From 282f6724e64787451e69dd0f261c7239fa0e79ac Mon Sep 17 00:00:00 2001 Message-Id: <282f6724e64787451e69dd0f261c7239fa0e79ac@dist-git> From: Peter Krempa Date: Tue, 24 Mar 2020 16:26:07 +0100 Subject: [PATCH] qemuBlockGetBackingStoreString: Properly handle 'http/s' with cookies and others MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Format cookies into the backing store string without encryption as they will not be visible on the command line when formatting a 'target' only string. In cases when cookies or other options are used we must use the JSON format rather than pure URI. Add tests to validate the scenario. Signed-off-by: Peter Krempa Reviewed-by: Michal Privoznik (cherry picked from commit 3b06103e695829c4720baaee8286f20568133ebd) https://bugzilla.redhat.com/show_bug.cgi?id=1804617 Message-Id: Reviewed-by: Ján Tomko --- src/qemu/qemu_block.c | 12 ++++++++++- tests/qemublocktest.c | 2 ++ .../network-http-curlopts-srconly.json | 17 ++++++++++++++++ .../xml2json/network-http-curlopts.json | 15 ++++++++++++++ .../xml2json/network-http-curlopts.xml | 20 +++++++++++++++++++ .../xml2json/network-http-noopts-srconly.json | 9 +++++++++ .../xml2json/network-http-noopts.json | 14 +++++++++++++ .../xml2json/network-http-noopts.xml | 15 ++++++++++++++ 8 files changed, 103 insertions(+), 1 deletion(-) create mode 100644 tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json create mode 100644 tests/qemublocktestdata/xml2json/network-http-curlopts.json create mode 100644 tests/qemublocktestdata/xml2json/network-http-curlopts.xml create mode 100644 tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json create mode 100644 tests/qemublocktestdata/xml2json/network-http-noopts.json create mode 100644 tests/qemublocktestdata/xml2json/network-http-noopts.xml diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c index 1f48f559e3..ba7318b074 100644 --- a/src/qemu/qemu_block.c +++ b/src/qemu/qemu_block.c @@ -685,6 +685,7 @@ qemuBlockStorageSourceGetCURLProps(virStorageSourcePtr src, virJSONValuePtr ret = NULL; g_autoptr(virURI) uri = NULL; g_autofree char *uristr = NULL; + g_autofree char *cookiestr = NULL; /** * Common options: @@ -714,6 +715,9 @@ qemuBlockStorageSourceGetCURLProps(virStorageSourcePtr src, if (srcPriv && srcPriv->httpcookie) cookiealias = srcPriv->httpcookie->s.aes.alias; + } else { + /* format target string along with cookies */ + cookiestr = qemuBlockStorageSourceGetCookieString(src); } ignore_value(virJSONValueObjectCreate(&ret, @@ -721,6 +725,7 @@ qemuBlockStorageSourceGetCURLProps(virStorageSourcePtr src, "S:username", username, "S:password-secret", passwordalias, "T:sslverify", src->sslverify, + "S:cookie", cookiestr, "S:cookie-secret", cookiealias, "P:timeout", src->timeout, "P:readahead", src->readahead, @@ -2043,7 +2048,12 @@ qemuBlockGetBackingStoreString(virStorageSourcePtr src, /* generate simplified URIs for the easy cases */ if (actualType == VIR_STORAGE_TYPE_NETWORK && src->nhosts == 1 && - src->hosts->transport == VIR_STORAGE_NET_HOST_TRANS_TCP) { + src->hosts->transport == VIR_STORAGE_NET_HOST_TRANS_TCP && + src->timeout == 0 && + src->ncookies == 0 && + src->sslverify == VIR_TRISTATE_BOOL_ABSENT && + src->timeout == 0 && + src->readahead == 0) { switch ((virStorageNetProtocol) src->protocol) { case VIR_STORAGE_NET_PROTOCOL_NBD: diff --git a/tests/qemublocktest.c b/tests/qemublocktest.c index cf56c8a983..8b7a50712d 100644 --- a/tests/qemublocktest.c +++ b/tests/qemublocktest.c @@ -1212,6 +1212,8 @@ mymain(void) TEST_DISK_TO_JSON("network-qcow2-backing-chain-cache-unsafe"); TEST_DISK_TO_JSON("dir-fat-cache"); TEST_DISK_TO_JSON("network-nbd-tls"); + TEST_DISK_TO_JSON("network-http-noopts"); + TEST_DISK_TO_JSON("network-http-curlopts"); TEST_DISK_TO_JSON("block-raw-noopts"); TEST_DISK_TO_JSON("block-raw-reservations"); diff --git a/tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json b/tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json new file mode 100644 index 0000000000..f5645ac2a6 --- /dev/null +++ b/tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json @@ -0,0 +1,17 @@ +( + source only properties: + { + "driver": "https", + "url": "https://host1.example.com:443/something", + "sslverify": false, + "cookie": "test=123456; blurb=here" + } + backing store string: + json:{"file":{ + "driver": "https", + "url": "https://host1.example.com:443/something", + "sslverify": false, + "cookie": "test=123456; blurb=here" + } + } +) diff --git a/tests/qemublocktestdata/xml2json/network-http-curlopts.json b/tests/qemublocktestdata/xml2json/network-http-curlopts.json new file mode 100644 index 0000000000..08dfd1b300 --- /dev/null +++ b/tests/qemublocktestdata/xml2json/network-http-curlopts.json @@ -0,0 +1,15 @@ +{ + "node-name": "node-b-f", + "read-only": false, + "driver": "qcow2", + "file": "node-a-s", + "backing": null +} +{ + "driver": "https", + "url": "https://host1.example.com:443/something", + "sslverify": false, + "node-name": "node-a-s", + "auto-read-only": true, + "discard": "unmap" +} diff --git a/tests/qemublocktestdata/xml2json/network-http-curlopts.xml b/tests/qemublocktestdata/xml2json/network-http-curlopts.xml new file mode 100644 index 0000000000..a656247e2e --- /dev/null +++ b/tests/qemublocktestdata/xml2json/network-http-curlopts.xml @@ -0,0 +1,20 @@ + + + + + + + 123456 + here + + + + + + + + + + + + diff --git a/tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json b/tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json new file mode 100644 index 0000000000..1303623036 --- /dev/null +++ b/tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json @@ -0,0 +1,9 @@ +( + source only properties: + { + "driver": "https", + "url": "https://host1.example.com:443/something" + } + backing store string: + https://host1.example.com:443/something +) diff --git a/tests/qemublocktestdata/xml2json/network-http-noopts.json b/tests/qemublocktestdata/xml2json/network-http-noopts.json new file mode 100644 index 0000000000..d577858236 --- /dev/null +++ b/tests/qemublocktestdata/xml2json/network-http-noopts.json @@ -0,0 +1,14 @@ +{ + "node-name": "node-b-f", + "read-only": false, + "driver": "qcow2", + "file": "node-a-s", + "backing": null +} +{ + "driver": "https", + "url": "https://host1.example.com:443/something", + "node-name": "node-a-s", + "auto-read-only": true, + "discard": "unmap" +} diff --git a/tests/qemublocktestdata/xml2json/network-http-noopts.xml b/tests/qemublocktestdata/xml2json/network-http-noopts.xml new file mode 100644 index 0000000000..f09ff7ba67 --- /dev/null +++ b/tests/qemublocktestdata/xml2json/network-http-noopts.xml @@ -0,0 +1,15 @@ + + + + + + + + + + + + + + + -- 2.26.0