[PATCH v2 7/9] virsh: secret: Add --plain switch for secret-set-value

Peter Krempa pkrempa at redhat.com
Fri Jan 24 16:08:39 UTC 2020 

Allow using the contents of --file without base64 decoding.

Signed-off-by: Peter Krempa <pkrempa at redhat.com>
---
 docs/manpages/virsh.rst |  5 +++--
 tools/virsh-secret.c    | 14 +++++++++++++-
 2 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst
index 823f130f1c..dbeac9232f 100644
--- a/docs/manpages/virsh.rst
+++ b/docs/manpages/virsh.rst
@@ -6563,11 +6563,12 @@ secret-set-value

 .. code-block::

-   secret-set-value secret (--file filename | base64)
+   secret-set-value secret (--file filename [--plain] | base64)

 Set the value associated with *secret* (specified by its UUID) to the value
 Base64-encoded value *base64* or Base-64-encoded contents of file named
-*filename*.
+*filename*. Using the *--plain* flag is together with *--file* allows to use
+the file contents directly as the secret value.

 Note that *--file* and *base64* options are mutually exclusive.

diff --git a/tools/virsh-secret.c b/tools/virsh-secret.c
index 0ca08bc133..87f3cfff16 100644
--- a/tools/virsh-secret.c
+++ b/tools/virsh-secret.c
@@ -182,6 +182,10 @@ static const vshCmdOptDef opts_secret_set_value[] = {
      .flags = VSH_OFLAG_REQ_OPT,
      .help = N_("read secret from file"),
     },
+    {.name = "plain",
+     .type = VSH_OT_BOOL,
+     .help = N_("read the secret from file without converting from base64")
+    },
     {.name = "base64",
      .type = VSH_OT_STRING,
      .help = N_("base64-encoded secret value")
@@ -199,9 +203,11 @@ cmdSecretSetValue(vshControl *ctl, const vshCmd *cmd)
     size_t file_len = 0;
     unsigned char *value;
     size_t value_size;
+    bool plain = vshCommandOptBool(cmd, "plain");
     int res;

     VSH_EXCLUSIVE_OPTIONS("file", "base64");
+    VSH_EXCLUSIVE_OPTIONS("plain", "base64");

     if (!(secret = virshCommandOptSecret(ctl, cmd, NULL)))
         return false;
@@ -232,7 +238,13 @@ cmdSecretSetValue(vshControl *ctl, const vshCmd *cmd)
         base64 = file_buf;
     }

-    value = g_base64_decode(base64, &value_size);
+    if (plain) {
+        value = g_steal_pointer(&file_buf);
+        value_size = file_len;
+        file_len = 0;
+    } else {
+        value = g_base64_decode(base64, &value_size);
+    }

     res = virSecretSetValue(secret, value, value_size, 0);
     VIR_DISPOSE_N(value, value_size);
-- 
2.24.1

More information about the libvir-list mailing list