{
struct stat sb;
if (stat(file, &sb) < 0) {
- ERROR(_("Cannot access %s '%s': %s (%d)"),
+ VIR_ERROR(_("Cannot access %s '%s': %s (%d)"),
type, file, strerror(errno), errno);
return -1;
}
err = gnutls_certificate_allocate_credentials (&x509_cred);
if (err) {
- ERROR(_("gnutls_certificate_allocate_credentials: %s"),
+ VIR_ERROR(_("gnutls_certificate_allocate_credentials: %s"),
gnutls_strerror (err));
return -1;
}
err = gnutls_certificate_set_x509_trust_file (x509_cred, ca_file,
GNUTLS_X509_FMT_PEM);
if (err < 0) {
- ERROR(_("gnutls_certificate_set_x509_trust_file: %s"),
+ VIR_ERROR(_("gnutls_certificate_set_x509_trust_file: %s"),
gnutls_strerror (err));
return -1;
}
err = gnutls_certificate_set_x509_crl_file (x509_cred, crl_file,
GNUTLS_X509_FMT_PEM);
if (err < 0) {
- ERROR(_("gnutls_certificate_set_x509_crl_file: %s"),
+ VIR_ERROR(_("gnutls_certificate_set_x509_crl_file: %s"),
gnutls_strerror (err));
return -1;
}
cert_file, key_file,
GNUTLS_X509_FMT_PEM);
if (err < 0) {
- ERROR(_("gnutls_certificate_set_x509_key_file: %s"),
+ VIR_ERROR(_("gnutls_certificate_set_x509_key_file: %s"),
gnutls_strerror (err));
return -1;
}
*/
err = gnutls_dh_params_init (&dh_params);
if (err < 0) {
- ERROR(_("gnutls_dh_params_init: %s"), gnutls_strerror (err));
+ VIR_ERROR(_("gnutls_dh_params_init: %s"), gnutls_strerror (err));
return -1;
}
err = gnutls_dh_params_generate2 (dh_params, DH_BITS);
if (err < 0) {
- ERROR(_("gnutls_dh_params_generate2: %s"), gnutls_strerror (err));
+ VIR_ERROR(_("gnutls_dh_params_generate2: %s"), gnutls_strerror (err));
return -1;
}
pthread_mutex_lock(&server->lock);
if (saferead(server->sigread, &siginfo, sizeof(siginfo)) != sizeof(siginfo)) {
- ERROR(_("Failed to read from signal pipe: %s"), strerror(errno));
+ VIR_ERROR(_("Failed to read from signal pipe: %s"), strerror(errno));
pthread_mutex_unlock(&server->lock);
return;
}
switch (siginfo.si_signo) {
case SIGHUP:
- INFO0(_("Reloading configuration on SIGHUP"));
+ VIR_INFO0(_("Reloading configuration on SIGHUP"));
if (virStateReload() < 0)
- WARN0(_("Error while reloading drivers"));
+ VIR_WARN0(_("Error while reloading drivers"));
break;
case SIGINT:
case SIGQUIT:
case SIGTERM:
- WARN(_("Shutting down on signal %d"), siginfo.si_signo);
+ VIR_WARN(_("Shutting down on signal %d"), siginfo.si_signo);
server->shutdown = 1;
break;
default:
- INFO(_("Received unexpected signal %d"), siginfo.si_signo);
+ VIR_INFO(_("Received unexpected signal %d"), siginfo.si_signo);
break;
}
goto error;
return 0;
error:
- ERROR0(_("Failed to set close-on-exec file descriptor flag"));
+ VIR_ERROR0(_("Failed to set close-on-exec file descriptor flag"));
return -1;
}
goto error;
return 0;
error:
- ERROR0(_("Failed to set non-blocking file descriptor flag"));
+ VIR_ERROR0(_("Failed to set non-blocking file descriptor flag"));
return -1;
}
return 0;
if ((fd = open(pidFile, O_WRONLY|O_CREAT|O_EXCL, 0644)) < 0) {
- ERROR(_("Failed to open pid file '%s' : %s"),
- pidFile, strerror(errno));
+ VIR_ERROR(_("Failed to open pid file '%s' : %s"),
+ pidFile, strerror(errno));
return -1;
}
if (!(fh = fdopen(fd, "w"))) {
- ERROR(_("Failed to fdopen pid file '%s' : %s"),
- pidFile, strerror(errno));
+ VIR_ERROR(_("Failed to fdopen pid file '%s' : %s"),
+ pidFile, strerror(errno));
close(fd);
return -1;
}
if (fprintf(fh, "%lu\n", (unsigned long)getpid()) < 0) {
- ERROR(_("Failed to write to pid file '%s' : %s"),
- pidFile, strerror(errno));
+ VIR_ERROR(_("Failed to write to pid file '%s' : %s"),
+ pidFile, strerror(errno));
close(fd);
return -1;
}
if (fclose(fh) == EOF) {
- ERROR(_("Failed to close pid file '%s' : %s"),
- pidFile, strerror(errno));
+ VIR_ERROR(_("Failed to close pid file '%s' : %s"),
+ pidFile, strerror(errno));
return -1;
}
gid_t oldgrp;
if (VIR_ALLOC(sock) < 0) {
- ERROR("%s", _("Failed to allocate memory for struct qemud_socket"));
+ VIR_ERROR("%s", _("Failed to allocate memory for struct qemud_socket"));
return -1;
}
sock->auth = auth;
