[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH v2] secret: Alter virSecretGetSecretString



On Thu, May 12, 2016 at 11:43:39 -0400, John Ferlan wrote:
> Rather than returning a "char *" indicating perhaps some sized set of
> characters that is NUL terminated, alter the function to return 0 or -1
> for success/failure and add two parameters to handle returning the
> buffer and it's size.
> 
> The function no longer encodes the returned secret, rather it returns
> the unencoded secret forcing callers to make the necessary adjustments.
> 
> Alter the callers to handle the adjusted model.
> 
> Add a new function virStringBufferIsPrintable to handle checking if
> the plaintext secret that is about to be printed on the command line
> has non-printable characters and cause failure if it does.
> 
> Signed-off-by: John Ferlan <jferlan redhat com>
> ---
> v1: http://www.redhat.com/archives/libvir-list/2016-May/msg00870.html
> 
> Changes since v1:
> 
> libvirt_private.syms, virstring.c, virstring.h:
>  - Introduce virStringBufferIsPrintable.  I could make it a separate patch
>    if so desired.

Yep, 

> 
> libxl_conf.c, qemu_domain.c, qemu_command.c
>  - Use new format of virSecretGetSecretString
>  - Encode the secret after the call now when necessary
>  - Use virStringBufferIsPrintable before printing iSCSI password
> 
> secret_util.c:
>  - Return int instead of uint8_t *
>  - Remove 'encode' parameter
>  - Add parameter "*ret_secret", alloc and return the secret in uint8_t * buf

I've noticed some stuff that could be improved along with this patch but
will cause conflicts. I'll report it along with splitting this into two
and adjusting all the other stuff I've noticed while fixing the
conflicts.

Peter

Attachment: signature.asc
Description: Digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]