Peter Krempa [Thu, 13 Oct 2022 14:22:22 +0000 (16:22 +0200)]
schema: domain: Allow interleave of 'smartcard' subelements
Allow interleave of the top level sub-elements as well as the
subelements in the 'host-certificates' mode. Note that '<interleave>'
doesn't work properly if there's multiple definitions of the same
sub-element in the interleave so for this patch I chose to '<group>' the
'certificate' subelements. Another options would require us to stop
enforcing that there's exactly 3 of them.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Okay, we could make that error message better, but that's not the
point. Since this error originated while generating cmd line
(the caller is qemuProcessStart(), transitively), the cleanup
after failed start is performed (qemuProcessStop()). Here,
virNetDevMacVLanDeleteWithVPortProfile() is called which removes
the macvtap interface we did not create (as it made us fail in
the first place).
Therefore, we need to track which macvtap/macvlan interface was
created successfully and remove only those.
You'll notice that only qemuProcessStop() has the new check. For
the (failed) hotplug case (qemuDomainAttachNetDevice()) this
function is already in place (the @iface_connected variable), or
not needed (qemuDomainRemoveNetDevice() - we're removing an
interface that was already attached to QEMU).
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2166235 Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
conf: Format and parse private data for virDomainNetDef
The virDomainNetDef struct has privateData (which is currently
used by QEMU driver to store FDs opened during cmd line building
phase and pass them onto cmd line).
Soon, we will need to store additional information that needs to
survive daemon restart. Let's introduce machinery for parsing and
formatting privateData.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
virnetdevmacvlan: Drop G_GNUC_WARN_UNUSED_RESULT annotation for virNetDevMacVLanDeleteWithVPortProfile()
Every single caller of the
virNetDevMacVLanDeleteWithVPortProfile() function is calling it
wrapped inside of ignore_value() macro. This is because the
function is annotated as G_GNUC_WARN_UNUSED_RESULT. This makes no
sense. Drop the annotation and the macro envelope.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
While it's true that the virDomainNetVhostuserMode enum is used
solely in virDomainNetDefParseXML(), its placement just above the
function is rather unfortunate. Let's put it at the beginning of
the file with the rest of the enum declarations/implementations.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Tue, 31 Jan 2023 14:25:57 +0000 (15:25 +0100)]
qemu: fd: Add helpers allowing storing FD set data in status XML
Rollback of FD sets passed to qemu is also needed after possible restart
of libvirtd when we need to serialize the data into status XML. For this
purpose we need to access the fdset ID once it was passed to qemu and
potentially re-create a 'qemuFDPass' struct in passed state.
Introduce 'qemuFDPassNewPassed' and 'qemuFDPassIsPassed'.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Peter Krempa [Tue, 31 Jan 2023 13:37:40 +0000 (14:37 +0100)]
qemu: command: Handle FD passing commandline via qemuBuildBlockStorageSourceAttachDataCommandline
Copy the pointer to qemuFDPass into struct qemuBlockStorageSourceAttachData
so that it can be used from qemuBuildBlockStorageSourceAttachDataCommandline
rather than looping again in qemuBuildDiskSourceCommandLineFDs.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Peter Krempa [Thu, 8 Dec 2022 10:19:23 +0000 (11:19 +0100)]
virStorageBackendISCSISetAuth: Refactor cleanup
Automatically free 'conn' and remove the 'cleanup' section and 'ret'
variable. 'datatypes.h' contains the declaration of the autoptr cleanup
function for virConnect.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Tue, 31 Jan 2023 16:35:55 +0000 (17:35 +0100)]
virDomainNetDefFormat: Simplify @sourceAttrBuf handling for some types of VIR_DOMAIN_NET
For VIR_DOMAIN_NET_TYPE_{SERVER,CLIENT,MCAST,UDP} we need to put
(optionally) 'address' attribute and 'port' attributes of
<source/> element. But the way we currently do that is
particularly verbose. It can be shortened using
virBufferEscapeString().
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
The <guest/> child element of <interface/> is formatted the old
way. Switch to virXMLFormatElement(). Since this element is used
in LXC driver, this part of the function is tested by
lxcxml2xmltest (specifically lxc-ethernet* test cases).
