[Libvir] PATCH: 6/10: remote driver auth callback API

Mon Dec 3 22:53:04 UTC 2007

"Daniel P. Berrange" <berrange at redhat.com> wrote:
> This patch implements internal driver API for authentication callbacks
> in the remote driver. It is basically a bunch of code to bridge from
> the libvirt public API for auth/credentials and the SASL equivalent
> API. The libvirt API is very close in style to the SASL API so it is
> a fairly mechanical mapping.

Hi Dan,

I have to start by admitting I've never used or even looked at
policykit before.

> diff -r 98599cfde033 src/libvirt.c
> --- a/src/libvirt.c	Wed Nov 28 23:01:08 2007 -0500
> +++ b/src/libvirt.c	Wed Nov 28 23:29:58 2007 -0500
> @@ -62,6 +62,78 @@ static int initialized = 0;
>  #define DEBUG0
>  #define DEBUG(fs,...)
>  #endif /* !ENABLE_DEBUG */
> +
> +static int virConnectAuthCallbackDefault(virConnectCredentialPtr cred,
> +                                         unsigned int ncred,
> +                                         void *cbdata ATTRIBUTE_UNUSED) {
> +    int i;
> +
> +    for (i = 0 ; i < ncred ; i++) {
> +        char buf[1024];
> +        char *bufptr = buf;
> +
> +        printf("%s:", cred[i].prompt);
> +        fflush(stdout);

If printf or fflush fails, this probably return -1.

> +        switch (cred[i].type) {
> +        case VIR_CRED_USERNAME:
> +        case VIR_CRED_AUTHNAME:
> +        case VIR_CRED_ECHOPROMPT:
> +        case VIR_CRED_REALM:
> +            if (!fgets(buf, sizeof(buf), stdin)) {
> +                return -1;
> +            }

A consistency nit: you might want to make EOF be treated the same as
an empty name.  Currently typing EOF to fgets (which then returns NULL)
makes this code return -1, while entering an empty line doesn't.
At least with passwords, I confirmed that cvs login treats ^D like
the empty string.

On the other hand, an empty name probably makes no sense in many
applications.

> +            if (buf[strlen(buf)-1] == '\n')
> +                buf[strlen(buf)-1] = '\0';
> +            break;
> +
> +        case VIR_CRED_PASSPHRASE:
> +        case VIR_CRED_NOECHOPROMPT:
> +            bufptr = getpass("");

If getpass fails (it'd return NULL), return -1.
Otherwise, the following strdup would segfault.

> +            break;
> +        }
> +
> +        if (STREQ(bufptr, "") && cred[i].defresult)
> +            cred[i].result = strdup(cred[i].defresult);
> +        else
> +            cred[i].result = strdup(bufptr);
> +        if (!cred[i].result)
> +            return -1;
> +        cred[i].resultlen = strlen(cred[i].result);
> +    }
> +
> +    return 0;
> +}