[PATCH 13/14] qemuBlockGetBackingStoreString: Properly handle 'http/s' with cookies and others
Peter Krempa
pkrempa at redhat.com
Mon Mar 23 18:12:03 UTC 2020
Format cookies into the backing store string without encryption as they
will not be visible on the command line when formatting a 'target' only
string. In cases when cookies or other options are used we must use the
JSON format rather than pure URI.
Add tests to validate the scenario.
Signed-off-by: Peter Krempa <pkrempa at redhat.com>
---
src/qemu/qemu_block.c | 12 ++++++++++-
tests/qemublocktest.c | 2 ++
.../network-http-curlopts-srconly.json | 17 ++++++++++++++++
.../xml2json/network-http-curlopts.json | 15 ++++++++++++++
.../xml2json/network-http-curlopts.xml | 20 +++++++++++++++++++
.../xml2json/network-http-noopts-srconly.json | 9 +++++++++
.../xml2json/network-http-noopts.json | 14 +++++++++++++
.../xml2json/network-http-noopts.xml | 15 ++++++++++++++
8 files changed, 103 insertions(+), 1 deletion(-)
create mode 100644 tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json
create mode 100644 tests/qemublocktestdata/xml2json/network-http-curlopts.json
create mode 100644 tests/qemublocktestdata/xml2json/network-http-curlopts.xml
create mode 100644 tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json
create mode 100644 tests/qemublocktestdata/xml2json/network-http-noopts.json
create mode 100644 tests/qemublocktestdata/xml2json/network-http-noopts.xml
diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
index d9665ec4a0..648c3f1026 100644
--- a/src/qemu/qemu_block.c
+++ b/src/qemu/qemu_block.c
@@ -685,6 +685,7 @@ qemuBlockStorageSourceGetCURLProps(virStorageSourcePtr src,
virJSONValuePtr ret = NULL;
g_autoptr(virURI) uri = NULL;
g_autofree char *uristr = NULL;
+ g_autofree char *cookiestr = NULL;
/**
* Common options:
@@ -714,6 +715,9 @@ qemuBlockStorageSourceGetCURLProps(virStorageSourcePtr src,
if (srcPriv &&
srcPriv->httpcookie)
cookiealias = srcPriv->httpcookie->s.aes.alias;
+ } else {
+ /* format target string along with cookies */
+ cookiestr = qemuBlockStorageSourceGetCookieString(src);
}
ignore_value(virJSONValueObjectCreate(&ret,
@@ -721,6 +725,7 @@ qemuBlockStorageSourceGetCURLProps(virStorageSourcePtr src,
"S:username", username,
"S:password-secret", passwordalias,
"T:sslverify", src->sslverify,
+ "S:cookie", cookiestr,
"S:cookie-secret", cookiealias,
"P:timeout", src->timeout,
"P:readahead", src->readahead,
@@ -2056,7 +2061,12 @@ qemuBlockGetBackingStoreString(virStorageSourcePtr src,
/* generate simplified URIs for the easy cases */
if (actualType == VIR_STORAGE_TYPE_NETWORK &&
src->nhosts == 1 &&
- src->hosts->transport == VIR_STORAGE_NET_HOST_TRANS_TCP) {
+ src->hosts->transport == VIR_STORAGE_NET_HOST_TRANS_TCP &&
+ src->timeout == 0 &&
+ src->ncookies == 0 &&
+ src->sslverify == VIR_TRISTATE_BOOL_ABSENT &&
+ src->timeout == 0 &&
+ src->readahead == 0) {
switch ((virStorageNetProtocol) src->protocol) {
case VIR_STORAGE_NET_PROTOCOL_NBD:
diff --git a/tests/qemublocktest.c b/tests/qemublocktest.c
index 709d94fd80..8640b72116 100644
--- a/tests/qemublocktest.c
+++ b/tests/qemublocktest.c
@@ -1212,6 +1212,8 @@ mymain(void)
TEST_DISK_TO_JSON("network-qcow2-backing-chain-cache-unsafe");
TEST_DISK_TO_JSON("dir-fat-cache");
TEST_DISK_TO_JSON("network-nbd-tls");
+ TEST_DISK_TO_JSON("network-http-noopts");
+ TEST_DISK_TO_JSON("network-http-curlopts");
TEST_DISK_TO_JSON("block-raw-noopts");
TEST_DISK_TO_JSON("block-raw-reservations");
diff --git a/tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json b/tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json
