virNetServerServicePtr virNetServerServiceNewUNIX(const char *path, mode_t mask, gid_t grp, int auth, bool readonly, size_t nrequests_client_max, virNetTLSContextPtr tls) { virNetServerServicePtr svc; int i; if (VIR_ALLOC(svc) < 0) goto no_memory; svc->refs = 1; svc->auth = auth; svc->readonly = readonly; svc->nrequests_client_max = nrequests_client_max; svc->tls = tls; if (tls) virNetTLSContextRef(tls); svc->nsocks = 1; if (VIR_ALLOC_N(svc->socks, svc->nsocks) < 0) goto no_memory; if (virNetSocketNewListenUNIX(path, mask, -1, grp, &svc->socks[0]) < 0) goto error; for (i = 0 ; i < svc->nsocks ; i++) { if (virNetSocketListen(svc->socks[i], 0) < 0) goto error; /* IO callback is initially disabled, until we're ready * to deal with incoming clients */ virNetServerServiceRef(svc); if (virNetSocketAddIOCallback(svc->socks[i], 0, virNetServerServiceAccept, svc, virNetServerServiceEventFree) < 0) { virNetServerServiceFree(svc); goto error; } } return svc; no_memory: virReportOOMError(); error: virNetServerServiceFree(svc); return NULL; }
static int daemonSetupNetworking(virNetServerPtr srv, struct daemonConfig *config, const char *sock_path, const char *sock_path_ro, bool ipsock, bool privileged) { virNetServerServicePtr svc = NULL; virNetServerServicePtr svcRO = NULL; virNetServerServicePtr svcTCP = NULL; virNetServerServicePtr svcTLS = NULL; gid_t unix_sock_gid = 0; int unix_sock_ro_mask = 0; int unix_sock_rw_mask = 0; if (config->unix_sock_group) { if (virGetGroupID(config->unix_sock_group, &unix_sock_gid) < 0) return -1; } if (virStrToLong_i(config->unix_sock_ro_perms, NULL, 8, &unix_sock_ro_mask) != 0) { VIR_ERROR(_("Failed to parse mode '%s'"), config->unix_sock_ro_perms); goto error; } if (virStrToLong_i(config->unix_sock_rw_perms, NULL, 8, &unix_sock_rw_mask) != 0) { VIR_ERROR(_("Failed to parse mode '%s'"), config->unix_sock_rw_perms); goto error; } if (!(svc = virNetServerServiceNewUNIX(sock_path, unix_sock_rw_mask, unix_sock_gid, config->auth_unix_rw, false, config->max_client_requests, NULL))) goto error; if (sock_path_ro && !(svcRO = virNetServerServiceNewUNIX(sock_path_ro, unix_sock_ro_mask, unix_sock_gid, config->auth_unix_ro, true, config->max_client_requests, NULL))) goto error; if (virNetServerAddService(srv, svc, config->mdns_adv && !ipsock ? "_libvirt._tcp" : NULL) < 0) goto error; if (svcRO && virNetServerAddService(srv, svcRO, NULL) < 0) goto error; if (ipsock) { if (config->listen_tcp) { if (!(svcTCP = virNetServerServiceNewTCP(config->listen_addr, config->tcp_port, config->auth_tcp, false, config->max_client_requests, NULL))) goto error; if (virNetServerAddService(srv, svcTCP, config->mdns_adv ? "_libvirt._tcp" : NULL) < 0) goto error; } if (config->listen_tls) { virNetTLSContextPtr ctxt = NULL; if (config->ca_file || config->cert_file || config->key_file) { if (!(ctxt = virNetTLSContextNewServer(config->ca_file, config->crl_file, config->cert_file, config->key_file, (const char *const*)config->tls_allowed_dn_list, config->tls_no_sanity_certificate ? false : true, config->tls_no_verify_certificate ? false : true))) goto error; } else { if (!(ctxt = virNetTLSContextNewServerPath(NULL, !privileged, (const char *const*)config->tls_allowed_dn_list, config->tls_no_sanity_certificate ? false : true, config->tls_no_verify_certificate ? false : true))) goto error; } if (!(svcTLS = virNetServerServiceNewTCP(config->listen_addr, config->tls_port, config->auth_tls, false, config->max_client_requests, ctxt))) { virNetTLSContextFree(ctxt); goto error; } if (virNetServerAddService(srv, svcTLS, config->mdns_adv && !config->listen_tcp ? "_libvirt._tcp" : NULL) < 0) goto error; virNetTLSContextFree(ctxt); } } #if HAVE_SASL if (config->auth_unix_rw == REMOTE_AUTH_SASL || config->auth_unix_ro == REMOTE_AUTH_SASL || config->auth_tcp == REMOTE_AUTH_SASL || config->auth_tls == REMOTE_AUTH_SASL) { saslCtxt = virNetSASLContextNewServer( (const char *const*)config->sasl_allowed_username_list); if (!saslCtxt) goto error; } #endif return 0; error: virNetServerServiceFree(svcTLS); virNetServerServiceFree(svcTCP); virNetServerServiceFree(svc); virNetServerServiceFree(svcRO); return -1; }
static void virNetServerServiceEventFree(void *opaque) { virNetServerServicePtr svc = opaque; virNetServerServiceFree(svc); }