From 282f6724e64787451e69dd0f261c7239fa0e79ac Mon Sep 17 00:00:00 2001
Message-Id: <282f6724e64787451e69dd0f261c7239fa0e79ac@dist-git>
From: Peter Krempa <pkrempa@redhat.com>
Date: Tue, 24 Mar 2020 16:26:07 +0100
Subject: [PATCH] qemuBlockGetBackingStoreString: Properly handle 'http/s' with
cookies and others
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Format cookies into the backing store string without encryption as they
will not be visible on the command line when formatting a 'target' only
string. In cases when cookies or other options are used we must use the
JSON format rather than pure URI.
Add tests to validate the scenario.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 3b06103e695829c4720baaee8286f20568133ebd)
https://bugzilla.redhat.com/show_bug.cgi?id=1804617
Message-Id: <aea5c926b86d5dad7dc78f30f2f0e8d95807e58e.1585063415.git.pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
---
src/qemu/qemu_block.c | 12 ++++++++++-
tests/qemublocktest.c | 2 ++
.../network-http-curlopts-srconly.json | 17 ++++++++++++++++
.../xml2json/network-http-curlopts.json | 15 ++++++++++++++
.../xml2json/network-http-curlopts.xml | 20 +++++++++++++++++++
.../xml2json/network-http-noopts-srconly.json | 9 +++++++++
.../xml2json/network-http-noopts.json | 14 +++++++++++++
.../xml2json/network-http-noopts.xml | 15 ++++++++++++++
8 files changed, 103 insertions(+), 1 deletion(-)
create mode 100644 tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json
create mode 100644 tests/qemublocktestdata/xml2json/network-http-curlopts.json
create mode 100644 tests/qemublocktestdata/xml2json/network-http-curlopts.xml
create mode 100644 tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json
create mode 100644 tests/qemublocktestdata/xml2json/network-http-noopts.json
create mode 100644 tests/qemublocktestdata/xml2json/network-http-noopts.xml
diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
index 1f48f559e3..ba7318b074 100644
--- a/src/qemu/qemu_block.c
+++ b/src/qemu/qemu_block.c
@@ -685,6 +685,7 @@ qemuBlockStorageSourceGetCURLProps(virStorageSourcePtr src,
virJSONValuePtr ret = NULL;
g_autoptr(virURI) uri = NULL;
g_autofree char *uristr = NULL;
+ g_autofree char *cookiestr = NULL;
/**
* Common options:
@@ -714,6 +715,9 @@ qemuBlockStorageSourceGetCURLProps(virStorageSourcePtr src,
if (srcPriv &&
srcPriv->httpcookie)
cookiealias = srcPriv->httpcookie->s.aes.alias;
+ } else {
+ /* format target string along with cookies */
+ cookiestr = qemuBlockStorageSourceGetCookieString(src);
}
ignore_value(virJSONValueObjectCreate(&ret,
@@ -721,6 +725,7 @@ qemuBlockStorageSourceGetCURLProps(virStorageSourcePtr src,
"S:username", username,
"S:password-secret", passwordalias,
"T:sslverify", src->sslverify,
+ "S:cookie", cookiestr,
"S:cookie-secret", cookiealias,
"P:timeout", src->timeout,
"P:readahead", src->readahead,
@@ -2043,7 +2048,12 @@ qemuBlockGetBackingStoreString(virStorageSourcePtr src,
/* generate simplified URIs for the easy cases */
if (actualType == VIR_STORAGE_TYPE_NETWORK &&
src->nhosts == 1 &&
- src->hosts->transport == VIR_STORAGE_NET_HOST_TRANS_TCP) {
+ src->hosts->transport == VIR_STORAGE_NET_HOST_TRANS_TCP &&
+ src->timeout == 0 &&
+ src->ncookies == 0 &&
+ src->sslverify == VIR_TRISTATE_BOOL_ABSENT &&
+ src->timeout == 0 &&
+ src->readahead == 0) {
switch ((virStorageNetProtocol) src->protocol) {
case VIR_STORAGE_NET_PROTOCOL_NBD:
diff --git a/tests/qemublocktest.c b/tests/qemublocktest.c
index cf56c8a983..8b7a50712d 100644
--- a/tests/qemublocktest.c
+++ b/tests/qemublocktest.c
@@ -1212,6 +1212,8 @@ mymain(void)
TEST_DISK_TO_JSON("network-qcow2-backing-chain-cache-unsafe");
TEST_DISK_TO_JSON("dir-fat-cache");
TEST_DISK_TO_JSON("network-nbd-tls");
+ TEST_DISK_TO_JSON("network-http-noopts");
