Module libvirt-secret from libvirt
Provides APIs for the management of secrets Copyright (C) 2006-2014, 2016 Red Hat, Inc. This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library. If not, see http://www.gnu.org/licenses/.
Table of Contents
Macros
#define VIR_SECRET_EVENT_CALLBACK
Types
typedef enum virConnectListAllSecretsFlags typedef struct _virSecret virSecret typedef enum virSecretEventID typedef enum virSecretEventLifecycleType typedef virSecret * virSecretPtr typedef enum virSecretUsageType
Functions
int virConnectListAllSecrets (virConnectPtr conn,
virSecretPtr ** secrets,
unsigned int flags) int virConnectListSecrets (virConnectPtr conn,
char ** uuids,
int maxuuids) int virConnectNumOfSecrets (virConnectPtr conn) int virConnectSecretEventDeregisterAny (virConnectPtr conn,
int callbackID) typedef virConnectSecretEventGenericCallback void virConnectSecretEventGenericCallback (virConnectPtr conn,
virSecretPtr secret,
void * opaque) typedef virConnectSecretEventLifecycleCallback void virConnectSecretEventLifecycleCallback (virConnectPtr conn,
virSecretPtr secret,
int event,
int detail,
void * opaque) int virConnectSecretEventRegisterAny (virConnectPtr conn,
virSecretPtr secret,
int eventID,
virConnectSecretEventGenericCallback cb,
void * opaque,
virFreeCallback freecb) virSecretPtr virSecretDefineXML (virConnectPtr conn,
const char * xml,
unsigned int flags) int virSecretFree (virSecretPtr secret) virConnectPtr virSecretGetConnect (virSecretPtr secret) int virSecretGetUUID (virSecretPtr secret,
unsigned char * uuid) int virSecretGetUUIDString (virSecretPtr secret,
char * buf) const char * virSecretGetUsageID (virSecretPtr secret) int virSecretGetUsageType (virSecretPtr secret) unsigned char * virSecretGetValue (virSecretPtr secret,
size_t * value_size,
unsigned int flags) char * virSecretGetXMLDesc (virSecretPtr secret,
unsigned int flags) virSecretPtr virSecretLookupByUUID (virConnectPtr conn,
const unsigned char * uuid) virSecretPtr virSecretLookupByUUIDString (virConnectPtr conn,
const char * uuidstr) virSecretPtr virSecretLookupByUsage (virConnectPtr conn,
int usageType,
const char * usageID) int virSecretRef (virSecretPtr secret) int virSecretSetValue (virSecretPtr secret,
const unsigned char * value,
size_t value_size,
unsigned int flags) int virSecretUndefine (virSecretPtr secret)
Description
Macros
VIR_SECRET_EVENT_CALLBACK
#define VIR_SECRET_EVENT_CALLBACK
Used to cast the event specific callback into the generic one for use for virConnectSecretEventRegisterAny()
Types
virConnectListAllSecretsFlags
enum virConnectListAllSecretsFlags {
VIR_CONNECT_LIST_SECRETS_EPHEMERAL | = | 1 (0x1; 1 << 0) |
kept in memory, never stored persistently
|
VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL | = | 2 (0x2; 1 << 1) | |
VIR_CONNECT_LIST_SECRETS_PRIVATE | = | 4 (0x4; 1 << 2) |
not revealed to any caller of libvirt, nor to any other node
|
VIR_CONNECT_LIST_SECRETS_NO_PRIVATE | = | 8 (0x8; 1 << 3) |
}
virSecret
struct virSecret {
}
virSecretEventID
enum virSecretEventID {
VIR_SECRET_EVENT_ID_LIFECYCLE | = | 0 (0x0) | |
VIR_SECRET_EVENT_ID_VALUE_CHANGED | = | 1 (0x1) | |
VIR_SECRET_EVENT_ID_LAST | = | 2 (0x2) |
NB: this enum value will increase over time as new events are added to the libvirt API. It reflects the last event ID supported by this version of the libvirt API.
