[libvirt] [PATCH v2] secret: Alter virSecretGetSecretString

[Peter Krempa]

On Thu, May 12, 2016 at 11:43:39 -0400, John Ferlan wrote:
> Rather than returning a "char *" indicating perhaps some sized set of
> characters that is NUL terminated, alter the function to return 0 or -1
> for success/failure and add two parameters to handle returning the
> buffer and it's size.
> 
> The function no longer encodes the returned secret, rather it returns
> the unencoded secret forcing callers to make the necessary adjustments.
> 
> Alter the callers to handle the adjusted model.
> 
> Add a new function virStringBufferIsPrintable to handle checking if
> the plaintext secret that is about to be printed on the command line
> has non-printable characters and cause failure if it does.
> 
> Signed-off-by: John Ferlan <jferlan at redhat.com>
> ---
> v1: http://www.redhat.com/archives/libvir-list/2016-May/msg00870.html
> 
> Changes since v1:
> 
> libvirt_private.syms, virstring.c, virstring.h:
>  - Introduce virStringBufferIsPrintable.  I could make it a separate patch
>    if so desired.

Yep, 

> 
> libxl_conf.c, qemu_domain.c, qemu_command.c
>  - Use new format of virSecretGetSecretString
>  - Encode the secret after the call now when necessary
>  - Use virStringBufferIsPrintable before printing iSCSI password
> 
> secret_util.c:
>  - Return int instead of uint8_t *
>  - Remove 'encode' parameter
>  - Add parameter "*ret_secret", alloc and return the secret in uint8_t * buf

I've noticed some stuff that could be improved along with this patch but
will cause conflicts. I'll report it along with splitting this into two
and adjusting all the other stuff I've noticed while fixing the
conflicts.

Peter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20160513/2371d6ba/attachment-0001.sig>