Re: [Libguestfs] [PATCH 2/2] Fix handling of passwords in URLs
On Wed, Apr 30, 2014 at 06:22:41PM +0200, Pino Toscano wrote:
So far, passwords in URLs (eg http://user:password@host..) have been
handled as part of the username, and thus passing
add-drive path username:username:password ...
instead of
add-drive path username:username secret:password ...
Fix the parsing of URLs to handle passwords as separate elements,
properly passing it as "secret" parameter for add-drive, and properly
readd it when building URLs in the direct backend.
Furthmore, to keep curl- and ssh-based qemu drivers working with
authenticated resources, make sure they can accept secrets.
Reported in comment #1 of RHBZ#1092583.
The patch looks good, at an initial read. I'd be happier if it had a
test (see: fish/test-add-uri.sh), and if the test passes valgrind :-)
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-builder quickly builds VMs from scratch
http://libguestfs.org/virt-builder.1.html