent \
+--unix /tmp/statedir-0/nbdkit-test-disk-0.socket \
+--foreground \
+--readonly curl \
+protocols=https \
+url=https://https.example.org:8443/path/to/disk1.qcow2 \
+cookie=-1777
diff --git a/tests/qemunbdkitdata/disk-network-source-curl-nbdkit-backing.args.disk0.pipe.1778 b/tests/qemunbdkitdata/disk-network-source-curl-nbdkit-backing.args.disk0.pipe.1778
new file mode 100644
index 0000000000..20af4ae383
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-network-source-curl-nbdkit-backing.args.disk0.pipe.1778
@@ -0,0 +1 @@
+cookie1=cookievalue1; cookie2=cookievalue2
\ No newline at end of file
diff --git a/tests/qemunbdkitdata/disk-network-source-curl.args.disk0 b/tests/qemunbdkitdata/disk-network-source-curl.args.disk0
new file mode 100644
index 0000000000..cf2c0b7184
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-network-source-curl.args.disk0
@@ -0,0 +1,8 @@
+nbdkit \
+--exit-with-parent \
+--unix /tmp/statedir-0/nbdkit-test-disk-0.socket \
+--foreground \
+--readonly curl \
+protocols=https \
+url=https://https.example.org:8443/path/to/disk1.iso \
+cookie=-1777
diff --git a/tests/qemunbdkitdata/disk-network-source-curl.args.disk0.pipe.1778 b/tests/qemunbdkitdata/disk-network-source-curl.args.disk0.pipe.1778
new file mode 100644
index 0000000000..20af4ae383
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-network-source-curl.args.disk0.pipe.1778
@@ -0,0 +1 @@
+cookie1=cookievalue1; cookie2=cookievalue2
\ No newline at end of file
diff --git a/tests/qemunbdkitdata/disk-network-source-curl.args.disk1 b/tests/qemunbdkitdata/disk-network-source-curl.args.disk1
new file mode 100644
index 0000000000..13f03c545e
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-network-source-curl.args.disk1
@@ -0,0 +1,8 @@
+nbdkit \
+--exit-with-parent \
+--unix /tmp/statedir-1/nbdkit-test-disk-1.socket \
+--foreground curl \
+protocols=https \
+'url=https://https.example.org:8443/path/to/disk5.iso?foo=bar' \
+cookie=-1779 \
+sslverify=false
diff --git a/tests/qemunbdkitdata/disk-network-source-curl.args.disk1.pipe.1780 b/tests/qemunbdkitdata/disk-network-source-curl.args.disk1.pipe.1780
new file mode 100644
index 0000000000..20af4ae383
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-network-source-curl.args.disk1.pipe.1780
@@ -0,0 +1 @@
+cookie1=cookievalue1; cookie2=cookievalue2
\ No newline at end of file
diff --git a/tests/qemunbdkitdata/disk-network-source-curl.args.disk2 b/tests/qemunbdkitdata/disk-network-source-curl.args.disk2
new file mode 100644
index 0000000000..490aea3393
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-network-source-curl.args.disk2
@@ -0,0 +1,8 @@
+nbdkit \
+--exit-with-parent \
+--unix /tmp/statedir-2/nbdkit-test-disk-2.socket \
+--foreground \
+--readonly curl \
+protocols=http \
+url=http://http.example.org:8080/path/to/disk2.iso \
+cookie=-1781
diff --git a/tests/qemunbdkitdata/disk-network-source-curl.args.disk2.pipe.1782 b/tests/qemunbdkitdata/disk-network-source-curl.args.disk2.pipe.1782
new file mode 100644
index 0000000000..5c035e84c5
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-network-source-curl.args.disk2.pipe.1782
@@ -0,0 +1 @@
+cookie1=cookievalue1; cookie2=cookievalue2; cookie3=cookievalue3
\ No newline at end of file
diff --git a/tests/qemunbdkitdata/disk-network-source-curl.args.disk3 b/tests/qemunbdkitdata/disk-network-source-curl.args.disk3
new file mode 100644
index 0000000000..bc28f04564
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-network-source-curl.args.disk3
@@ -0,0 +1,7 @@
+nbdkit \
+--exit-with-parent \
+--unix /tmp/statedir-3/nbdkit-test-disk-3.socket \
+--foreground \
+--readonly curl \
+protocols=ftp \
+url=ftp://ftp.example.org:20/path/to/disk3.iso
diff --git a/tests/qemunbdkitdata/disk-network-source-curl.args.disk4 b/tests/qemunbdkitdata/disk-network-source-curl.args.disk4