|
}
virSecretEventLifecycleType
enum virSecretEventLifecycleType {
VIR_SECRET_EVENT_DEFINED | = | 0 (0x0) | |
VIR_SECRET_EVENT_UNDEFINED | = | 1 (0x1) | |
VIR_SECRET_EVENT_LAST | = | 2 (0x2) |
}
virSecretUsageType
enum virSecretUsageType {
VIR_SECRET_USAGE_TYPE_NONE | = | 0 (0x0) | |
VIR_SECRET_USAGE_TYPE_VOLUME | = | 1 (0x1) | |
VIR_SECRET_USAGE_TYPE_CEPH | = | 2 (0x2) | |
VIR_SECRET_USAGE_TYPE_ISCSI | = | 3 (0x3) | |
VIR_SECRET_USAGE_TYPE_TLS | = | 4 (0x4) | |
VIR_SECRET_USAGE_TYPE_VTPM | = | 5 (0x5) | |
VIR_SECRET_USAGE_TYPE_LAST | = | 6 (0x6) |
NB: this enum value will increase over time as new events are added to the libvirt API. It reflects the last secret owner ID supported by this version of the libvirt API.
|
}
Functions
virConnectListAllSecrets
int virConnectListAllSecrets (virConnectPtr conn, virSecretPtr ** secrets, unsigned int flags)
Collect the list of secrets, and allocate an array to store those objects.
Normally, all secrets are returned; however, @flags can be used to filter the results for a smaller list of targeted secrets. The valid flags are divided into groups, where each group contains bits that describe mutually exclusive attributes of a secret, and where all bits within a group describe all possible secrets.
The first group of @flags is used to filter secrets by its storage location. Flag VIR_CONNECT_LIST_SECRETS_EPHEMERAL selects secrets that are kept only in memory. Flag VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL selects secrets that are kept in persistent storage.
The second group of @flags is used to filter secrets by privacy. Flag VIR_CONNECT_LIST_SECRETS_PRIVATE selects secrets that are never revealed to any caller of libvirt nor to any other node. Flag VIR_CONNECT_LIST_SECRETS_NO_PRIVATE selects non-private secrets.
- conn
- Pointer to the hypervisor connection.
- secrets
- Pointer to a variable to store the array containing the secret objects or NULL if the list is not required (just returns the number of secrets).
- flags
- bitwise-OR of virConnectListAllSecretsFlags.
- Returns
- the number of secrets found or -1 and sets @secrets to NULL in case of error. On success, the array stored into @secrets is guaranteed to have an extra allocated element set to NULL but not included in the return count, to make iteration easier. The caller is responsible for calling virSecretFree() on each array element, then calling free() on @secrets.
virConnectListSecrets
int virConnectListSecrets (virConnectPtr conn, char ** uuids, int maxuuids)
List UUIDs of defined secrets, store pointers to names in uuids.
- conn
- virConnect connection
- uuids
- Pointer to an array to store the UUIDs
- maxuuids
- size of the array.
- Returns
- the number of UUIDs provided in the array, or -1 on failure.
virConnectNumOfSecrets
int virConnectNumOfSecrets (virConnectPtr conn)
Fetch number of currently defined secrets.
- conn
- virConnect connection
- Returns
- the number currently defined secrets.
virConnectSecretEventDeregisterAny
int virConnectSecretEventDeregisterAny (virConnectPtr conn, int callbackID)
Removes an event callback. The callbackID parameter should be the value obtained from a previous virConnectSecretEventRegisterAny() method.
- conn
- pointer to the connection
- callbackID
- the callback identifier
- Returns
- 0 on success, -1 on failure.
virConnectSecretEventGenericCallback
typedef void (*virConnectSecretEventGenericCallback) (virConnectPtr conn, virSecretPtr secret, void * opaque)
A generic secret event callback handler, for use with virConnectSecretEventRegisterAny(). Specific events usually have a customization with extra parameters, often with @opaque being passed in a different parameter position; use VIR_SECRET_EVENT_CALLBACK() when registering an appropriate handler.