new file mode 100644
index 0000000000..f5645ac2a6
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json
@@ -0,0 +1,17 @@
+(
+ source only properties:
+ {
+ "driver": "https",
+ "url": "https://host1.example.com:443/something",
+ "sslverify": false,
+ "cookie": "test=123456; blurb=here"
+ }
+ backing store string:
+ json:{"file":{
+ "driver": "https",
+ "url": "https://host1.example.com:443/something",
+ "sslverify": false,
+ "cookie": "test=123456; blurb=here"
+ }
+ }
+)
diff --git a/tests/qemublocktestdata/xml2json/network-http-curlopts.json b/tests/qemublocktestdata/xml2json/network-http-curlopts.json
new file mode 100644
index 0000000000..08dfd1b300
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-curlopts.json
@@ -0,0 +1,15 @@
+{
+ "node-name": "node-b-f",
+ "read-only": false,
+ "driver": "qcow2",
+ "file": "node-a-s",
+ "backing": null
+}
+{
+ "driver": "https",
+ "url": "https://host1.example.com:443/something",
+ "sslverify": false,
+ "node-name": "node-a-s",
+ "auto-read-only": true,
+ "discard": "unmap"
+}
diff --git a/tests/qemublocktestdata/xml2json/network-http-curlopts.xml b/tests/qemublocktestdata/xml2json/network-http-curlopts.xml
new file mode 100644
index 0000000000..a656247e2e
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-curlopts.xml
@@ -0,0 +1,20 @@
+<disk type='network' device='disk'>
+ <driver name='qemu' type='qcow2'/>
+ <source protocol='https' name='/something'>
+ <host name='host1.example.com'/>
+ <ssl verify='no'/>
+ <cookies>
+ <cookie name='test'>123456</cookie>
+ <cookie name='blurb'>here</cookie>
+ </cookies>
+ <privateData>
+ <nodenames>
+ <nodename type='storage' name='node-a-s'/>
+ <nodename type='format' name='node-b-f'/>
+ </nodenames>
+ </privateData>
+ </source>
+ <backingStore/>
+ <target dev='vda' bus='virtio'/>
+ <alias name='virtio-disk0'/>
+</disk>
diff --git a/tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json b/tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json
new file mode 100644
index 0000000000..1303623036
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json
@@ -0,0 +1,9 @@
+(
+ source only properties:
+ {
+ "driver": "https",
+ "url": "https://host1.example.com:443/something"
+ }
+ backing store string:
+ https://host1.example.com:443/something
+)
diff --git a/tests/qemublocktestdata/xml2json/network-http-noopts.json b/tests/qemublocktestdata/xml2json/network-http-noopts.json
new file mode 100644
index 0000000000..d577858236
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-noopts.json
@@ -0,0 +1,14 @@
+{
+ "node-name": "node-b-f",
+ "read-only": false,
+ "driver": "qcow2",
+ "file": "node-a-s",
+ "backing": null
+}
+{
+ "driver": "https",
+ "url": "https://host1.example.com:443/something",
+ "node-name": "node-a-s",
+ "auto-read-only": true,
+ "discard": "unmap"
+}
diff --git a/tests/qemublocktestdata/xml2json/network-http-noopts.xml b/tests/qemublocktestdata/xml2json/network-http-noopts.xml
new file mode 100644
index 0000000000..f09ff7ba67
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-noopts.xml
@@ -0,0 +1,15 @@
+<disk type='network' device='disk'>
+ <driver name='qemu' type='qcow2'/>
+ <source protocol='https' name='/something'>
+ <host name='host1.example.com'/>
+ <privateData>
+ <nodenames>
+ <nodename type='storage' name='node-a-s'/>
+ <nodename type='format' name='node-b-f'/>
+ </nodenames>
+ </privateData>
+ </source>
+ <backingStore/>
+ <target dev='vda' bus='virtio'/>
+ <alias name='virtio-disk0'/>
+</disk>
--
2.24.1
More information about the libvir-list
mailing list