if ((sock->fd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) {
- ERROR(_("Failed to create socket: %s"),
- strerror(errno));
+ VIR_ERROR(_("Failed to create socket: %s"),
+ strerror(errno));
goto cleanup;
}
setgid(unix_sock_gid);
if (bind(sock->fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
- ERROR(_("Failed to bind socket to '%s': %s"),
- path, strerror(errno));
+ VIR_ERROR(_("Failed to bind socket to '%s': %s"),
+ path, strerror(errno));
goto cleanup;
}
umask(oldmask);
setgid(oldgrp);
if (listen(sock->fd, 30) < 0) {
- ERROR(_("Failed to listen for connections on '%s': %s"),
- path, strerror(errno));
+ VIR_ERROR(_("Failed to listen for connections on '%s': %s"),
+ path, strerror(errno));
goto cleanup;
}
VIR_EVENT_HANDLE_HANGUP,
qemudDispatchServerEvent,
server, NULL)) < 0) {
- ERROR0(_("Failed to add server event callback"));
+ VIR_ERROR0(_("Failed to add server event callback"));
goto cleanup;
}
int e = getaddrinfo (node, service, &hints, &ai);
if (e != 0) {
- ERROR(_("getaddrinfo: %s\n"), gai_strerror (e));
+ VIR_ERROR(_("getaddrinfo: %s\n"), gai_strerror (e));
return -1;
}
fds[*nfds_r] = socket (runp->ai_family, runp->ai_socktype,
runp->ai_protocol);
if (fds[*nfds_r] == -1) {
- ERROR(_("socket: %s"), strerror (errno));
+ VIR_ERROR(_("socket: %s"), strerror (errno));
return -1;
}
if (bind (fds[*nfds_r], runp->ai_addr, runp->ai_addrlen) == -1) {
if (errno != EADDRINUSE) {
- ERROR(_("bind: %s"), strerror (errno));
+ VIR_ERROR(_("bind: %s"), strerror (errno));
return -1;
}
close (fds[*nfds_r]);
}
else {
if (listen (fds[*nfds_r], SOMAXCONN) == -1) {
- ERROR(_("listen: %s"), strerror (errno));
+ VIR_ERROR(_("listen: %s"), strerror (errno));
return -1;
}
++*nfds_r;
socklen_t salen = sizeof(sa);
if (VIR_ALLOC(sock) < 0) {
- ERROR(_("remoteListenTCP: calloc: %s"), strerror (errno));
+ VIR_ERROR(_("remoteListenTCP: calloc: %s"), strerror (errno));
goto cleanup;
}
goto cleanup;
if (listen (sock->fd, 30) < 0) {
- ERROR(_("remoteListenTCP: listen: %s"), strerror (errno));
+ VIR_ERROR(_("remoteListenTCP: listen: %s"), strerror (errno));
goto cleanup;
}
VIR_EVENT_HANDLE_HANGUP,
qemudDispatchServerEvent,
server, NULL)) < 0) {
- ERROR0(_("Failed to add server event callback"));
+ VIR_ERROR0(_("Failed to add server event callback"));
goto cleanup;
}
struct passwd *pw;
if (!(pw = getpwuid(uid))) {
- ERROR(_("Failed to find user record for uid '%d': %s"),
+ VIR_ERROR(_("Failed to find user record for uid '%d': %s"),
uid, strerror(errno));
return -1;
}
return 0;
snprintf_error:
- ERROR("%s", _("Resulting path too long for buffer in qemudInitPaths()"));
+ VIR_ERROR("%s", _("Resulting path too long for buffer in qemudInitPaths()"));
return -1;
}
struct qemud_server *server;
if (VIR_ALLOC(server) < 0) {
- ERROR0(_("Failed to allocate struct qemud_server"));
+ VIR_ERROR0(_("Failed to allocate struct qemud_server"));
return NULL;
}
server->sigread = sigread;
if (virEventInit() < 0) {
- ERROR0(_("Failed to initialize event system"));
+ VIR_ERROR0(_("Failed to initialize event system"));
VIR_FREE(server);
return NULL;
}
auth_tcp == REMOTE_AUTH_SASL ||
auth_tls == REMOTE_AUTH_SASL) {
if ((err = sasl_server_init(NULL, "libvirt")) != SASL_OK) {
- ERROR(_("Failed to initialize SASL authentication %s"),
- sasl_errstring(err, NULL, NULL));
+ VIR_ERROR(_("Failed to initialize SASL authentication %s"),
+ sasl_errstring(err, NULL, NULL));
goto cleanup;
}
}
dbus_error_init(&derr);
server->sysbus = dbus_bus_get(DBUS_BUS_SYSTEM, &derr);
if (!(server->sysbus)) {
- ERROR(_("Failed to connect to system bus for PolicyKit auth: %s"),
- derr.message);
+ VIR_ERROR(_("Failed to connect to system bus for PolicyKit auth: %s"),
+ derr.message);
dbus_error_free(&derr);
goto cleanup;
}
return session;
failed:
- ERROR(_("remoteInitializeTLSSession: %s"),
+ VIR_ERROR(_("remoteInitializeTLSSession: %s"),
gnutls_strerror (err));
return NULL;
}
err = gnutls_x509_crt_get_dn (cert, name, &namesize);
if (err != 0) {
- ERROR(_("remoteCheckDN: gnutls_x509_cert_get_dn: %s"),