- conn
- the connection pointer
- secret
- the secret pointer
- opaque
- application specified data
virConnectSecretEventLifecycleCallback
typedef void (*virConnectSecretEventLifecycleCallback) (virConnectPtr conn, virSecretPtr secret, int event, int detail, void * opaque)
This callback is called when a secret lifecycle action is performed, like added or removed.
The callback signature to use when registering for an event of type VIR_SECRET_EVENT_ID_LIFECYCLE with virConnectSecretEventRegisterAny()
- conn
- connection object
- secret
- secret on which the event occurred
- event
- The specific virSecretEventLifeCycleType which occurred
- detail
- contains some details on the reason of the event.
- opaque
- application specified data
virConnectSecretEventRegisterAny
int virConnectSecretEventRegisterAny (virConnectPtr conn, virSecretPtr secret, int eventID, virConnectSecretEventGenericCallback cb, void * opaque, virFreeCallback freecb)
Adds a callback to receive notifications of arbitrary secret events occurring on a secret. This function requires that an event loop has been previously registered with virEventRegisterImpl() or virEventRegisterDefaultImpl().
If @secret is NULL, then events will be monitored for any secret. If @secret is non-NULL, then only the specific secret will be monitored.
Most types of events have a callback providing a custom set of parameters for the event. When registering an event, it is thus necessary to use the VIR_SECRET_EVENT_CALLBACK() macro to cast the supplied function pointer to match the signature of this method.
The virSecretPtr object handle passed into the callback upon delivery of an event is only valid for the duration of execution of the callback. If the callback wishes to keep the secret object after the callback returns, it shall take a reference to it, by calling virSecretRef(). The reference can be released once the object is no longer required by calling virSecretFree().
The return value from this method is a positive integer identifier for the callback. To unregister a callback, this callback ID should be passed to the virConnectSecretEventDeregisterAny() method.
- conn
- pointer to the connection
- secret
- pointer to the secret
- eventID
- the event type to receive
- cb
- callback to the function handling secret events
- opaque
- opaque data to pass on to the callback
- freecb
- optional function to deallocate opaque when not used anymore
- Returns
- a callback identifier on success, -1 on failure.
virSecretDefineXML
virSecretPtr virSecretDefineXML (virConnectPtr conn, const char * xml, unsigned int flags)
If XML specifies a UUID, locates the specified secret and replaces all attributes of the secret specified by UUID by attributes specified in xml (any attributes not specified in xml are discarded).
Otherwise, creates a new secret with an automatically chosen UUID, and initializes its attributes from xml.
virSecretFree should be used to free the resources after the secret object is no longer needed.
- conn
- virConnect connection
- xml
- XML describing the secret.
- flags
- extra flags; not used yet, so callers should always pass 0
- Returns
- a secret on success, NULL on failure.
virSecretFree
int virSecretFree (virSecretPtr secret)
Release the secret handle. The underlying secret continues to exist.
- secret
- pointer to a secret
- Returns
- 0 on success, or -1 on error
virSecretGetConnect
virConnectPtr virSecretGetConnect (virSecretPtr secret)
Provides the connection pointer associated with a secret. The reference counter on the connection is not increased by this call.
- secret
- A virSecret secret
- Returns
- the virConnectPtr or NULL in case of failure.
virSecretGetUUID
int virSecretGetUUID (virSecretPtr secret, unsigned char * uuid)
Fetches the UUID of the secret.
- secret
- A virSecret secret
- uuid
- buffer of VIR_UUID_BUFLEN bytes in size
- Returns
- 0 on success with the uuid buffer being filled, or -1 upon failure.
virSecretGetUUIDString
int virSecretGetUUIDString (virSecretPtr secret, char * buf)
Get the UUID for a secret as string. For more information about UUID see RFC4122.
- secret
- a secret object
- buf
- pointer to a VIR_UUID_STRING_BUFLEN bytes array
- Returns
- -1 in case of error, 0 in case of success
virSecretGetUsageID
const char * virSecretGetUsageID (virSecretPtr secret)
Get the unique identifier of the object with which this secret is to be used. The format of the identifier is dependent on the usage type of the secret. For a secret with a usage type of VIR_SECRET_USAGE_TYPE_VOLUME the identifier will be a fully qualified path name. The identifiers are intended to be unique within the set of all secrets sharing the same usage type. ie, there shall only ever be one secret for each volume path.