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Michal Privoznik [Tue, 31 Jan 2023 15:23:58 +0000 (16:23 +0100)]
virDomainNetDefFormat: Rename @attrBuf to @targetAttrBuf
The @attrBuf variable in virDomainNetDefFormat() is named too
broadly. It holds attribute buffer to the <target/> element.
Rename it to @targetAttrBuf then.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Michal Privoznik [Tue, 31 Jan 2023 09:57:21 +0000 (10:57 +0100)]
qemuxml2xmloutdata: Turn net-mtu.xml into a symlink
There's nothing specific about net-mtu test. In fact, if device
addresses are filled in (and some elements reordered), we get the
same XML. Make those changes to the input XML and turn the output
XML to be a symlink.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Jiri Denemark [Thu, 26 Jan 2023 15:54:06 +0000 (16:54 +0100)]
remote: Fix memory leak in remoteDomainMigrateFinish3*
Theoretically, when remoteDomainMigrateFinish3* is called without a
pointer for storing migration cookie or its length (i.e., either
cookieout == NULL or cookieoutlen == NULL), we would leak the freshly
created virDomain object referenced by rv.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
Michal Privoznik [Mon, 30 Jan 2023 09:55:22 +0000 (10:55 +0100)]
virsh: Make domif-setlink work more than once
In virsh, we have this convenient domif-setlink command, which is
just a wrapper over virDomainUpdateDeviceFlags() and which allows
setting link state of given guest NIC. It does so by fetching
corresponding <interface/> XML snippet and either putting <link
state=''/> into it, OR if the element already exists setting the
attribute to desired value. The XML is then fed into the update
API.
There's, however, a small bug in detecting the pre-existence of
the element and its attribute. The code looks at "link"
attribute, while in fact, the attribute is called "state".
Resolves: https://gitlab.com/libvirt/libvirt/-/issues/426 Fixes: e575bf082ed4889280be07c986375f1ca15bb7ee Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Michal Privoznik [Thu, 26 Jan 2023 15:48:50 +0000 (16:48 +0100)]
rpc: Use struct zero initializer for args
In a recent commit of v9.0.0-104-g0211e430a8 I've turned all args
vars in src/remote/remote_driver.c to be initialized wit {0}.
What I've missed was the generated code.
qemu: Enable iTCO watchdog by disabling its noreboot pin strap
In order for the iTCO watchdog to be operational we must disable the
noreboot pin strap in qemu. This is the default starting from 8.0
machine types, but desirable for older ones as well. And we can safely
do that since that is not guest-visible.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
This is already possible with qemu, and actually already happening with
q35 machines and a specified watchdog since q35 already includes a
watchdog we do not include in the XML. In order to express such
posibility multiple watchdogs need to be supported.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Jiri Denemark [Wed, 25 Jan 2023 10:56:28 +0000 (11:56 +0100)]
remote: Propagate error from virDomainGetSecurityLabelList via RPC
The daemon side of this API has been broken ever since the API was
introduced in 2012. Instead of sending the error from
virDomainGetSecurityLabelList via RPC so that the client can see it, the
dispatcher would just send a successful reply with return value set to
-1 (and an empty array of labels). The client side would propagate this
return value so the client can see the API failed, but the original
error would be lost.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Michal Privoznik [Thu, 26 Jan 2023 12:19:31 +0000 (13:19 +0100)]
remote: Initialize args variable
Recently, in v9.0.0-7-gb2034bb04c we've dropped initialization of
@args variable. The reasoning was that eventually, all members of
the variable will be set. Well, this is not correct. For
instance, in remoteConnectGetAllDomainStats() the
args.doms.doms_val pointer is set iff @ndoms != 0. However,
regardless of that, the pointer is then passed to VIR_FREE().
Worse, the whole args is passed to
xdr_remote_connect_get_all_domain_stats_args() which then calls
xdr_array, which tests the (uninitialized) pointer against NULL.
