[PATCH 13/14] qemuBlockGetBackingStoreString: Properly handle 'http/s' with cookies and others

Mon, 23 Mar 2020 11:13:50 -0700 

Format cookies into the backing store string without encryption as they
will not be visible on the command line when formatting a 'target' only
string. In cases when cookies or other options are used we must use the
JSON format rather than pure URI.

Add tests to validate the scenario.

Signed-off-by: Peter Krempa <pkre...@redhat.com>
---
 src/qemu/qemu_block.c                         | 12 ++++++++++-
 tests/qemublocktest.c                         |  2 ++
 .../network-http-curlopts-srconly.json        | 17 ++++++++++++++++
 .../xml2json/network-http-curlopts.json       | 15 ++++++++++++++
 .../xml2json/network-http-curlopts.xml        | 20 +++++++++++++++++++
 .../xml2json/network-http-noopts-srconly.json |  9 +++++++++
 .../xml2json/network-http-noopts.json         | 14 +++++++++++++
 .../xml2json/network-http-noopts.xml          | 15 ++++++++++++++
 8 files changed, 103 insertions(+), 1 deletion(-)
 create mode 100644 
tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json
 create mode 100644 tests/qemublocktestdata/xml2json/network-http-curlopts.json
 create mode 100644 tests/qemublocktestdata/xml2json/network-http-curlopts.xml
 create mode 100644 
tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json
 create mode 100644 tests/qemublocktestdata/xml2json/network-http-noopts.json
 create mode 100644 tests/qemublocktestdata/xml2json/network-http-noopts.xml

diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
index d9665ec4a0..648c3f1026 100644
--- a/src/qemu/qemu_block.c
+++ b/src/qemu/qemu_block.c
@@ -685,6 +685,7 @@ qemuBlockStorageSourceGetCURLProps(virStorageSourcePtr src,
     virJSONValuePtr ret = NULL;
     g_autoptr(virURI) uri = NULL;
     g_autofree char *uristr = NULL;
+    g_autofree char *cookiestr = NULL;

     /**
      * Common options:
@@ -714,6 +715,9 @@ qemuBlockStorageSourceGetCURLProps(virStorageSourcePtr src,
         if (srcPriv &&
             srcPriv->httpcookie)
             cookiealias = srcPriv->httpcookie->s.aes.alias;
+    } else {
+        /* format target string along with cookies */
+        cookiestr = qemuBlockStorageSourceGetCookieString(src);
     }

     ignore_value(virJSONValueObjectCreate(&ret,
@@ -721,6 +725,7 @@ qemuBlockStorageSourceGetCURLProps(virStorageSourcePtr src,
                                           "S:username", username,
                                           "S:password-secret", passwordalias,
                                           "T:sslverify", src->sslverify,
+                                          "S:cookie", cookiestr,
                                           "S:cookie-secret", cookiealias,
                                           "P:timeout", src->timeout,
                                           "P:readahead", src->readahead,
@@ -2056,7 +2061,12 @@ qemuBlockGetBackingStoreString(virStorageSourcePtr src,
         /* generate simplified URIs for the easy cases */
         if (actualType == VIR_STORAGE_TYPE_NETWORK &&
             src->nhosts == 1 &&
-            src->hosts->transport == VIR_STORAGE_NET_HOST_TRANS_TCP) {
+            src->hosts->transport == VIR_STORAGE_NET_HOST_TRANS_TCP &&
+            src->timeout == 0 &&
+            src->ncookies == 0 &&
+            src->sslverify == VIR_TRISTATE_BOOL_ABSENT &&
+            src->timeout == 0 &&
+            src->readahead == 0) {

             switch ((virStorageNetProtocol) src->protocol) {
             case VIR_STORAGE_NET_PROTOCOL_NBD:
diff --git a/tests/qemublocktest.c b/tests/qemublocktest.c
index 709d94fd80..8640b72116 100644
--- a/tests/qemublocktest.c
+++ b/tests/qemublocktest.c
@@ -1212,6 +1212,8 @@ mymain(void)
     TEST_DISK_TO_JSON("network-qcow2-backing-chain-cache-unsafe");
     TEST_DISK_TO_JSON("dir-fat-cache");
     TEST_DISK_TO_JSON("network-nbd-tls");
+    TEST_DISK_TO_JSON("network-http-noopts");
+    TEST_DISK_TO_JSON("network-http-curlopts");

