virNetServerServicePtr virNetServerServiceNewUNIX(const char *path,
mode_t mask,
gid_t grp,
int auth,
bool readonly,
size_t nrequests_client_max,
virNetTLSContextPtr tls)
{
virNetServerServicePtr svc;
int i;
if (VIR_ALLOC(svc) < 0)
goto no_memory;
svc->refs = 1;
svc->auth = auth;
svc->readonly = readonly;
svc->nrequests_client_max = nrequests_client_max;
svc->tls = tls;
if (tls)
virNetTLSContextRef(tls);
svc->nsocks = 1;
if (VIR_ALLOC_N(svc->socks, svc->nsocks) < 0)
goto no_memory;
if (virNetSocketNewListenUNIX(path,
mask,
-1,
grp,
&svc->socks[0]) < 0)
goto error;
for (i = 0 ; i < svc->nsocks ; i++) {
if (virNetSocketListen(svc->socks[i], 0) < 0)
goto error;
/* IO callback is initially disabled, until we're ready
* to deal with incoming clients */
virNetServerServiceRef(svc);
if (virNetSocketAddIOCallback(svc->socks[i],
0,
virNetServerServiceAccept,
svc,
virNetServerServiceEventFree) < 0) {
virNetServerServiceFree(svc);
goto error;
}
}
return svc;
no_memory:
virReportOOMError();
error:
virNetServerServiceFree(svc);
return NULL;
}
static int daemonSetupNetworking(virNetServerPtr srv,
struct daemonConfig *config,
const char *sock_path,
const char *sock_path_ro,
bool ipsock,
bool privileged)
{
virNetServerServicePtr svc = NULL;
virNetServerServicePtr svcRO = NULL;
virNetServerServicePtr svcTCP = NULL;
virNetServerServicePtr svcTLS = NULL;
gid_t unix_sock_gid = 0;
int unix_sock_ro_mask = 0;
int unix_sock_rw_mask = 0;
if (config->unix_sock_group) {
if (virGetGroupID(config->unix_sock_group, &unix_sock_gid) < 0)
return -1;
}
if (virStrToLong_i(config->unix_sock_ro_perms, NULL, 8, &unix_sock_ro_mask) != 0) {
VIR_ERROR(_("Failed to parse mode '%s'"), config->unix_sock_ro_perms);
goto error;
}
if (virStrToLong_i(config->unix_sock_rw_perms, NULL, 8, &unix_sock_rw_mask) != 0) {
VIR_ERROR(_("Failed to parse mode '%s'"), config->unix_sock_rw_perms);
goto error;
}
if (!(svc = virNetServerServiceNewUNIX(sock_path,
unix_sock_rw_mask,
unix_sock_gid,
config->auth_unix_rw,
false,
config->max_client_requests,
NULL)))
goto error;
if (sock_path_ro &&
!(svcRO = virNetServerServiceNewUNIX(sock_path_ro,
unix_sock_ro_mask,
unix_sock_gid,
config->auth_unix_ro,
true,
config->max_client_requests,
NULL)))
goto error;
if (virNetServerAddService(srv, svc,
config->mdns_adv && !ipsock ?
"_libvirt._tcp" :
NULL) < 0)
goto error;
if (svcRO &&
virNetServerAddService(srv, svcRO, NULL) < 0)
goto error;
if (ipsock) {
if (config->listen_tcp) {
if (!(svcTCP = virNetServerServiceNewTCP(config->listen_addr,
config->tcp_port,
config->auth_tcp,
false,
config->max_client_requests,
NULL)))
goto error;
if (virNetServerAddService(srv, svcTCP,
config->mdns_adv ? "_libvirt._tcp" : NULL) < 0)
goto error;
}
if (config->listen_tls) {
virNetTLSContextPtr ctxt = NULL;
if (config->ca_file ||
config->cert_file ||
config->key_file) {
if (!(ctxt = virNetTLSContextNewServer(config->ca_file,
config->crl_file,
config->cert_file,
config->key_file,
(const char *const*)config->tls_allowed_dn_list,
config->tls_no_sanity_certificate ? false : true,
config->tls_no_verify_certificate ? false : true)))
goto error;
} else {
if (!(ctxt = virNetTLSContextNewServerPath(NULL,
!privileged,
(const char *const*)config->tls_allowed_dn_list,
config->tls_no_sanity_certificate ? false : true,
config->tls_no_verify_certificate ? false : true)))
goto error;
}
if (!(svcTLS =
virNetServerServiceNewTCP(config->listen_addr,
config->tls_port,
config->auth_tls,
false,
config->max_client_requests,
ctxt))) {
virNetTLSContextFree(ctxt);
goto error;
}
if (virNetServerAddService(srv, svcTLS,
config->mdns_adv &&
!config->listen_tcp ? "_libvirt._tcp" : NULL) < 0)
goto error;
virNetTLSContextFree(ctxt);
}
}
#if HAVE_SASL
if (config->auth_unix_rw == REMOTE_AUTH_SASL ||
config->auth_unix_ro == REMOTE_AUTH_SASL ||
config->auth_tcp == REMOTE_AUTH_SASL ||
config->auth_tls == REMOTE_AUTH_SASL) {
saslCtxt = virNetSASLContextNewServer(
(const char *const*)config->sasl_allowed_username_list);
if (!saslCtxt)
goto error;
}
#endif
return 0;
error:
virNetServerServiceFree(svcTLS);
virNetServerServiceFree(svcTCP);
virNetServerServiceFree(svc);
virNetServerServiceFree(svcRO);
return -1;
}
static void virNetServerServiceEventFree(void *opaque)
{
virNetServerServicePtr svc = opaque;
virNetServerServiceFree(svc);
}