Michal Privoznik [Thu, 26 Jan 2023 10:56:10 +0000 (11:56 +0100)]
qemu_domain: Don't unref NULL hash table in qemuDomainRefreshStatsSchema()
The g_hash_table_unref() function does not accept NULL. Passing
NULL results in a glib warning being triggered. Check whether the
hash table is not NULL and unref it only then.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
zhenwei pi [Tue, 17 Jan 2023 01:46:53 +0000 (09:46 +0800)]
qemu: command: support crypto device
Support virtio-crypto device, also support cryptodev types:
- builtin
- lkcf
Finally, we can launch a VM(QEMU) with one or more crypto devices by
libvirt.
Signed-off-by: zhenwei pi <pizhenwei@bytedance.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
zhenwei pi [Tue, 17 Jan 2023 01:46:51 +0000 (09:46 +0800)]
capabilities: introduce crypto device
Changes in this commit:
- docs: formatdomaincaps.rst
- conf: crypto related domain caps
- qemu: crypto related
- tests: crypto related test
Signed-off-by: zhenwei pi <pizhenwei@bytedance.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Currently, crypto model supports virtio only, type supports qemu only
(vhost-user in the plan). For the qemu type, backend supports modle
builtin/lkcf, and the queues is optional.
Changes in this commit:
- docs: formatdomain.rst
- schemas: domaincommon.rng
- conf: crypto related domain conf
- qemu: crypto related
- tests: crypto related test
Signed-off-by: zhenwei pi <pizhenwei@bytedance.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
tests: add QEMU RISC-V "virt" machine in domaincapstest
'domaincapstest' is currently skipping RISC-V tests. Let's enable it.
The decision of enabling the "virt" machine is based on the idea that
this is the most used QEMU RISC-V machine in the community and it's the
most likely to be widely supported in the long run.
Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
There are tests in qemuxml2argvtest that will fail if we enable RISC-V
testing, with an error like the following:
"cpuGetSubDriver:64 : this function is not supported by the connection
driver: 'riscv64' architecture is not supp orted by CPU driver"
This happens because we don't have a RISC-V driver yet.
Add a barebone RISC-V driver to allow tests to be executed. The only 2
callbacks implemented here are 'compare' and 'validateFeatures', both
acting as a no-op. More callbacks and features will be added in the
future.
Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
rpc: Fix error message in virNetServerSetClientLimits
Commit f007940cb25a tried to change the error message so that it is unified
later in 35afa1d2d6c1, but various rewrites missed this particular error message
which does not make sense. Fix it so that it is the same as the other two
messages checking the same thing in this file.
Peter Krempa [Thu, 19 Jan 2023 14:06:11 +0000 (15:06 +0100)]
qemu: hotplug: Remove legacy quirk for 'dimm' address generation
Commit b7798a07f93 (in fall of 2016) changed the way we generate aliases
for 'dimm' memory devices as the alias itself is part of the migration
stream section naming and thus must be treated as ABI.
The code added compatibility layer for VMs with memory hotplug started
with the old scheme to prevent from generating wrong aliases. The
compatibility layer broke though later when 'nvdimm' and 'pmem' devices
were introduced as it wrongly detected them as old configuration.
Now rather than attempting to fix the legacy compat layer to treat other
devices properly we'll be better off simply removing it as it's
extremely unlikely that somebody has a VM started in 2016 running with
today's libvirt and attempts to hotplug more memory.
This fixes a corner case when a user hot-adds a 'dimm' into a VM with a
'dimm' and a 'nvdimm' after restart of libvirtd and then attempts to
migrate the VM.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2158701 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
'sess->authPath' is modified before locking the 'sess' object.
Additionally on failure of 'virAuthGetConfigFilePathURI' 'sess' would be
unlocked even when it was not yet locked.
Fixes: 6917467c2b0e8f655999f3e568708c4651811689 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
'sess->authPath' is modified before locking the 'sess' object.
Additionally on failure of 'virAuthGetConfigFilePathURI' 'sess' would be
unlocked even when it was not yet locked.