+ VIR_ERROR(_("remoteCheckDN: gnutls_x509_cert_get_dn: %s"),
gnutls_strerror (err));
return 0;
}
time_t now;
if ((ret = gnutls_certificate_verify_peers2 (session, &status)) < 0){
- ERROR(_("remoteCheckCertificate: verify failed: %s"),
+ VIR_ERROR(_("remoteCheckCertificate: verify failed: %s"),
gnutls_strerror (ret));
return -1;
}
if (status != 0) {
if (status & GNUTLS_CERT_INVALID)
- ERROR0(_("remoteCheckCertificate: "
- "the client certificate is not trusted."));
+ VIR_ERROR0(_("remoteCheckCertificate: "
+ "the client certificate is not trusted."));
if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
- ERROR0(_("remoteCheckCertificate: the client "
- "certificate has unknown issuer."));
+ VIR_ERROR0(_("remoteCheckCertificate: the client "
+ "certificate has unknown issuer."));
if (status & GNUTLS_CERT_REVOKED)
- ERROR0(_("remoteCheckCertificate: "
- "the client certificate has been revoked."));
+ VIR_ERROR0(_("remoteCheckCertificate: "
+ "the client certificate has been revoked."));
#ifndef GNUTLS_1_0_COMPAT
if (status & GNUTLS_CERT_INSECURE_ALGORITHM)
- ERROR0(_("remoteCheckCertificate: the client certificate"
- " uses an insecure algorithm."));
+ VIR_ERROR0(_("remoteCheckCertificate: the client certificate"
+ " uses an insecure algorithm."));
#endif
return -1;
}
if (gnutls_certificate_type_get (session) != GNUTLS_CRT_X509) {
- ERROR0(_("remoteCheckCertificate: certificate is not X.509"));
+ VIR_ERROR0(_("remoteCheckCertificate: certificate is not X.509"));
return -1;
}
if (!(certs = gnutls_certificate_get_peers(session, &nCerts))) {
- ERROR0(_("remoteCheckCertificate: no peers"));
+ VIR_ERROR0(_("remoteCheckCertificate: no peers"));
return -1;
}
gnutls_x509_crt_t cert;
if (gnutls_x509_crt_init (&cert) < 0) {
- ERROR0(_("remoteCheckCertificate: gnutls_x509_crt_init failed"));
+ VIR_ERROR0(_("remoteCheckCertificate: gnutls_x509_crt_init failed"));
return -1;
}
}
if (gnutls_x509_crt_get_expiration_time (cert) < now) {
- ERROR0(_("remoteCheckCertificate: "
- "the client certificate has expired"));
+ VIR_ERROR0(_("remoteCheckCertificate: "
+ "the client certificate has expired"));
gnutls_x509_crt_deinit (cert);
return -1;
}
if (gnutls_x509_crt_get_activation_time (cert) > now) {
- ERROR0(_("remoteCheckCertificate: the client "
- "certificate is not yet activated"));
+ VIR_ERROR0(_("remoteCheckCertificate: the client "
+ "certificate is not yet activated"));
gnutls_x509_crt_deinit (cert);
return -1;
}
if (i == 0) {
if (!remoteCheckDN (cert)) {
/* This is the most common error: make it informative. */
- ERROR0(_("remoteCheckCertificate: client's Distinguished Name is not on the list of allowed clients (tls_allowed_dn_list). Use 'openssl x509 -in clientcert.pem -text' to view the Distinguished Name field in the client certificate, or run this daemon with --verbose option."));
+ VIR_ERROR0(_("remoteCheckCertificate: client's Distinguished Name is not on the list of allowed clients (tls_allowed_dn_list). Use 'openssl x509 -in clientcert.pem -text' to view the Distinguished Name field in the client certificate, or run this daemon with --verbose option."));
gnutls_x509_crt_deinit (cert);
return -1;
}
{
/* Verify client certificate. */
if (remoteCheckCertificate (client->tlssession) == -1) {
- ERROR0(_("remoteCheckCertificate: "
- "failed to verify client's certificate"));
+ VIR_ERROR0(_("remoteCheckCertificate: "
+ "failed to verify client's certificate"));
if (!tls_no_verify_certificate) return -1;
- else INFO0(_("remoteCheckCertificate: tls_no_verify_certificate "
- "is set so the bad certificate is ignored"));
+ else VIR_INFO0(_("remoteCheckCertificate: tls_no_verify_certificate "
+ "is set so the bad certificate is ignored"));
}
/* Checks have succeeded. Write a '\1' byte back to the client to
unsigned int cr_len = sizeof (cr);
if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) < 0) {
- ERROR(_("Failed to verify client credentials: %s"),
- strerror(errno));
