[PATCH v2 2/6] remote: Implement OpenSSH authorized key file mgmt APIs
Peter Krempa
pkrempa at redhat.com
Mon Nov 16 14:51:09 UTC 2020
On Mon, Nov 16, 2020 at 13:20:59 +0100, Michal Privoznik wrote:
> Since both APIs accept/return an array of strings we can't have
> client/server dispatch code generated. But implementation is
> fairly trivial, although verbose.
>
> Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
> ---
> src/remote/remote_daemon_dispatch.c | 82 +++++++++++++++++++++++++++
> src/remote/remote_driver.c | 87 +++++++++++++++++++++++++++++
> src/remote/remote_protocol.x | 34 ++++++++++-
> src/remote_protocol-structs | 22 ++++++++
> 4 files changed, 224 insertions(+), 1 deletion(-)
[...]
> diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
> index 9cd2fd36ae..0b8d1e753f 100644
> --- a/src/remote/remote_driver.c
> +++ b/src/remote/remote_driver.c
> @@ -8027,6 +8027,91 @@ remoteDomainGetGuestInfo(virDomainPtr dom,
> return rv;
> }
>
> +static int
> +remoteDomainAuthorizedSSHKeysGet(virDomainPtr domain,
> + const char *user,
> + char ***keys,
> + unsigned int flags)
> +{
> + int rv = -1;
> + size_t i;
> + struct private_data *priv = domain->conn->privateData;
> + remote_domain_authorized_ssh_keys_get_args args;
> + remote_domain_authorized_ssh_keys_get_ret ret;
> +
> + remoteDriverLock(priv);
> +
> + make_nonnull_domain(&args.dom, domain);
> + args.user = (char *) user;
> + args.flags = flags;
> + memset(&ret, 0, sizeof(ret));
> +
> + if (call(domain->conn, priv, 0, REMOTE_PROC_DOMAIN_AUTHORIZED_SSH_KEYS_GET,
> + (xdrproc_t) xdr_remote_domain_authorized_ssh_keys_get_args, (char *)&args,
> + (xdrproc_t) xdr_remote_domain_authorized_ssh_keys_get_ret, (char *)&ret) == -1) {
> + goto cleanup;
> + }
> +
> + if (ret.keys.keys_len > REMOTE_DOMAIN_AUTHORIZED_SSH_KEYS_MAX) {
> + virReportError(VIR_ERR_RPC, "%s",
> + _("remoteDomainAuthorizedSSHKeysGet: "
> + "returned number of keys exceeds limit"));
> + goto cleanup;
> + }
> +
> + *keys = g_new0(char *, ret.keys.keys_len);
Please over-allocate by 1 to ensure a NULL-terminated list.
> + for (i = 0; i < ret.keys.keys_len; i++)
> + (*keys)[i] = g_strdup(ret.keys.keys_val[i]);
> +
> + rv = ret.keys.keys_len;
> +
> + cleanup:
> + remoteDriverUnlock(priv);
> + xdr_free((xdrproc_t)xdr_remote_domain_authorized_ssh_keys_get_ret,
> + (char *) &ret);
> + return rv;
> +}
> +
Reviewed-by: Peter Krempa <pkrempa at redhat.com>
More information about the libvir-list
mailing list