Fixes: 273745b43122a77adf8c73b2e0a852ac42387349 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Michal Privoznik [Sat, 21 Jan 2023 11:11:08 +0000 (12:11 +0100)]
vbox: Stop reporting RC in error messages
As shown in the commit that introduced vboxReportError(), we are
appending the retval of a failed VirtualBox API onto our error
messages. Well, this is no longer needed because
vboxReportError() already appends the VirtualBox error in plain
text.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Sat, 21 Jan 2023 10:07:31 +0000 (11:07 +0100)]
vbox: Move error messages onto a single line
Our coding style suggests error messages to be on a single line
for easier git grep. Since I'm touching them anyways, let's make
them follow our own suggestion.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Fri, 20 Jan 2023 12:59:55 +0000 (13:59 +0100)]
vbox: Replace virReportError() with vboxReportError()
Now that we have vboxReportError() which reports VirtualBox
errors too, we can switch the code to use the former. And since
the vboxReportError() is designed to behave exactly like
virReportError() we can do that almost everywhere, regardless of
the source of the error.
There are a few exceptions though, for instance, when
initializing VirtualBox SDK (we don't have all the objects needed
for querying exceptions yet), or when invalid combination of
arguments was passed to an API of ours, or when a function from
other module (e.g. src/conf/) failed.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Thu, 19 Jan 2023 16:34:12 +0000 (17:34 +0100)]
vbox: Introduce vboxReportError()
When a VirtualBox API fails it produced an exception. Until now,
we did not have correct APIs wired up to get the exception and
its error message. Thus, we were left with plain:
virReportError("virtualbox API failed, rc=%08x", rc);
This is not very user friendly because those rc values are hard
to parse (e.g. some values are defined as a sum of a base value
and some other value) and also it expects users to know where to
look.
But now that we have all machinery needed for querying
exceptions, vboxReportError() can be introduced. The aim is to
query VirtualBox exceptions and append them after the error
message we intent to report. If the exception can't be queried
successfully, this behaves exactly like virReportError().
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
The ClearException() method clears the latest exception inside of
VirtualBox. This needed because obtaining an exception via
GetException() does not clear it.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Thu, 19 Jan 2023 16:34:04 +0000 (17:34 +0100)]
vbox: Introduce vboxUniformedPFN::GetException()
The GetException() method can be used to obtain the latest
exception that occurred in VirtualBox. Calling the method does
not reset the exception though. For that we'll need to call
another method (introduced in following commit).
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Fri, 20 Jan 2023 07:59:40 +0000 (08:59 +0100)]
vbox: Introduce IVirtualBoxErrorInfo interface
The IVirtualBoxErrorInfo interface allows us to query error
messages from VirtualBox. Since VirtualBox has stacked errors we
need the GetNext() method too.
The odd one, that sticks out is GetIID() as it is not part of the
interface as defined by VirtualBox header files. BUT, we need to
get the interface UUID (which MAY change across each release) so
that it can be passed to VBOX_QUERY_INTERFACE() introduced
earlier.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Fri, 20 Jan 2023 10:20:20 +0000 (11:20 +0100)]
vbox: Introduce VBOX_QUERY_INTERFACE()
So far we haven't needed to use a different interface for objects
we are working with. We were happy with calling their respective
vtbl callbacks. Well, this will change soon as we will query an
exception (type of nsIException) but will need to promote it to
IVirtualBoxErrorInfo class. This promoting is done by
QueryInterface() callback which accepts 3 arguments: the original
object, ID of the new interface and address where to store the
promoted object.
As this is very basic operation, available to every object, it is
part of the ISupports interface among with other goodies like
AddRef() and Release().
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Wed, 18 Jan 2023 14:37:22 +0000 (15:37 +0100)]
vbox: Add support for version 7.0 SDK
As advertised in previous commit that added the SDK header file,
there were some changes to the API:
1) IVirtualBox::OpenMachine() and IVirtualBox::CreateMachine()
now have @password argument to deal with password protected
settings files. Well, we don't have that wired now (and we
don't create such files). If we ever want to support user
settings files that are password protected (e.g. via
virSecret) we can wire this argument. For now, just pass NULL.
2) IMachine::GetAudioAdapter() is gone. But it can be replaced
with IMachine::GetAudioSettings() + IMachine::GetAdapter()
combo.
Resolves: https://gitlab.com/libvirt/libvirt/-/issues/419 Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Thu, 19 Jan 2023 09:00:45 +0000 (10:00 +0100)]
vbox: Rename #include guard macro in header files
To avoid including a header file more than once, either:
#pragma once
can be used, or the older trick (that vbox still uses):
#ifndef MACRO
# define MACRO
Well, vbox still uses the latter and in its 7.0 release the macro
was renamed from ___VirtualBox_CXPCOM_h to ___VirtualBox_CAPI_h.