     TEST_DISK_TO_JSON("block-raw-noopts");
     TEST_DISK_TO_JSON("block-raw-reservations");
diff --git 
a/tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json 
b/tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json
new file mode 100644
index 0000000000..f5645ac2a6
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-curlopts-srconly.json
@@ -0,0 +1,17 @@
+(
+  source only properties:
+  {
+    "driver": "https",
+    "url": "https://host1.example.com:443/something";,
+    "sslverify": false,
+    "cookie": "test=123456; blurb=here"
+  }
+  backing store string:
+  json:{"file":{
+    "driver": "https",
+    "url": "https://host1.example.com:443/something";,
+    "sslverify": false,
+    "cookie": "test=123456; blurb=here"
+  }
+  }
+)
diff --git a/tests/qemublocktestdata/xml2json/network-http-curlopts.json 
b/tests/qemublocktestdata/xml2json/network-http-curlopts.json
new file mode 100644
index 0000000000..08dfd1b300
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-curlopts.json
@@ -0,0 +1,15 @@
+{
+  "node-name": "node-b-f",
+  "read-only": false,
+  "driver": "qcow2",
+  "file": "node-a-s",
+  "backing": null
+}
+{
+  "driver": "https",
+  "url": "https://host1.example.com:443/something";,
+  "sslverify": false,
+  "node-name": "node-a-s",
+  "auto-read-only": true,
+  "discard": "unmap"
+}
diff --git a/tests/qemublocktestdata/xml2json/network-http-curlopts.xml 
b/tests/qemublocktestdata/xml2json/network-http-curlopts.xml
new file mode 100644
index 0000000000..a656247e2e
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-curlopts.xml
@@ -0,0 +1,20 @@
+<disk type='network' device='disk'>
+  <driver name='qemu' type='qcow2'/>
+  <source protocol='https' name='/something'>
+    <host name='host1.example.com'/>
+    <ssl verify='no'/>
+    <cookies>
+      <cookie name='test'>123456</cookie>
+      <cookie name='blurb'>here</cookie>
+    </cookies>
+    <privateData>
+      <nodenames>
+        <nodename type='storage' name='node-a-s'/>
+        <nodename type='format' name='node-b-f'/>
+      </nodenames>
+    </privateData>
+  </source>
+  <backingStore/>
+  <target dev='vda' bus='virtio'/>
+  <alias name='virtio-disk0'/>
+</disk>
diff --git a/tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json 
b/tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json
new file mode 100644
index 0000000000..1303623036
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-noopts-srconly.json
@@ -0,0 +1,9 @@
+(
+  source only properties:
+  {
+    "driver": "https",
+    "url": "https://host1.example.com:443/something";
+  }
+  backing store string:
+  https://host1.example.com:443/something
+)
diff --git a/tests/qemublocktestdata/xml2json/network-http-noopts.json 
b/tests/qemublocktestdata/xml2json/network-http-noopts.json
new file mode 100644
index 0000000000..d577858236
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-noopts.json
@@ -0,0 +1,14 @@
+{
+  "node-name": "node-b-f",
+  "read-only": false,
+  "driver": "qcow2",
+  "file": "node-a-s",
+  "backing": null
+}
+{
+  "driver": "https",
+  "url": "https://host1.example.com:443/something";,
+  "node-name": "node-a-s",
+  "auto-read-only": true,
+  "discard": "unmap"
+}
diff --git a/tests/qemublocktestdata/xml2json/network-http-noopts.xml 
b/tests/qemublocktestdata/xml2json/network-http-noopts.xml
new file mode 100644
index 0000000000..f09ff7ba67
--- /dev/null
+++ b/tests/qemublocktestdata/xml2json/network-http-noopts.xml
@@ -0,0 +1,15 @@
+<disk type='network' device='disk'>
+  <driver name='qemu' type='qcow2'/>
+  <source protocol='https' name='/something'>
+    <host name='host1.example.com'/>
+    <privateData>
+      <nodenames>
+        <nodename type='storage' name='node-a-s'/>
+        <nodename type='format' name='node-b-f'/>
+      </nodenames>
+    </privateData>
+  </source>
+  <backingStore/>
+  <target dev='vda' bus='virtio'/>
+  <alias name='virtio-disk0'/>
+</disk>
-- 
2.24.1

Reply via email to