[Libguestfs] [PATCH 2/2] Fix handling of passwords in URLs

Richard W.M. Jones rjones at redhat.com
Wed Apr 30 16:56:27 UTC 2014


On Wed, Apr 30, 2014 at 06:22:41PM +0200, Pino Toscano wrote:
> So far, passwords in URLs (eg http://user:password@host..) have been
> handled as part of the username, and thus passing
>   add-drive path username:username:password ...
> instead of
>   add-drive path username:username secret:password ...
> 
> Fix the parsing of URLs to handle passwords as separate elements,
> properly passing it as "secret" parameter for add-drive, and properly
> readd it when building URLs in the direct backend.
> 
> Furthmore, to keep curl- and ssh-based qemu drivers working with
> authenticated resources, make sure they can accept secrets.
> 
> Reported in comment #1 of RHBZ#1092583.

The patch looks good, at an initial read.  I'd be happier if it had a
test (see: fish/test-add-uri.sh), and if the test passes valgrind :-)

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-builder quickly builds VMs from scratch
http://libguestfs.org/virt-builder.1.html




More information about the Libguestfs mailing list