- secret
- a secret object
- Returns
- a string identifying the object using the secret, or NULL upon error
virSecretGetUsageType
int virSecretGetUsageType (virSecretPtr secret)
Get the type of object which uses this secret. The returned value is one of the constants defined in the virSecretUsageType enumeration. More values may be added to this enumeration in the future, so callers should expect to see usage types they do not explicitly know about.
- secret
- a secret object
- Returns
- a positive integer identifying the type of object, or -1 upon error.
virSecretGetValue
unsigned char * virSecretGetValue (virSecretPtr secret, size_t * value_size, unsigned int flags)
Fetches the value of a secret.
- secret
- A virSecret connection
- value_size
- Place for storing size of the secret value
- flags
- extra flags; not used yet, so callers should always pass 0
- Returns
- the secret value on success, NULL on failure. The caller must free() the secret value.
virSecretGetXMLDesc
char * virSecretGetXMLDesc (virSecretPtr secret, unsigned int flags)
Fetches an XML document describing attributes of the secret.
- secret
- A virSecret secret
- flags
- extra flags; not used yet, so callers should always pass 0
- Returns
- the XML document on success, NULL on failure. The caller must free() the XML.
virSecretLookupByUUID
virSecretPtr virSecretLookupByUUID (virConnectPtr conn, const unsigned char * uuid)
Try to lookup a secret on the given hypervisor based on its UUID. Uses the 16 bytes of raw data to describe the UUID
virSecretFree should be used to free the resources after the secret object is no longer needed.
- conn
- pointer to the hypervisor connection
- uuid
- the raw UUID for the secret
- Returns
- a new secret object or NULL in case of failure. If the secret cannot be found, then VIR_ERR_NO_SECRET error is raised.
virSecretLookupByUUIDString
virSecretPtr virSecretLookupByUUIDString (virConnectPtr conn, const char * uuidstr)
Try to lookup a secret on the given hypervisor based on its UUID. Uses the printable string value to describe the UUID
virSecretFree should be used to free the resources after the secret object is no longer needed.
- conn
- pointer to the hypervisor connection
- uuidstr
- the string UUID for the secret
- Returns
- a new secret object or NULL in case of failure. If the secret cannot be found, then VIR_ERR_NO_SECRET error is raised.
virSecretLookupByUsage
virSecretPtr virSecretLookupByUsage (virConnectPtr conn, int usageType, const char * usageID)
Try to lookup a secret on the given hypervisor based on its usage The usageID is unique within the set of secrets sharing the same usageType value.
virSecretFree should be used to free the resources after the secret object is no longer needed.
- conn
- pointer to the hypervisor connection
- usageType
- the type of secret usage
- usageID
- identifier of the object using the secret
- Returns
- a new secret object or NULL in case of failure. If the secret cannot be found, then VIR_ERR_NO_SECRET error is raised.
virSecretRef
int virSecretRef (virSecretPtr secret)
Increment the reference count on the secret. For each additional call to this method, there shall be a corresponding call to virSecretFree to release the reference count, once the caller no longer needs the reference to this object.
This method is typically useful for applications where multiple threads are using a connection, and it is required that the connection remain open until all threads have finished using it. ie, each new thread using a secret would increment the reference count.
- secret
- the secret to hold a reference on
- Returns
- 0 in case of success, -1 in case of failure.
virSecretSetValue
int virSecretSetValue (virSecretPtr secret, const unsigned char * value, size_t value_size, unsigned int flags)
Sets the value of a secret.
- secret
- A virSecret secret
- value
- Value of the secret
- value_size
- Size of the value
- flags
- extra flags; not used yet, so callers should always pass 0
- Returns
- 0 on success, -1 on failure.
virSecretUndefine
int virSecretUndefine (virSecretPtr secret)
Deletes the specified secret. This does not free the associated virSecretPtr object.
- secret
- A virSecret secret
- Returns
- 0 on success, -1 on failure.