diff options
| author | Peter Maydell <peter.maydell@linaro.org> | 2020-11-18 13:42:42 +0000 |
|---|---|---|
| committer | Peter Maydell <peter.maydell@linaro.org> | 2020-11-18 13:42:42 +0000 |
| commit | b696f2c6ba8c92ffb5eca49b88a5c7276d0a3e1e (patch) | |
| tree | 900a9ec3287e23ade7d1826e4cc7253dbfd10e9b | |
| parent | 269ff671c593379378c5cf5ea3bddd7909dd3333 (diff) | |
| parent | c2aa8a3d7e5ce57fa3df310c9b7ca48fcbf9d4ad (diff) | |
| download | qemu-b696f2c6ba8c92ffb5eca49b88a5c7276d0a3e1e.zip qemu-b696f2c6ba8c92ffb5eca49b88a5c7276d0a3e1e.tar.gz qemu-b696f2c6ba8c92ffb5eca49b88a5c7276d0a3e1e.tar.bz2 | |
Merge remote-tracking branch 'remotes/berrange-gitlab/tags/misc-fixes-pull-request' into staging
Misc error reporting and checking fixes to authorization objects
# gpg: Signature made Wed 18 Nov 2020 12:48:53 GMT
# gpg: using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg: aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF
* remotes/berrange-gitlab/tags/misc-fixes-pull-request:
authz-simple: Check that 'identity' property is set
authz-pam: Check that 'service' property is set
authz-list-file: Improve an error message
authz-list-file: Fix file read error handling
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
| -rw-r--r-- | authz/listfile.c | 6 | ||||
| -rw-r--r-- | authz/pamacct.c | 6 | ||||
| -rw-r--r-- | authz/simple.c | 14 |
3 files changed, 25 insertions, 1 deletions
diff --git a/authz/listfile.c b/authz/listfile.c index 24feac3..da3a0e6 100644 --- a/authz/listfile.c +++ b/authz/listfile.c @@ -73,7 +73,8 @@ qauthz_list_file_load(QAuthZListFile *fauthz, Error **errp) pdict = qobject_to(QDict, obj); if (!pdict) { - error_setg(errp, QERR_INVALID_PARAMETER_TYPE, "obj", "dict"); + error_setg(errp, "File '%s' must contain a JSON object", + fauthz->filename); goto cleanup; } @@ -128,6 +129,9 @@ qauthz_list_file_complete(UserCreatable *uc, Error **errp) } fauthz->list = qauthz_list_file_load(fauthz, errp); + if (!fauthz->list) { + return; + } if (!fauthz->refresh) { return; diff --git a/authz/pamacct.c b/authz/pamacct.c index e67195f..c862d9f 100644 --- a/authz/pamacct.c +++ b/authz/pamacct.c @@ -84,6 +84,12 @@ qauthz_pam_prop_get_service(Object *obj, static void qauthz_pam_complete(UserCreatable *uc, Error **errp) { + QAuthZPAM *pauthz = QAUTHZ_PAM(uc); + + if (!pauthz->service) { + error_setg(errp, "The 'service' property must be set"); + return; + } } diff --git a/authz/simple.c b/authz/simple.c index 18db035..0597dcd 100644 --- a/authz/simple.c +++ b/authz/simple.c @@ -66,10 +66,24 @@ qauthz_simple_finalize(Object *obj) static void +qauthz_simple_complete(UserCreatable *uc, Error **errp) +{ + QAuthZSimple *sauthz = QAUTHZ_SIMPLE(uc); + + if (!sauthz->identity) { + error_setg(errp, "The 'identity' property must be set"); + return; + } +} + + +static void qauthz_simple_class_init(ObjectClass *oc, void *data) { QAuthZClass *authz = QAUTHZ_CLASS(oc); + UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc); + ucc->complete = qauthz_simple_complete; authz->is_allowed = qauthz_simple_is_allowed; object_class_property_add_str(oc, "identity", |