[libvirt PATCH 7/9] peer2peer migration: allow connecting to local sockets

Jiri Denemark jdenemar at redhat.com
Tue Aug 25 15:20:15 UTC 2020 

On Tue, Aug 25, 2020 at 07:47:13 +0200, Martin Kletzander wrote:
> Local socket connections were outright disabled because there was no "server"
> part in the URI.  However, given how requirements and usage scenarios are
> evolving, some management apps might need the source libvirt daemon to connect
> to the destination daemon over a UNIX socket for peer2peer migration.  Since we
> cannot know where the socket leads (whether the same daemon or not) let's decide
> that based on whether the socket path is non-standard, or rather explicitly
> specified in the URI.  Checking non-standard path would require to ask the
> daemon for configuration and the only misuse that it would prevent would be a
> pretty weird one.  And that's not worth it.  The assumption is that whenever
> someone uses explicit UNIX socket paths in the URI for migration they better
> know what they are doing.
> 
> Partially resolves: https://bugzilla.redhat.com/1638889
> 
> Signed-off-by: Martin Kletzander <mkletzan at redhat.com>
> ---
>  docs/manpages/virsh.rst    |  9 +++++++++
>  src/libvirt-domain.c       |  8 +++++++-
>  src/remote/remote_driver.c |  8 ++++++--
>  src/util/viruri.c          | 30 ++++++++++++++++++++++++++++++
>  src/util/viruri.h          |  2 ++
>  tests/virmigtest.c         |  2 +-
>  6 files changed, 55 insertions(+), 4 deletions(-)
...
> diff --git a/src/util/viruri.c b/src/util/viruri.c
> index 0112186fdbc4..91f86de19a8e 100644
> --- a/src/util/viruri.c
> +++ b/src/util/viruri.c
> @@ -393,3 +393,33 @@ virURIGetParam(virURIPtr uri, const char *name)
>                     _("Missing URI parameter '%s'"), name);
>      return NULL;
>  }
> +
> +
> +/**
> + * virCheckURIProxied:
> + * @uri: URI to check
> + *
> + * Check if the URI looks like it refers to a non-standard socket path.  In such
> + * scenario the socket might be proxied to a remote server even though the URI
> + * looks like it is only local.
> + *
> + * Returns: true if the URI might be proxied to a remote server
> + */
> +bool
> +virURICheckProxied(virURIPtr uri)

I'd call this function virURICheckUnixSocket or similar as that's what
it's actually doing. It doesn't really care whether the socket is
connected to a proxy or not.

> +{
> +    size_t i = 0;
> +
> +    if (!uri->scheme)
> +        return false;
> +
> +    if (STRNEQ_NULLABLE(strchr(uri->scheme, '+'), "+unix"))
> +        return false;
> +
> +    for (i = 0; i < uri->paramsCount; i++) {
> +        if (STREQ(uri->params[i].name, "socket"))
> +            return true;
> +    }
> +
> +    return false;
> +}

Reviewed-by: Jiri Denemark <jdenemar at redhat.com>

More information about the libvir-list mailing list