+ VIR_ERROR(_("Failed to verify client credentials: %s"),
+ strerror(errno));
return -1;
}
if ((fd = accept(sock->fd, (struct sockaddr *)&addr, &addrlen)) < 0) {
if (errno == EAGAIN)
return 0;
- ERROR(_("Failed to accept connection: %s"), strerror(errno));
+ VIR_ERROR(_("Failed to accept connection: %s"), strerror(errno));
return -1;
}
if (server->nclients >= max_clients) {
- ERROR0(_("Too many active clients, dropping connection"));
+ VIR_ERROR0(_("Too many active clients, dropping connection"));
close(fd);
return -1;
}
if (VIR_REALLOC_N(server->clients, server->nclients+1) < 0) {
- ERROR0(_("Out of memory allocating clients"));
+ VIR_ERROR0(_("Out of memory allocating clients"));
close(fd);
return -1;
}
/* Client is running as root, so disable auth */
if (uid == 0) {
- INFO(_("Turn off polkit auth for privileged client %d"), pid);
+ VIR_INFO(_("Turn off polkit auth for privileged client %d"), pid);
client->auth = REMOTE_AUTH_NONE;
}
}
if (qemudRegisterClientEvent (server, client, 0) < 0)
goto cleanup;
} else {
- ERROR(_("TLS handshake failed: %s"),
+ VIR_ERROR(_("TLS handshake failed: %s"),
gnutls_strerror (ret));
goto cleanup;
}
if ((ret = read (client->fd, data, len)) <= 0) {
if (ret == 0 || errno != EAGAIN) {
if (ret != 0)
- ERROR(_("read: %s"), strerror (errno));
+ VIR_ERROR(_("read: %s"), strerror (errno));
qemudDispatchClientFailure(server, client);
}
return -1;
if (ret == 0 || (ret != GNUTLS_E_AGAIN &&
ret != GNUTLS_E_INTERRUPTED)) {
if (ret != 0)
- ERROR(_("gnutls_record_recv: %s"),
+ VIR_ERROR(_("gnutls_record_recv: %s"),
gnutls_strerror (ret));
qemudDispatchClientFailure (server, client);
}
else if (qemudRegisterClientEvent (server, client, 1) < 0)
qemudDispatchClientFailure (server, client);
} else if (ret != GNUTLS_E_AGAIN && ret != GNUTLS_E_INTERRUPTED) {
- ERROR(_("TLS handshake failed: %s"),
+ VIR_ERROR(_("TLS handshake failed: %s"),
gnutls_strerror (ret));
qemudDispatchClientFailure (server, client);
} else {
int ret;
if (!client->tlssession) {
if ((ret = safewrite(client->fd, data, len)) == -1) {
- ERROR(_("write: %s"), strerror (errno));
+ VIR_ERROR(_("write: %s"), strerror (errno));
qemudDispatchClientFailure(server, client);
return -1;
}
qemudDispatchClientFailure (server, client);
else if (ret < 0) {
if (ret != GNUTLS_E_INTERRUPTED && ret != GNUTLS_E_AGAIN) {
- ERROR(_("gnutls_record_send: %s"), gnutls_strerror (ret));
+ VIR_ERROR(_("gnutls_record_send: %s"), gnutls_strerror (ret));
qemudDispatchClientFailure (server, client);
}
return -1;
else if (qemudRegisterClientEvent (server, client, 1))
qemudDispatchClientFailure (server, client);
} else if (ret != GNUTLS_E_AGAIN && ret != GNUTLS_E_INTERRUPTED) {
- ERROR(_("TLS handshake failed: %s"), gnutls_strerror (ret));
+ VIR_ERROR(_("TLS handshake failed: %s"), gnutls_strerror (ret));
qemudDispatchClientFailure (server, client);
} else {
if (qemudRegisterClientEvent (server, client, 1))
errors = sig_errors;
if (errors) {
sig_errors -= errors;
- ERROR(_("Signal handler reported %d errors: last error: %s"),
+ VIR_ERROR(_("Signal handler reported %d errors: last error: %s"),
errors, strerror (sig_lasterrno));
return -1;
}
server->nworkers = min_workers;
if (VIR_ALLOC_N(server->workers, server->nworkers) < 0) {
- ERROR0(_("Failed to allocate workers"));
+ VIR_ERROR0(_("Failed to allocate workers"));
return -1;
}
switch (p->type) {
case VIR_CONF_STRING:
if (VIR_ALLOC_N(list, 2) < 0) {
- ERROR(_("failed to allocate memory for %s config list"), key);
+ VIR_ERROR(_("failed to allocate memory for %s config list"), key);
return -1;
}
list[0] = strdup (p->str);
list[1] = NULL;
if (list[0] == NULL) {
- ERROR(_("failed to allocate memory for %s config list value"),
+ VIR_ERROR(_("failed to allocate memory for %s config list value"),
key);
VIR_FREE(list);
return -1;
for (pp = p->list; pp; pp = pp->next)
len++;
if (VIR_ALLOC_N(list, 1+len) < 0) {
- ERROR(_("failed to allocate memory for %s config list"), key);
+ VIR_ERROR(_("failed to allocate memory for %s config list"), key);
