[libvirt] [PATCH 2/4] storage: Use virRandomBytes for virStorageGenerateQcowPassphrase

John Ferlan jferlan at redhat.com
Sun May 22 14:39:13 UTC 2016


Use the common API

Signed-off-by: John Ferlan <jferlan at redhat.com>
---
 src/storage/storage_backend.c   | 10 +++++++---
 src/util/virstorageencryption.c | 42 +++++++++++++++--------------------------
 src/util/virstorageencryption.h |  4 ++--
 3 files changed, 24 insertions(+), 32 deletions(-)

diff --git a/src/storage/storage_backend.c b/src/storage/storage_backend.c
index 3a23cd7..637b59a 100644
--- a/src/storage/storage_backend.c
+++ b/src/storage/storage_backend.c
@@ -597,7 +597,7 @@ virStorageGenerateQcowEncryption(virConnectPtr conn,
     virStorageEncryptionSecretPtr enc_secret = NULL;
     virSecretPtr secret = NULL;
     char *xml;
-    unsigned char value[VIR_STORAGE_QCOW_PASSPHRASE_SIZE];
+    unsigned char *value = NULL;
     int ret = -1;
 
     if (conn->secretDriver == NULL ||
@@ -641,10 +641,13 @@ virStorageGenerateQcowEncryption(virConnectPtr conn,
     }
     VIR_FREE(xml);
 
-    if (virStorageGenerateQcowPassphrase(value) < 0)
+    if (!(value =
+          virStorageGenerateQcowPassphrase(VIR_STORAGE_QCOW_PASSPHRASE_SIZE)))
         goto cleanup;
 
-    if (conn->secretDriver->secretSetValue(secret, value, sizeof(value), 0) < 0)
+    if (conn->secretDriver->secretSetValue(secret, value,
+                                           VIR_STORAGE_QCOW_PASSPHRASE_SIZE,
+                                           0) < 0)
         goto cleanup;
 
     enc_secret->type = VIR_STORAGE_ENCRYPTION_SECRET_TYPE_PASSPHRASE;
@@ -666,6 +669,7 @@ virStorageGenerateQcowEncryption(virConnectPtr conn,
     virBufferFreeAndReset(&buf);
     virSecretDefFree(def);
     VIR_FREE(enc_secret);
+    VIR_FREE(value);
     return ret;
 }
 
diff --git a/src/util/virstorageencryption.c b/src/util/virstorageencryption.c
index ec4a8cb..52d5c45 100644
--- a/src/util/virstorageencryption.c
+++ b/src/util/virstorageencryption.c
@@ -1,7 +1,7 @@
 /*
  * virstorageencryption.c: volume encryption information
  *
- * Copyright (C) 2009-2014 Red Hat, Inc.
+ * Copyright (C) 2009-2014, 2016 Red Hat, Inc.
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
@@ -34,6 +34,7 @@
 #include "virerror.h"
 #include "viruuid.h"
 #include "virfile.h"
+#include "virrandom.h"
 
 #define VIR_FROM_THIS VIR_FROM_STORAGE
 
@@ -288,36 +289,23 @@ virStorageEncryptionFormat(virBufferPtr buf,
     return 0;
 }
 
-int
-virStorageGenerateQcowPassphrase(unsigned char *dest)
+unsigned char *
+virStorageGenerateQcowPassphrase(size_t nbytes)
 {
-    int fd;
-    size_t i;
+    int ret;
+    uint8_t *value;
+
+    if (VIR_ALLOC_N(value, nbytes) < 0)
+        return NULL;
 
     /* A qcow passphrase is up to 16 bytes, with any data following a NUL
        ignored.  Prohibit control and non-ASCII characters to avoid possible
        unpleasant surprises with the qemu monitor input mechanism. */
-    fd = open("/dev/urandom", O_RDONLY);
-    if (fd < 0) {
-        virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
-                       _("Cannot open /dev/urandom"));
-        return -1;
-    }
-    i = 0;
-    while (i < VIR_STORAGE_QCOW_PASSPHRASE_SIZE) {
-        ssize_t r;
-
-        while ((r = read(fd, dest + i, 1)) == -1 && errno == EINTR)
-            ;
-        if (r <= 0) {
-            virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
-                           _("Cannot read from /dev/urandom"));
-            VIR_FORCE_CLOSE(fd);
-            return -1;
-        }
-        if (dest[i] >= 0x20 && dest[i] <= 0x7E)
-            i++; /* Got an acceptable character */
+    if ((ret = virRandomBytes(value, nbytes, 0x20, 0x7E)) < 0) {
+        virReportSystemError(ret, "%s", _("failed to generate passphrase"));
+        VIR_FREE(value);
+        return NULL;
     }
-    VIR_FORCE_CLOSE(fd);
-    return 0;
+
+    return value;
 }
diff --git a/src/util/virstorageencryption.h b/src/util/virstorageencryption.h
index 04641b1..bdfaa15 100644
--- a/src/util/virstorageencryption.h
+++ b/src/util/virstorageencryption.h
@@ -1,7 +1,7 @@
 /*
  * virstorageencryption.h: volume encryption information
  *
- * Copyright (C) 2009-2011, 2014 Red Hat, Inc.
+ * Copyright (C) 2009-2011, 2014, 2016 Red Hat, Inc.
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
@@ -76,6 +76,6 @@ enum {
   VIR_STORAGE_QCOW_PASSPHRASE_SIZE = 16
 };
 
-int virStorageGenerateQcowPassphrase(unsigned char *dest);
+unsigned char *virStorageGenerateQcowPassphrase(size_t nbytes);
 
 #endif /* __VIR_STORAGE_ENCRYPTION_H__ */
-- 
2.5.5




More information about the libvir-list mailing list