new file mode 100644
index 0000000000..7c3cc711ae
--- /dev/null
+++ b/tests/qemunbdkitdata/disk-network-source-curl.args.disk4
@@ -0,0 +1,7 @@
+nbdkit \
+--exit-with-parent \
+--unix /tmp/statedir-4/nbdkit-test-disk-4.socket \
+--foreground \
+--readonly curl \
+protocols=ftps \
+url=ftps://ftps.example.org:22/path/to/disk4.iso
diff --git a/tests/qemunbdkittest.c b/tests/qemunbdkittest.c
index c7fa80b9c5..49888ab8a1 100644
--- a/tests/qemunbdkittest.c
+++ b/tests/qemunbdkittest.c
@@ -1,5 +1,6 @@
#include <config.h>
+#include <fcntl.h>
#include "internal.h"
#include "testutils.h"
#include "testutilsqemu.h"
@@ -13,6 +14,7 @@
#include "virutil.h"
#include "virsecret.h"
#include "datatypes.h"
+#include "virmock.h"
#define VIR_FROM_THIS VIR_FROM_QEMU
@@ -20,6 +22,45 @@ static virQEMUDriver driver;
/* Some mock implementations for testing */
+#define PIPE_FD_START 1777
+static int mockpipefd = PIPE_FD_START;
+int
+virPipeQuiet(int fds[2])
+{
+ fds[0] = mockpipefd++;
+ fds[1] = mockpipefd++;
+
+ if (fcntl(fds[0], F_GETFD) != -1 ||
+ fcntl(fds[1], F_GETFD) != -1)
+ abort();
+
+ return 0;
+}
+
+static int (*real_close)(int fd);
+static void
+init_syms(void)
+{
+ VIR_MOCK_REAL_INIT(close);
+}
+
+int
+close(int fd)
+{
+ int ret;
+
+ init_syms();
+
+ if (fd >= PIPE_FD_START)
+ ret = 0;
+ else
+ ret = real_close(fd);
+
+ return ret;
+}
+
+
+
int
virSecretGetSecretString(virConnectPtr conn G_GNUC_UNUSED,
virSecretLookupTypeDef *seclookupdef,
@@ -129,6 +170,9 @@ testNbdkit(const void *data)
size_t i;
int ret = 0;
+ /* restart mock pipe fds so tests are consistent */
+ mockpipefd = PIPE_FD_START;
+
if (!virFileExists(info->infile)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
"Test input file '%s' is missing", info->infile);
@@ -154,6 +198,9 @@ testNbdkit(const void *data)
g_autoptr(virCommandDryRunToken) dryRunToken = virCommandDryRunTokenNew();
g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER;
const char *actualCmdline = NULL;
+ virCommandSendBuffer *sendbuffers;
+ int nsendbuffers;
+ size_t j;
virCommandSetDryRun(dryRunToken, &buf, true, true, NULL, NULL);
cmd = qemuNbdkitProcessBuildCommand(srcPriv->nbdkitProcess);
@@ -162,15 +209,24 @@ testNbdkit(const void *data)
ret = -1;
continue;
}
+ virCommandPeekSendBuffers(cmd, &sendbuffers, &nsendbuffers);
if (!(actualCmdline = virBufferContentAndReset(&buf))) {
ret = -1;
continue;
}
- if (virTestCompareToFileFull(actualCmdline, cmdfile, false) < 0) {
+ if (virTestCompareToFileFull(actualCmdline, cmdfile, false) < 0)
ret = -1;
- continue;
+
+ for (j = 0; j < nsendbuffers; j++) {
+ virCommandSendBuffer *buffer = &sendbuffers[j];
+ g_autofree char *pipefile = g_strdup_printf("%s.pipe.%i",
+ cmdfile,
+ buffer->fd);
+
+ if (virTestCompareToFile((const char*)buffer->buffer, pipefile) < 0)
+ ret = -1;
}
} else {
if (virFileExists(cmdfile)) {
@@ -224,11 +280,10 @@ mymain(void)
#define DO_TEST_NOCAPS(_name) \
DO_TEST_FULL(_name, NBDKIT_ARG_END)
- /* disks with cookies / passwords are not yet supported */
- DO_TEST_FAILURE("disk-cdrom-network", QEMU_NBDKIT_CAPS_PLUGIN_CURL);
- DO_TEST_FAILURE("disk-network-http", QEMU_NBDKIT_CAPS_PLUGIN_CURL);
- DO_TEST_FAILURE("disk-network-source-curl-nbdkit-backing", QEMU_NBDKIT_CAPS_PLUGIN_CURL);
- DO_TEST_FAILURE("disk-network-source-curl", QEMU_NBDKIT_CAPS_PLUGIN_CURL);
+ DO_TEST("disk-cdrom-network", QEMU_NBDKIT_CAPS_PLUGIN_CURL);
+ DO_TEST("disk-network-http", QEMU_NBDKIT_CAPS_PLUGIN_CURL);
+ DO_TEST("disk-network-source-curl-nbdkit-backing", QEMU_NBDKIT_CAPS_PLUGIN_CURL);
+ DO_TEST("disk-network-source-curl", QEMU_NBDKIT_CAPS_PLUGIN_CURL);
DO_TEST("disk-network-ssh", QEMU_NBDKIT_CAPS_PLUGIN_SSH);
qemuTestDriverFree(&driver);
--
2.37.3
More information about the libvir-list
mailing list