return -1;
}
for (i = 0, pp = p->list; pp; ++i, pp = pp->next) {
if (pp->type != VIR_CONF_STRING) {
- ERROR(_("remoteReadConfigFile: %s: %s:"
- " must be a string or list of strings\n"),
+ VIR_ERROR(_("remoteReadConfigFile: %s: %s:"
+ " must be a string or list of strings\n"),
filename, key);
VIR_FREE(list);
return -1;
for (j = 0 ; j < i ; j++)
VIR_FREE(list[j]);
VIR_FREE(list);
- ERROR(_("failed to allocate memory for %s config list value"),
- key);
+ VIR_ERROR(_("failed to allocate memory for %s config list value"),
+ key);
return -1;
}
}
default:
- ERROR(_("remoteReadConfigFile: %s: %s:"
- " must be a string or list of strings\n"),
+ VIR_ERROR(_("remoteReadConfigFile: %s: %s:"
+ " must be a string or list of strings\n"),
filename, key);
return -1;
}
const char *key, virConfType required_type)
{
if (p->type != required_type) {
- ERROR(_("remoteReadConfigFile: %s: %s: invalid type:"
+ VIR_ERROR(_("remoteReadConfigFile: %s: %s: invalid type:"
" got %s; expected %s\n"), filename, key,
virConfTypeName (p->type),
virConfTypeName (required_type));
goto free_and_fail; \
(var_name) = strdup (p->str); \
if ((var_name) == NULL) { \
- ERROR(_("remoteReadConfigFile: %s\n"),strerror (errno));\
+ VIR_ERROR(_("remoteReadConfigFile: %s\n"),strerror (errno)); \
goto free_and_fail; \
} \
} \
*auth = REMOTE_AUTH_POLKIT;
#endif
} else {
- ERROR(_("remoteReadConfigFile: %s: %s: unsupported auth %s\n"),
+ VIR_ERROR(_("remoteReadConfigFile: %s: %s: unsupported auth %s\n"),
filename, key, p->str);
return -1;
}
GET_CONF_STR (conf, filename, unix_sock_group);
if (unix_sock_group) {
if (getuid() != 0) {
- WARN0(_("Cannot set group when not running as root"));
+ VIR_WARN0(_("Cannot set group when not running as root"));
} else {
struct group *grp = getgrnam(unix_sock_group);
if (!grp) {
- ERROR(_("Failed to lookup group '%s'"), unix_sock_group);
+ VIR_ERROR(_("Failed to lookup group '%s'"), unix_sock_group);
goto free_and_fail;
}
unix_sock_gid = grp->gr_gid;
GET_CONF_STR (conf, filename, unix_sock_ro_perms);
if (unix_sock_ro_perms) {
if (virStrToLong_i (unix_sock_ro_perms, NULL, 8, &unix_sock_ro_mask) != 0) {
- ERROR(_("Failed to parse mode '%s'"), unix_sock_ro_perms);
+ VIR_ERROR(_("Failed to parse mode '%s'"), unix_sock_ro_perms);
goto free_and_fail;
}
free (unix_sock_ro_perms);
GET_CONF_STR (conf, filename, unix_sock_rw_perms);
if (unix_sock_rw_perms) {
if (virStrToLong_i (unix_sock_rw_perms, NULL, 8, &unix_sock_rw_mask) != 0) {
- ERROR(_("Failed to parse mode '%s'"), unix_sock_rw_perms);
+ VIR_ERROR(_("Failed to parse mode '%s'"), unix_sock_rw_perms);
goto free_and_fail;
}
free (unix_sock_rw_perms);
if (godaemon) {
if (qemudGoDaemon() < 0) {
- ERROR(_("Failed to fork as daemon: %s"), strerror(errno));
+ VIR_ERROR(_("Failed to fork as daemon: %s"), strerror(errno));
goto error1;
}
}
qemudSetNonBlock(sigpipe[1]) < 0 ||
qemudSetCloseExec(sigpipe[0]) < 0 ||
qemudSetCloseExec(sigpipe[1]) < 0) {
- ERROR(_("Failed to create pipe: %s"), strerror(errno));
+ VIR_ERROR(_("Failed to create pipe: %s"), strerror(errno));
goto error2;
}
sigwrite = sigpipe[1];
const char *sockdirname = LOCAL_STATE_DIR "/run/libvirt";
if (chown(sockdirname, -1, unix_sock_gid) < 0)
- ERROR(_("Failed to change group ownership of %s"), sockdirname);
+ VIR_ERROR(_("Failed to change group ownership of %s"), sockdirname);
}
if (virEventAddHandleImpl(sigpipe[0],
VIR_EVENT_HANDLE_READABLE,
qemudDispatchSignalEvent,
server, NULL) < 0) {
- ERROR0(_("Failed to register callback for signal pipe"));
+ VIR_ERROR0(_("Failed to register callback for signal pipe"));
ret = 3;
goto error2;
}
REMOTE_DEBUG("Initialize SASL auth %d", client->fd);
if (client->auth != REMOTE_AUTH_SASL ||
client->saslconn != NULL) {
- ERROR0(_("client tried invalid SASL init request"));
+ VIR_ERROR0(_("client tried invalid SASL init request"));
goto authfail;
}
VIR_FREE(localAddr);
VIR_FREE(remoteAddr);
if (err != SASL_OK) {
- ERROR(_("sasl context setup failed %d (%s)"),
