static int
virStorageBackendISCSISetAuth(const char *portal,
virConnectPtr conn,
virStoragePoolDefPtr def)
{
virSecretPtr secret = NULL;
unsigned char *secret_value = NULL;
virStoragePoolAuthChap chap;
int ret = -1;
if (def->source.authType == VIR_STORAGE_POOL_AUTH_NONE)
return 0;
if (def->source.authType != VIR_STORAGE_POOL_AUTH_CHAP) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("iscsi pool only supports 'chap' auth type"));
return -1;
}
if (!conn) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("iscsi 'chap' authentication not supported "
"for autostarted pools"));
return -1;
}
chap = def->source.auth.chap;
if (chap.secret.uuidUsable)
secret = virSecretLookupByUUID(conn, chap.secret.uuid);
else
secret = virSecretLookupByUsage(conn, VIR_SECRET_USAGE_TYPE_ISCSI,
chap.secret.usage);
if (secret) {
size_t secret_size;
secret_value =
conn->secretDriver->secretGetValue(secret, &secret_size, 0,
VIR_SECRET_GET_VALUE_INTERNAL_CALL);
if (!secret_value) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("could not get the value of the secret "
"for username %s"), chap.username);
goto cleanup;
}
} else {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("username '%s' specified but secret not found"),
chap.username);
goto cleanup;
}
if (virStorageBackendISCSINodeUpdate(portal,
def->source.devices[0].path,
"node.session.auth.authmethod",
"CHAP") < 0 ||
virStorageBackendISCSINodeUpdate(portal,
def->source.devices[0].path,
"node.session.auth.username",
chap.username) < 0 ||
virStorageBackendISCSINodeUpdate(portal,
def->source.devices[0].path,
"node.session.auth.password",
(const char *)secret_value) < 0)
goto cleanup;
ret = 0;
cleanup:
virObjectUnref(secret);
VIR_FREE(secret_value);
return ret;
}
static int
virStorageBackendISCSISetAuth(const char *portal,
virConnectPtr conn,
virStoragePoolSourcePtr source)
{
virSecretPtr secret = NULL;
unsigned char *secret_value = NULL;
virStorageAuthDefPtr authdef = source->auth;
int ret = -1;
char uuidStr[VIR_UUID_STRING_BUFLEN];
if (!authdef || authdef->authType == VIR_STORAGE_AUTH_TYPE_NONE)
return 0;
VIR_DEBUG("username='******' authType=%d secretType=%d",
authdef->username, authdef->authType, authdef->secretType);
if (authdef->authType != VIR_STORAGE_AUTH_TYPE_CHAP) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("iscsi pool only supports 'chap' auth type"));
return -1;
}
if (!conn) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("iscsi 'chap' authentication not supported "
"for autostarted pools"));
return -1;
}
if (authdef->secretType == VIR_STORAGE_SECRET_TYPE_UUID)
secret = virSecretLookupByUUID(conn, authdef->secret.uuid);
else
secret = virSecretLookupByUsage(conn, VIR_SECRET_USAGE_TYPE_ISCSI,
authdef->secret.usage);
if (secret) {
size_t secret_size;
secret_value =
conn->secretDriver->secretGetValue(secret, &secret_size, 0,
VIR_SECRET_GET_VALUE_INTERNAL_CALL);
if (!secret_value) {
if (authdef->secretType == VIR_STORAGE_SECRET_TYPE_UUID) {
virUUIDFormat(authdef->secret.uuid, uuidStr);
virReportError(VIR_ERR_INTERNAL_ERROR,
_("could not get the value of the secret "
"for username %s using uuid '%s'"),
authdef->username, uuidStr);
} else {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("could not get the value of the secret "
"for username %s using usage value '%s'"),
authdef->username, authdef->secret.usage);
}
goto cleanup;
}
} else {
if (authdef->secretType == VIR_STORAGE_SECRET_TYPE_UUID) {
virUUIDFormat(authdef->secret.uuid, uuidStr);
virReportError(VIR_ERR_NO_SECRET,
_("no secret matches uuid '%s'"),
uuidStr);
} else {
virReportError(VIR_ERR_NO_SECRET,
_("no secret matches usage value '%s'"),
authdef->secret.usage);
}
goto cleanup;
}
if (virISCSINodeUpdate(portal,
source->devices[0].path,
"node.session.auth.authmethod",
"CHAP") < 0 ||
virISCSINodeUpdate(portal,
source->devices[0].path,
"node.session.auth.username",
authdef->username) < 0 ||
virISCSINodeUpdate(portal,
source->devices[0].path,
"node.session.auth.password",
(const char *)secret_value) < 0)
goto cleanup;
ret = 0;
cleanup:
virObjectUnref(secret);
VIR_FREE(secret_value);
return ret;
}