[libvirt] [PATCH 08/10] Define XML syntax for password expiry
Eric Blake
eblake at redhat.com
Tue Nov 2 23:12:43 UTC 2010
On 11/01/2010 12:17 PM, Daniel P. Berrange wrote:
> This extends the XML syntax for <graphics> to allow a password
> expiry time to be set
>
> eg
>
> <graphics type='vnc' port='5900' autoport='yes' keymap='en-us' passwd='12345' passwdValidTo='2010-04-09T15:51:00'/>
>
> The timestamp is in UTC.
>
> * src/conf/domain_conf.h: Pull passwd out into separate struct
> virDomainGraphicsAuthDef to allow sharing between VNC & SPICE
> * src/conf/domain_conf.c: Add parsing/formatting of new passwdValidTo
> argument
> * src/opennebula/one_conf.c, src/qemu/qemu_conf.c, src/qemu/qemu_driver.c,
> src/xen/xend_internal.c, src/xen/xm_internal.c: Update for changed
> struct containing VNC password
> ---
> src/conf/domain_conf.c | 102 +++++++++++++++++++++++++++++++++++++++-----
> src/conf/domain_conf.h | 13 +++++-
> src/esx/esx_vmx.c | 6 +-
> src/opennebula/one_conf.c | 4 +-
> src/qemu/qemu_conf.c | 4 +-
> src/qemu/qemu_driver.c | 20 ++++----
> src/xen/xend_internal.c | 12 +++---
> src/xen/xm_internal.c | 12 +++---
> 8 files changed, 130 insertions(+), 43 deletions(-)
Where's the changes to docs/schemas/domain.rng and
docs/formatdomain.html.in?
Is passwdValidTo any better off as seconds since the Epoch (date +%s)
rather than an ISO time (date +%FT%T)? It boils down to a question of
which format is easier for machines to handle. Or maybe we should
support both formats, as it's pretty easy to tell them apart?
> @@ -3068,6 +3079,56 @@ error:
> goto cleanup;
> }
>
> +
> +static int
> +virDomainGraphicsAuthDefParseXML(xmlNodePtr node, virDomainGraphicsAuthDefPtr def)
> +{
> + char *validTo = NULL;
> +
> + def->passwd = virXMLPropString(node, "passwd");
> +
> + if (!def->passwd)
> + return 0;
> +
> + validTo = virXMLPropString(node, "passwdValidTo");
> + if (validTo) {
> + char *tmp;
> + struct tm tm;
> + memset(&tm, 0, sizeof(tm));
> + /* Expect: YYYY-MM-DDTHH:MM:SS (%d-%d-%dT%d:%d:%d) eg 2010-11-28T14:29:01 */
> + if (/* year */
> + virStrToLong_i(validTo, &tmp, 10, &tm.tm_year) < 0 || *tmp != '-' ||
> + /* month */
> + virStrToLong_i(tmp+1, &tmp, 10, &tm.tm_mon) < 0 || *tmp != '-' ||
> + /* day */
> + virStrToLong_i(tmp+1, &tmp, 10, &tm.tm_mday) < 0 || *tmp != 'T' ||
> + /* hour */
> + virStrToLong_i(tmp+1, &tmp, 10, &tm.tm_hour) < 0 || *tmp != ':' ||
> + /* minute */
> + virStrToLong_i(tmp+1, &tmp, 10, &tm.tm_min) < 0 || *tmp != ':' ||
> + /* second */
> + virStrToLong_i(tmp+1, &tmp, 10, &tm.tm_sec) < 0 || *tmp != '\0') {
> + virDomainReportError(VIR_ERR_INTERNAL_ERROR,
> + _("cannot parse password validity time '%s', expect YYYY-MM-DDTHH:MM:SS"),
> + validTo);
> + VIR_FREE(validTo);
> + VIR_FREE(def->passwd);
> + return -1;
> + }
> + VIR_FREE(validTo);
> +
> + tm.tm_year -= 1900; /* Human epoch starts at 0 BC, not 1900BC */
> + tm.tm_mon--; /* Humans start months at 1, computers at 0 */
> +
> + /* XXX this is broken it needs to be UTC not localtime */
> + def->validTo = timegm(&tm);
Is that XXX comment still correct, or are we using UTC time by virtue of
the timegm() call?
>
> +static void
> +virDomainGraphicsAuthDefFormatAttr(virBufferPtr buf,
> + virDomainGraphicsAuthDefPtr def)
> +{
> + if (!def->passwd)
> + return;
> +
> + virBufferEscapeString(buf, " passwd='%s'",
> + def->passwd);
Should this depend on whether VIR_DOMAIN_XML_SECURE is in effect...
> + if (def->expires) {
> + char strbuf[100];
> + struct tm tmbuf, *tm;
> + tm = gmtime_r(&def->validTo, &tmbuf);
> + strftime(strbuf, sizeof(strbuf), "%Y-%m-%dT%H:%M:%S", tm);
> + virBufferVSprintf(buf, " passwdValidTo='%s'", strbuf);
> + }
> +}
> +
> static int
> virDomainGraphicsDefFormat(virBufferPtr buf,
> virDomainGraphicsDefPtr def,
> @@ -6355,10 +6437,8 @@ virDomainGraphicsDefFormat(virBufferPtr buf,
> virBufferEscapeString(buf, " keymap='%s'",
> def->data.vnc.keymap);
>
> - if (def->data.vnc.passwd &&
> - (flags & VIR_DOMAIN_XML_SECURE))
> - virBufferEscapeString(buf, " passwd='%s'",
> - def->data.vnc.passwd);
> + if (flags & VIR_DOMAIN_XML_SECURE)
> + virDomainGraphicsAuthDefFormatAttr(buf, &def->data.vnc.auth);
rather than here, since it makes sense to include password expiry in the
XML even if the password itself is not included?
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20101102/cfe32963/attachment-0001.sig>
More information about the libvir-list
mailing list