- err, sasl_errstring(err, NULL, NULL));
+ VIR_ERROR(_("sasl context setup failed %d (%s)"),
+ err, sasl_errstring(err, NULL, NULL));
client->saslconn = NULL;
goto authfail;
}
cipher = gnutls_cipher_get(client->tlssession);
if (!(ssf = (sasl_ssf_t)gnutls_cipher_get_key_size(cipher))) {
- ERROR0(_("cannot TLS get cipher size"));
+ VIR_ERROR0(_("cannot TLS get cipher size"));
sasl_dispose(&client->saslconn);
client->saslconn = NULL;
goto authfail;
err = sasl_setprop(client->saslconn, SASL_SSF_EXTERNAL, &ssf);
if (err != SASL_OK) {
- ERROR(_("cannot set SASL external SSF %d (%s)"),
- err, sasl_errstring(err, NULL, NULL));
+ VIR_ERROR(_("cannot set SASL external SSF %d (%s)"),
+ err, sasl_errstring(err, NULL, NULL));
sasl_dispose(&client->saslconn);
client->saslconn = NULL;
goto authfail;
err = sasl_setprop(client->saslconn, SASL_SEC_PROPS, &secprops);
if (err != SASL_OK) {
- ERROR(_("cannot set SASL security props %d (%s)"),
- err, sasl_errstring(err, NULL, NULL));
+ VIR_ERROR(_("cannot set SASL security props %d (%s)"),
+ err, sasl_errstring(err, NULL, NULL));
sasl_dispose(&client->saslconn);
client->saslconn = NULL;
goto authfail;
NULL,
NULL);
if (err != SASL_OK) {
- ERROR(_("cannot list SASL mechanisms %d (%s)"),
- err, sasl_errdetail(client->saslconn));
+ VIR_ERROR(_("cannot list SASL mechanisms %d (%s)"),
+ err, sasl_errdetail(client->saslconn));
sasl_dispose(&client->saslconn);
client->saslconn = NULL;
goto authfail;
REMOTE_DEBUG("Available mechanisms for client: '%s'", mechlist);
ret->mechlist = strdup(mechlist);
if (!ret->mechlist) {
- ERROR0(_("cannot allocate mechlist"));
+ VIR_ERROR0(_("cannot allocate mechlist"));
sasl_dispose(&client->saslconn);
client->saslconn = NULL;
goto authfail;
err = sasl_getprop(client->saslconn, SASL_SSF, &val);
if (err != SASL_OK) {
- ERROR(_("cannot query SASL ssf on connection %d (%s)"),
- err, sasl_errstring(err, NULL, NULL));
+ VIR_ERROR(_("cannot query SASL ssf on connection %d (%s)"),
+ err, sasl_errstring(err, NULL, NULL));
remoteDispatchAuthError(rerr);
sasl_dispose(&client->saslconn);
client->saslconn = NULL;
ssf = *(const int *)val;
REMOTE_DEBUG("negotiated an SSF of %d", ssf);
if (ssf < 56) { /* 56 is good for Kerberos */
- ERROR(_("negotiated SSF %d was not strong enough"), ssf);
+ VIR_ERROR(_("negotiated SSF %d was not strong enough"), ssf);
remoteDispatchAuthError(rerr);
sasl_dispose(&client->saslconn);
client->saslconn = NULL;
err = sasl_getprop(client->saslconn, SASL_USERNAME, &val);
if (err != SASL_OK) {
- ERROR(_("cannot query SASL username on connection %d (%s)"),
- err, sasl_errstring(err, NULL, NULL));
+ VIR_ERROR(_("cannot query SASL username on connection %d (%s)"),
+ err, sasl_errstring(err, NULL, NULL));
remoteDispatchAuthError(rerr);
sasl_dispose(&client->saslconn);
client->saslconn = NULL;
return -1;
}
if (val == NULL) {
- ERROR0(_("no client username was found"));
+ VIR_ERROR0(_("no client username was found"));
remoteDispatchAuthError(rerr);
sasl_dispose(&client->saslconn);
client->saslconn = NULL;
client->saslUsername = strdup((const char*)val);
if (client->saslUsername == NULL) {
- ERROR0(_("out of memory copying username"));
+ VIR_ERROR0(_("out of memory copying username"));
remoteDispatchAuthError(rerr);
sasl_dispose(&client->saslconn);
client->saslconn = NULL;
}
/* Denied */
- ERROR(_("SASL client %s not allowed in whitelist"), client->saslUsername);
+ VIR_ERROR(_("SASL client %s not allowed in whitelist"), client->saslUsername);
remoteDispatchAuthError(rerr);
sasl_dispose(&client->saslconn);
client->saslconn = NULL;
REMOTE_DEBUG("Start SASL auth %d", client->fd);
if (client->auth != REMOTE_AUTH_SASL ||
client->saslconn == NULL) {
- ERROR0(_("client tried invalid SASL start request"));
+ VIR_ERROR0(_("client tried invalid SASL start request"));
goto authfail;
}
&serveroutlen);
if (err != SASL_OK &&
err != SASL_CONTINUE) {
- ERROR(_("sasl start failed %d (%s)"),
- err, sasl_errdetail(client->saslconn));
+ VIR_ERROR(_("sasl start failed %d (%s)"),
