admin: Use the connection to determine a client is connected readonly

Prior to this change, we relied solely on the inherited readonly
attribute of a service's socket. This only worked for our UNIX sockets
(and only to some degree), but doesn't work for TCP sockets which are RW
by default, but such connections support RO as well. This patch forces
an update on the client object once we have established a connection to
reflect the nature of the connection itself rather than relying on the
underlying socket's attributes.
Clients connected to the admin server have always been connected as RW
only.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1524399
Signed-off-by: Erik Skultety <eskultet@redhat.com>

diff --git a/daemon/remote.c b/daemon/remote.c
index c2111ae378a266db19639097f2b6853a5d006806..8e99a4d86fd6c0f10b1c127e8ce2678ee3016264 100644 (file)
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -1814,6 +1814,11 @@ remoteDispatchConnectOpen(virNetServerPtr server ATTRIBUTE_UNUSED,
     if (priv->conn == NULL)
         goto cleanup;
 
+    /* force update the @readonly attribute which was inherited from the
+     * virNetServerService object - this is important for sockets that are RW
+     * by default, but do accept RO flags, e.g. TCP
+     */
+    virNetServerClientSetReadonly(client, (flags & VIR_CONNECT_RO));
     rv = 0;
 
  cleanup:

diff --git a/src/libvirt_remote.syms b/src/libvirt_remote.syms
index 61c20d530bc82996a17c0ceca4f503f4bfc91f5d..1c107e1d69aa2f09ecb2bbafdb5c281cd06e8a9d 100644 (file)
--- a/src/libvirt_remote.syms
+++ b/src/libvirt_remote.syms
@@ -153,6 +153,7 @@ virNetServerClientSendMessage;
 virNetServerClientSetAuth;
 virNetServerClientSetCloseHook;
 virNetServerClientSetDispatcher;
+virNetServerClientSetReadonly;
 virNetServerClientStartKeepAlive;
 virNetServerClientWantClose;
 

diff --git a/src/rpc/virnetserverclient.c b/src/rpc/virnetserverclient.c
index 6e086b7b4e2b26ba7386cf86e6e33ea483ecf318..f4a2571f55c51198263465098dc1780bcd05f775 100644 (file)
--- a/src/rpc/virnetserverclient.c
+++ b/src/rpc/virnetserverclient.c
@@ -638,6 +638,17 @@ bool virNetServerClientGetReadonly(virNetServerClientPtr client)
     return readonly;
 }
 
+
+void
+virNetServerClientSetReadonly(virNetServerClientPtr client,
+                              bool readonly)
+{
+    virObjectLock(client);
+    client->readonly = readonly;
+    virObjectUnlock(client);
+}
+
+
 unsigned long long virNetServerClientGetID(virNetServerClientPtr client)
 {
     return client->id;

diff --git a/src/rpc/virnetserverclient.h b/src/rpc/virnetserverclient.h
index e45c78882ef72be3312fa207f7f9218233005e5a..2569f93c3b52b07e63522eb27631de9b3ef22c6c 100644 (file)
--- a/src/rpc/virnetserverclient.h
+++ b/src/rpc/virnetserverclient.h
@@ -81,6 +81,7 @@ void virNetServerClientRemoveFilter(virNetServerClientPtr client,
 int virNetServerClientGetAuth(virNetServerClientPtr client);
 void virNetServerClientSetAuth(virNetServerClientPtr client, int auth);
 bool virNetServerClientGetReadonly(virNetServerClientPtr client);
+void virNetServerClientSetReadonly(virNetServerClientPtr client, bool readonly);
 unsigned long long virNetServerClientGetID(virNetServerClientPtr client);
 long long virNetServerClientGetTimestamp(virNetServerClientPtr client);