+ TEST_DISK_TO_JSON("network-http-curlopts");
TEST_DISK_TO_JSON("block-raw-noopts");
TEST_DISK_TO_JSON("block-raw-reservations");
diff --git a/tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json b/tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json
new file mode 100644
index 0000000000..f5645ac2a6
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json
@@ -0,0 +1,17 @@
+(
+ source only properties:
+ {
+ "driver": "https",
+ "url": "https://host1.example.com:443/something",
+ "sslverify": false,
+ "cookie": "test=123456; blurb=here"
+ }
+ backing store string:
+ json:{"file":{
+ "driver": "https",
+ "url": "https://host1.example.com:443/something",
+ "sslverify": false,
+ "cookie": "test=123456; blurb=here"
+ }
+ }
+)
diff --git a/tests/qemublocktestdata/xml2json/network-http-curlopts.json b/tests/qemublocktestdata/xml2json/network-http-curlopts.json
new file mode 100644
index 0000000000..08dfd1b300
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-curlopts.json
@@ -0,0 +1,15 @@
+{
+ "node-name": "node-b-f",
+ "read-only": false,
+ "driver": "qcow2",
+ "file": "node-a-s",
+ "backing": null
+}
+{
+ "driver": "https",
+ "url": "https://host1.example.com:443/something",
+ "sslverify": false,
+ "node-name": "node-a-s",
+ "auto-read-only": true,
+ "discard": "unmap"
+}
diff --git a/tests/qemublocktestdata/xml2json/network-http-curlopts.xml b/tests/qemublocktestdata/xml2json/network-http-curlopts.xml
new file mode 100644
index 0000000000..a656247e2e
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-curlopts.xml
@@ -0,0 +1,20 @@
+<disk type='network' device='disk'>
+ <driver name='qemu' type='qcow2'/>
+ <source protocol='https' name='/something'>
+ <host name='host1.example.com'/>
+ <ssl verify='no'/>
+ <cookies>
+ <cookie name='test'>123456</cookie>
+ <cookie name='blurb'>here</cookie>
+ </cookies>
+ <privateData>
+ <nodenames>
+ <nodename type='storage' name='node-a-s'/>
+ <nodename type='format' name='node-b-f'/>
+ </nodenames>
+ </privateData>
+ </source>
+ <backingStore/>
+ <target dev='vda' bus='virtio'/>
+ <alias name='virtio-disk0'/>
+</disk>
diff --git a/tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json b/tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json
new file mode 100644
index 0000000000..1303623036
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json
@@ -0,0 +1,9 @@
+(
+ source only properties:
+ {
+ "driver": "https",
+ "url": "https://host1.example.com:443/something"
+ }
+ backing store string:
+ https://host1.example.com:443/something
+)
diff --git a/tests/qemublocktestdata/xml2json/network-http-noopts.json b/tests/qemublocktestdata/xml2json/network-http-noopts.json
new file mode 100644
index 0000000000..d577858236
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-noopts.json
@@ -0,0 +1,14 @@
+{
+ "node-name": "node-b-f",
+ "read-only": false,
+ "driver": "qcow2",
+ "file": "node-a-s",
+ "backing": null
+}
+{
+ "driver": "https",
+ "url": "https://host1.example.com:443/something",
+ "node-name": "node-a-s",
+ "auto-read-only": true,
+ "discard": "unmap"
+}
diff --git a/tests/qemublocktestdata/xml2json/network-http-noopts.xml b/tests/qemublocktestdata/xml2json/network-http-noopts.xml
new file mode 100644
index 0000000000..f09ff7ba67
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-noopts.xml
@@ -0,0 +1,15 @@
+<disk type='network' device='disk'>
+ <driver name='qemu' type='qcow2'/>
+ <source protocol='https' name='/something'>
+ <host name='host1.example.com'/>
+ <privateData>
+ <nodenames>
+ <nodename type='storage' name='node-a-s'/>
+ <nodename type='format' name='node-b-f'/>
+ </nodenames>
+ </privateData>
+ </source>
+ <backingStore/>
+ <target dev='vda' bus='virtio'/>
+ <alias name='virtio-disk0'/>
+</disk>
--
2.26.0