+ err, sasl_errdetail(client->saslconn));
sasl_dispose(&client->saslconn);
client->saslconn = NULL;
goto authfail;
}
if (serveroutlen > REMOTE_AUTH_SASL_DATA_MAX) {
- ERROR(_("sasl start reply data too long %d"), serveroutlen);
+ VIR_ERROR(_("sasl start reply data too long %d"), serveroutlen);
sasl_dispose(&client->saslconn);
client->saslconn = NULL;
goto authfail;
REMOTE_DEBUG("Step SASL auth %d", client->fd);
if (client->auth != REMOTE_AUTH_SASL ||
client->saslconn == NULL) {
- ERROR0(_("client tried invalid SASL start request"));
+ VIR_ERROR0(_("client tried invalid SASL start request"));
goto authfail;
}
&serveroutlen);
if (err != SASL_OK &&
err != SASL_CONTINUE) {
- ERROR(_("sasl step failed %d (%s)"),
- err, sasl_errdetail(client->saslconn));
+ VIR_ERROR(_("sasl step failed %d (%s)"),
+ err, sasl_errdetail(client->saslconn));
sasl_dispose(&client->saslconn);
client->saslconn = NULL;
goto authfail;
}
if (serveroutlen > REMOTE_AUTH_SASL_DATA_MAX) {
- ERROR(_("sasl step reply data too long %d"),
- serveroutlen);
+ VIR_ERROR(_("sasl step reply data too long %d"),
+ serveroutlen);
sasl_dispose(&client->saslconn);
client->saslconn = NULL;
goto authfail;
void *args ATTRIBUTE_UNUSED,
remote_auth_sasl_init_ret *ret ATTRIBUTE_UNUSED)
{
- ERROR0(_("client tried unsupported SASL init request"));
+ VIR_ERROR0(_("client tried unsupported SASL init request"));
remoteDispatchAuthError(rerr);
return -1;
}
remote_auth_sasl_start_args *args ATTRIBUTE_UNUSED,
remote_auth_sasl_start_ret *ret ATTRIBUTE_UNUSED)
{
- ERROR0(_("client tried unsupported SASL start request"));
+ VIR_ERROR0(_("client tried unsupported SASL start request"));
remoteDispatchAuthError(rerr);
return -1;
}
remote_auth_sasl_step_args *args ATTRIBUTE_UNUSED,
remote_auth_sasl_step_ret *ret ATTRIBUTE_UNUSED)
{
- ERROR0(_("client tried unsupported SASL step request"));
+ VIR_ERROR0(_("client tried unsupported SASL step request"));
remoteDispatchAuthError(rerr);
return -1;
}
REMOTE_DEBUG("Start PolicyKit auth %d", client->fd);
if (client->auth != REMOTE_AUTH_POLKIT) {
- ERROR0(_("client tried invalid PolicyKit init request"));
+ VIR_ERROR0(_("client tried invalid PolicyKit init request"));
goto authfail;
}
if (qemudGetSocketIdentity(client->fd, &callerUid, &callerPid) < 0) {
- ERROR0(_("cannot get peer socket identity"));
+ VIR_ERROR0(_("cannot get peer socket identity"));
goto authfail;
}
- INFO(_("Checking PID %d running as %d"), callerPid, callerUid);
+ VIR_INFO(_("Checking PID %d running as %d"), callerPid, callerUid);
dbus_error_init(&err);
if (!(pkcaller = polkit_caller_new_from_pid(server->sysbus,
callerPid, &err))) {
- ERROR(_("Failed to lookup policy kit caller: %s"), err.message);
+ VIR_ERROR(_("Failed to lookup policy kit caller: %s"), err.message);
dbus_error_free(&err);
goto authfail;
}
if (!(pkaction = polkit_action_new())) {
- ERROR(_("Failed to create polkit action %s\n"), strerror(errno));
+ VIR_ERROR(_("Failed to create polkit action %s\n"), strerror(errno));
polkit_caller_unref(pkcaller);
goto authfail;
}
if (!(pkcontext = polkit_context_new()) ||
!polkit_context_init(pkcontext, &pkerr)) {
- ERROR(_("Failed to create polkit context %s\n"),
- (pkerr ? polkit_error_get_error_message(pkerr)
- : strerror(errno)));
+ VIR_ERROR(_("Failed to create polkit context %s\n"),
+ (pkerr ? polkit_error_get_error_message(pkerr)
+ : strerror(errno)));
if (pkerr)
polkit_error_free(pkerr);
polkit_caller_unref(pkcaller);
0,
&pkerr);
if (pkerr && polkit_error_is_set(pkerr)) {
- ERROR(_("Policy kit failed to check authorization %d %s"),
- polkit_error_get_error_code(pkerr),
- polkit_error_get_error_message(pkerr));
+ VIR_ERROR(_("Policy kit failed to check authorization %d %s"),
+ polkit_error_get_error_code(pkerr),
+ polkit_error_get_error_message(pkerr));
goto authfail;
}
#else
polkit_caller_unref(pkcaller);
polkit_action_unref(pkaction);
if (pkresult != POLKIT_RESULT_YES) {
- ERROR(_("Policy kit denied action %s from pid %d, uid %d, result: %s\n"),
