On Mon, Oct 19, 2015 at 05:18:56PM +0200, Paolo Bonzini wrote:
>
>
> On 19/10/2015 17:09, Daniel P. Berrange wrote:
> > +
> > + switch (secret->format) {
> > + case QCRYPTO_SECRET_FORMAT_UTF8:
> > + if (!g_utf8_validate(input, strlen(input), NULL)) {
> > + error_setg(errp,
> > + "Data from secret %s is not valid UTF-8",
> > + secretid);
> > + goto cleanup;
> > + }
> > + output = input;
> > + input = NULL;
> > + break;
>
> Why validate secrets as UTF-8? In other words why have "utf8" instead
> of "binary" as a possible QCryptoSecretFormat?
JSON doesn't accept arbitrary 8-bit binary data, so the alternative
'base64' is effectively providing binary data facility. Having to
use base64 for plain passwords is rather tedious though, so allowing
utf8 is a much more developer friendly approach for people using QEMU
without a mgmt tool like libvirt.
NB, this dual-format utf8-or-base64 approach matches the approach used
in QEMU guest agent for the guest-file-read/write commands for the same
reason.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