Now, ideally, we wouldn't touch those header files for older
versions, but we need to use the same macro across all header
files (because vbox_tmpl.c includes corresponding vbox_CAPI_XXX.h
and then includes vbox_XPCOMCGlue.h which in turn includes
vbox_CAPI_v6_1.h to get the basic typedefs).
Instead of changing the newer 7.0 header file (and having to
change all subsequent versions), let's change the old ones and as
we drop support for them, we can forget this ever happened.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Sun, 22 Jan 2023 12:01:41 +0000 (13:01 +0100)]
vbox: Drop @data and @name from UIHost::CreateHostOnlyNetworkInterface()
The @data and @name arguments of
UIHost::CreateHostOnlyNetworkInterface() callback are unused.
Drop them and also their propagation from parent functions.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Sun, 22 Jan 2023 11:26:26 +0000 (12:26 +0100)]
vbox: Drop misleading G_GNUC_UNUSED annotation
There are few cases where a function argument is marked as
unused, but it's used later in the function. The majority of such
occurrences are in vbox_tmpl.c as a residue of older vbox
versions, but a pair was found in vbox_common.c too.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
network: Increase max route size when checking IPv6 forwarding
In d9ee51e, virNetDevIPCheckIPv6Forwarding was updated to walk the
contents of /proc/net/ipv6_route so that it could check to see if the
RTF_ADDRCONF was set on any IPv6 routes to ultimately determine if
enabling forwarding would result in an error due to accept_ra=1 being
set on the interface.
The implementation added in that commit limited the number of routes
that could be read from /proc/net/ipv6_route to 100_000, each with 150
characters. This is problematic for machines that have a full IPv6
routing table, as the IPv6 routing table has now grown to over 160_000
(it was closer to 100_000 at the time of that commit).
This patch increases the maximum route size from 100_000 to 1_000_000.
While a million routes is somewhat arbitrary, it's meant to be a value
that can be supported for the forseeable future. APNIC, one of the five
regional internet registries, recently published a forecast of IPv6
table growth which anticipates a worst-case growth to 1_000_000 in
January of 2029.
Signed-off-by: Brooks Swinnerton <bswinnerton@gmail.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Shaleen Bathla [Tue, 17 Jan 2023 09:22:13 +0000 (14:52 +0530)]
qemuProcessEventSubmit : Unref event->vm instead of vm
In error case, unref event->vm instead of vm. This makes it
easier for the reader to understand as it is the event struct
that's holding the reference.
Signed-off-by: Shaleen Bathla <shaleen.bathla@oracle.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Laine Stump [Wed, 18 Jan 2023 14:07:53 +0000 (09:07 -0500)]
docs: fix passt example
Somehow the example I neglected to fully update the example for the
interface passt backend when the design changed during
development. This fixes the example to reflect what is in the code.
Signed-off-by: Laine Stump <laine@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Thu, 8 Dec 2022 15:24:19 +0000 (16:24 +0100)]
virNetLibsshAuthenticatePassword: Use virAuthAskPassword instead of virAuthGetPasswordPath
virAuthGetPasswordPath can return the same password over and over if
it's configured in the config. We rather want to try that only the first
time and then ask the user instead.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Jonathon Jongsma <jjongsma@redhat.com>
Peter Krempa [Thu, 8 Dec 2022 14:55:53 +0000 (15:55 +0100)]
util: auth: Introduce virAuthAskCredential
The helper uses the user-provided auth callbacks to ask the user. The
helper encapsulates the steps we do to query the user in few places into
a common helper which can be then used further.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Jonathon Jongsma <jjongsma@redhat.com>
Peter Krempa [Thu, 8 Dec 2022 14:18:54 +0000 (15:18 +0100)]
virnetsshsession: Pass in username via virNetSSHSessionNew rather than auth functions
We only ever allow one username so there's no point passing it to each
authentication registration function. Additionally the only caller
(virNetClientNewLibSSH2) always passes a username so all the checks were
pointless.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Jonathon Jongsma <jjongsma@redhat.com>
projects / libvirt.git / log