From: Erik Skultety Date: Wed, 13 Dec 2017 13:39:40 +0000 (+0100) Subject: admin: Use the connection to determine a client is connected readonly X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=a8582e3656d626a0728bbbfb4fd715aa51676522;p=libvirt.git admin: Use the connection to determine a client is connected readonly Prior to this change, we relied solely on the inherited readonly attribute of a service's socket. This only worked for our UNIX sockets (and only to some degree), but doesn't work for TCP sockets which are RW by default, but such connections support RO as well. This patch forces an update on the client object once we have established a connection to reflect the nature of the connection itself rather than relying on the underlying socket's attributes. Clients connected to the admin server have always been connected as RW only. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1524399 Signed-off-by: Erik Skultety --- diff --git a/daemon/remote.c b/daemon/remote.c index c2111ae378..8e99a4d86f 100644 --- a/daemon/remote.c +++ b/daemon/remote.c @@ -1814,6 +1814,11 @@ remoteDispatchConnectOpen(virNetServerPtr server ATTRIBUTE_UNUSED, if (priv->conn == NULL) goto cleanup; + /* force update the @readonly attribute which was inherited from the + * virNetServerService object - this is important for sockets that are RW + * by default, but do accept RO flags, e.g. TCP + */ + virNetServerClientSetReadonly(client, (flags & VIR_CONNECT_RO)); rv = 0; cleanup: diff --git a/src/libvirt_remote.syms b/src/libvirt_remote.syms index 61c20d530b..1c107e1d69 100644 --- a/src/libvirt_remote.syms +++ b/src/libvirt_remote.syms @@ -153,6 +153,7 @@ virNetServerClientSendMessage; virNetServerClientSetAuth; virNetServerClientSetCloseHook; virNetServerClientSetDispatcher; +virNetServerClientSetReadonly; virNetServerClientStartKeepAlive; virNetServerClientWantClose; diff --git a/src/rpc/virnetserverclient.c b/src/rpc/virnetserverclient.c index 6e086b7b4e..f4a2571f55 100644 --- a/src/rpc/virnetserverclient.c +++ b/src/rpc/virnetserverclient.c @@ -638,6 +638,17 @@ bool virNetServerClientGetReadonly(virNetServerClientPtr client) return readonly; } + +void +virNetServerClientSetReadonly(virNetServerClientPtr client, + bool readonly) +{ + virObjectLock(client); + client->readonly = readonly; + virObjectUnlock(client); +} + + unsigned long long virNetServerClientGetID(virNetServerClientPtr client) { return client->id; diff --git a/src/rpc/virnetserverclient.h b/src/rpc/virnetserverclient.h index e45c78882e..2569f93c3b 100644 --- a/src/rpc/virnetserverclient.h +++ b/src/rpc/virnetserverclient.h @@ -81,6 +81,7 @@ void virNetServerClientRemoveFilter(virNetServerClientPtr client, int virNetServerClientGetAuth(virNetServerClientPtr client); void virNetServerClientSetAuth(virNetServerClientPtr client, int auth); bool virNetServerClientGetReadonly(virNetServerClientPtr client); +void virNetServerClientSetReadonly(virNetServerClientPtr client, bool readonly); unsigned long long virNetServerClientGetID(virNetServerClientPtr client); long long virNetServerClientGetTimestamp(virNetServerClientPtr client);