[libvirt] [PATCH v2 1/2] NSS: Add explicit check to not report expired lease
Michal Privoznik
mprivozn at redhat.com
Mon Oct 3 07:49:54 UTC 2016
On 30.09.2016 17:11, Nehal J Wani wrote:
> The NSS module shouldn't rely on custom leases database to not have
> entries for leases which have expired.
>
> Change-Id: Ic3e043003d33ded0da74696a1d27ed4967ddbfb8
Oh, is this a result of some git hook script?
> ---
> tools/nss/libvirt_nss.c | 18 ++++++++++++++++++
> 1 file changed, 18 insertions(+)
>
> diff --git a/tools/nss/libvirt_nss.c b/tools/nss/libvirt_nss.c
> index 54c4a2a..cb3edf5 100644
> --- a/tools/nss/libvirt_nss.c
> +++ b/tools/nss/libvirt_nss.c
> @@ -42,6 +42,7 @@
> #include "virlease.h"
> #include "viralloc.h"
> #include "virfile.h"
> +#include "virtime.h"
> #include "virerror.h"
> #include "virstring.h"
> #include "virsocketaddr.h"
> @@ -114,6 +115,8 @@ findLease(const char *name,
> ssize_t i, nleases;
> leaseAddress *tmpAddress = NULL;
> size_t ntmpAddress = 0;
> + time_t currtime;
> + long long expirytime;
>
> *address = NULL;
> *naddress = 0;
> @@ -161,6 +164,11 @@ findLease(const char *name,
> nleases = virJSONValueArraySize(leases_array);
> DEBUG("Read %zd leases", nleases);
>
> + if ((currtime = time(NULL)) == (time_t) - 1) {
> + ERROR("Failed to get current system time");
> + goto cleanup;
> + }
> +
> for (i = 0; i < nleases; i++) {
> virJSONValuePtr lease;
> const char *lease_name;
> @@ -181,6 +189,16 @@ findLease(const char *name,
> if (STRNEQ_NULLABLE(name, lease_name))
> continue;
>
> + if (virJSONValueObjectGetNumberLong(lease, "expiry-time", &expirytime) < 0) {
> + /* A lease cannot be present without expiry-time */
> + ERROR("expiry-time field missing for %s", name);
> + goto cleanup;
> + }
> +
> + /* Do not report expired lease */
> + if (expirytime < (long long) currtime)
I am putting here a debug message (which is no-op unless enabled) as it
might help me in debugging in the future.
> + continue;
> +
> DEBUG("Found record for %s", lease_name);
> *found = true;
>
>
ACK
Michal
More information about the libvir-list
mailing list