- action, callerPid, callerUid,
- polkit_result_to_string_representation(pkresult));
+ VIR_ERROR(_("Policy kit denied action %s from pid %d, uid %d, result: %s\n"),
+ action, callerPid, callerUid,
+ polkit_result_to_string_representation(pkresult));
goto authfail;
}
- INFO(_("Policy allowed action %s from pid %d, uid %d, result %s"),
+ VIR_INFO(_("Policy allowed action %s from pid %d, uid %d, result %s"),
action, callerPid, callerUid,
polkit_result_to_string_representation(pkresult));
ret->complete = 1;
void *args ATTRIBUTE_UNUSED,
remote_auth_polkit_ret *ret ATTRIBUTE_UNUSED)
{
- ERROR0(_("client tried unsupported PolicyKit init request"));
+ VIR_ERROR0(_("client tried unsupported PolicyKit init request"));
remoteDispatchAuthError(rerr);
return -1;
}
* defined at runtime of from the libvirt daemon configuration file
*/
#ifdef ENABLE_DEBUG
-#define VIR_DEBUG(category, f, l, fmt,...) \
+#define VIR_DEBUG_INT(category, f, l, fmt,...) \
virLogMessage(category, VIR_LOG_DEBUG, f, l, 0, fmt, __VA_ARGS__)
-#define VIR_INFO(category, f, l, fmt,...) \
+#define VIR_INFO_INT(category, f, l, fmt,...) \
virLogMessage(category, VIR_LOG_INFO, f, l, 0, fmt, __VA_ARGS__)
-#define VIR_WARN(category, f, l, fmt,...) \
+#define VIR_WARN_INT(category, f, l, fmt,...) \
virLogMessage(category, VIR_LOG_WARN, f, l, 0, fmt, __VA_ARGS__)
-#define VIR_ERROR(category, f, l, fmt,...) \
+#define VIR_ERROR_INT(category, f, l, fmt,...) \
virLogMessage(category, VIR_LOG_ERROR, f, l, 0, fmt, __VA_ARGS__)
#else
-#define VIR_DEBUG(category, f, l, fmt,...) \
+#define VIR_DEBUG_INT(category, f, l, fmt,...) \
do { } while (0)
-#define VIR_INFO(category, f, l, fmt,...) \
+#define VIR_INFO_INT(category, f, l, fmt,...) \
do { } while (0)
-#define VIR_WARN(category, f, l, fmt,...) \
+#define VIR_WARN_INT(category, f, l, fmt,...) \
do { } while (0)
-#define VIR_ERROR(category, f, l, fmt,...) \
+#define VIR_ERROR_INT(category, f, l, fmt,...) \
do { } while (0)
-#define VIR_INFO(category, fmt,...) \
+#define VIR_INFO_INT(category, fmt,...) \
do { } while (0)
-#define VIR_WARN(category, fmt,...) \
+#define VIR_WARN_INT(category, fmt,...) \
do { } while (0)
-#define VIR_ERROR(category, fmt,...) \
+#define VIR_ERROR_INT(category, fmt,...) \
do { } while (0)
#endif /* !ENABLE_DEBUG */
+#define VIR_DEBUG(fmt,...) \
+ VIR_DEBUG_INT("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
+#define VIR_DEBUG0(msg) \
+ VIR_DEBUG_INT("file." __FILE__, __func__, __LINE__, "%s", msg)
+#define VIR_INFO(fmt,...) \
+ VIR_INFO_INT("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
+#define VIR_INFO0(msg) \
+ VIR_INFO_INT("file." __FILE__, __func__, __LINE__, "%s", msg)
+#define VIR_WARN(fmt,...) \
+ VIR_WARN_INT("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
+#define VIR_WARN0(msg) \
+ VIR_WARN_INT("file." __FILE__, __func__, __LINE__, "%s", msg)
+#define VIR_ERROR(fmt,...) \
+ VIR_ERROR_INT("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
+#define VIR_ERROR0(msg) \
+ VIR_ERROR_INT("file." __FILE__, __func__, __LINE__, "%s", msg)
+
+/* Legacy compat */
#define DEBUG(fmt,...) \
- VIR_DEBUG("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
+ VIR_DEBUG_INT("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
#define DEBUG0(msg) \
- VIR_DEBUG("file." __FILE__, __func__, __LINE__, "%s", msg)
-#define INFO(fmt,...) \
- VIR_INFO("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
-#define INFO0(msg) \
- VIR_INFO("file." __FILE__, __func__, __LINE__, "%s", msg)
-#define WARN(fmt,...) \
- VIR_WARN("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
-#define WARN0(msg) \
- VIR_WARN("file." __FILE__, __func__, __LINE__, "%s", msg)
-#define ERROR(fmt,...) \
- VIR_ERROR("file." __FILE__, __func__, __LINE__, fmt, __VA_ARGS__)
-#define ERROR0(msg) \
- VIR_ERROR("file." __FILE__, __func__, __LINE__, "%s", msg)
-
+ VIR_DEBUG_INT("file." __FILE__, __func__, __LINE__, "%s", msg)
/*
* To be made public
projects / libvirt.git / commitdiff