From nobody Tue Feb 10 00:04:53 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1531145109778589.8013080314596; Mon, 9 Jul 2018 07:05:09 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id F1FEE3082A4C; Mon, 9 Jul 2018 14:05:07 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 9C3EE19482; Mon, 9 Jul 2018 14:05:07 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id F365741091; Mon, 9 Jul 2018 14:05:06 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w69E4tm4001264 for ; Mon, 9 Jul 2018 10:04:56 -0400 Received: by smtp.corp.redhat.com (Postfix) id C7AAC111DCEB; Mon, 9 Jul 2018 14:04:55 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6C0BE111DCE8 for ; Mon, 9 Jul 2018 14:04:55 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Mon, 9 Jul 2018 16:12:39 +0200 Message-Id: In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 4/4] qemu: block: Add support for RBD authentication for blockdev X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Mon, 09 Jul 2018 14:05:08 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" To allow using -blockdev with RBD we need to support the recently added RBD authentication. Signed-off-by: Peter Krempa --- I must say that it looks quite fishy that we use also the "none" method as acceptable but we've done so for a very long time. src/qemu/qemu_block.c | 26 ++++++++++++++++++= +++- .../network-qcow2-backing-chain-cache-unsafe.json | 5 +++++ ...etwork-qcow2-backing-chain-encryption_auth.json | 5 +++++ 3 files changed, 35 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c index 0ebf2d2aff..7ad79c7e7d 100644 --- a/src/qemu/qemu_block.c +++ b/src/qemu/qemu_block.c @@ -906,13 +906,33 @@ qemuBlockStorageSourceGetRBDProps(virStorageSourcePtr= src) virJSONValuePtr servers =3D NULL; virJSONValuePtr ret =3D NULL; const char *username =3D NULL; + virJSONValuePtr authmodes =3D NULL; + virJSONValuePtr mode =3D NULL; + const char *keysecret =3D NULL; if (src->nhosts > 0 && !(servers =3D qemuBlockStorageSourceBuildHostsJSONInetSocketAddres= s(src))) return NULL; - if (src->auth) + if (src->auth) { username =3D srcPriv->secinfo->s.aes.username; + keysecret =3D srcPriv->secinfo->s.aes.alias; + /* the auth modes are modelled after our old command line generato= r */ + if (!(authmodes =3D virJSONValueNewArray())) + goto cleanup; + + if (!(mode =3D virJSONValueNewString("cephx")) || + virJSONValueArrayAppend(authmodes, mode) < 0) + goto cleanup; + + mode =3D NULL; + + if (!(mode =3D virJSONValueNewString("none")) || + virJSONValueArrayAppend(authmodes, mode) < 0) + goto cleanup; + + mode =3D NULL; + } if (virJSONValueObjectCreate(&ret, "s:driver", "rbd", @@ -922,10 +942,14 @@ qemuBlockStorageSourceGetRBDProps(virStorageSourcePtr= src) "S:conf", src->configFile, "A:server", &servers, "S:user", username, + "A:auth-client-required", &authmodes, + "S:key-secret", keysecret, NULL) < 0) goto cleanup; cleanup: + virJSONValueFree(authmodes); + virJSONValueFree(mode); virJSONValueFree(servers); return ret; } diff --git a/tests/qemublocktestdata/xml2json/network-qcow2-backing-chain-c= ache-unsafe.json b/tests/qemublocktestdata/xml2json/network-qcow2-backing-c= hain-cache-unsafe.json index 80a694eee4..e66f62d24b 100644 --- a/tests/qemublocktestdata/xml2json/network-qcow2-backing-chain-cache-un= safe.json +++ b/tests/qemublocktestdata/xml2json/network-qcow2-backing-chain-cache-un= safe.json @@ -24,6 +24,11 @@ } ], "user": "testuser-rbd", + "auth-client-required": [ + "cephx", + "none" + ], + "key-secret": "node-a-s-secalias", "node-name": "node-a-s", "cache": { "direct": false, diff --git a/tests/qemublocktestdata/xml2json/network-qcow2-backing-chain-e= ncryption_auth.json b/tests/qemublocktestdata/xml2json/network-qcow2-backin= g-chain-encryption_auth.json index fdb6f2ab1a..921cb3ea69 100644 --- a/tests/qemublocktestdata/xml2json/network-qcow2-backing-chain-encrypti= on_auth.json +++ b/tests/qemublocktestdata/xml2json/network-qcow2-backing-chain-encrypti= on_auth.json @@ -24,6 +24,11 @@ } ], "user": "testuser-rbd", + "auth-client-required": [ + "cephx", + "none" + ], + "key-secret": "node-a-s-secalias", "node-name": "node-a-s", "read-only": false, "discard": "unmap" --=20 2.16.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list