From 3fb964a0317b7a2742ef7d672e68e4364596b3c7 Mon Sep 17 00:00:00 2001 From: Ken Gaillot Date: Feb 05 2021 06:22:45 +0000 Subject: Refactor: controller: simplify default handling for private agent parameters This is an efficiency gain since the setting of default private parameters only has to be done once when meta-data is read rather than every time an action result is recorded, but mainly this is to make the code simpler and easier to follow. --- diff --git a/daemons/controld/controld_execd.c b/daemons/controld/controld_execd.c index f4dc414..0122e2b 100644 --- a/daemons/controld/controld_execd.c +++ b/daemons/controld/controld_execd.c @@ -498,39 +498,10 @@ build_parameter_list(const lrmd_event_data_t *op, { char *list = NULL; size_t len = 0; - size_t max = 0; - - /* Newer resource agents support the "private" parameter attribute to - * indicate sensitive parameters. For backward compatibility with older - * agents, this list is used if the agent doesn't specify any as "private". - */ - const char *secure_terms[] = { - "password", - "passwd", - "user", - }; - - if (!pcmk_is_set(metadata->ra_flags, ra_uses_private) - && (param_type == ra_param_private)) { - - max = DIMOF(secure_terms); - } for (GList *iter = metadata->ra_params; iter != NULL; iter = iter->next) { struct ra_param_s *param = (struct ra_param_s *) iter->data; - bool accept = FALSE; - - if (pcmk_is_set(param->rap_flags, param_type)) { - accept = TRUE; - - } else if (max) { - for (int lpc = 0; lpc < max; lpc++) { - if (pcmk__str_eq(secure_terms[lpc], param->rap_name, pcmk__str_casei)) { - accept = TRUE; - break; - } - } - } + bool accept = pcmk_is_set(param->rap_flags, param_type); if (accept) { crm_trace("Attr %s is %s", param->rap_name, ra_param_flag2text(param_type)); diff --git a/daemons/controld/controld_metadata.c b/daemons/controld/controld_metadata.c index da9da60..ef6281e 100644 --- a/daemons/controld/controld_metadata.c +++ b/daemons/controld/controld_metadata.c @@ -182,6 +182,7 @@ metadata_cache_update(GHashTable *mdc, lrmd_rsc_info_t *rsc, xmlNode *metadata = NULL; xmlNode *match = NULL; struct ra_metadata_s *md = NULL; + bool any_private_params = false; CRM_CHECK(mdc && rsc && metadata_str, return NULL); @@ -238,12 +239,28 @@ metadata_cache_update(GHashTable *mdc, lrmd_rsc_info_t *rsc, goto err; } if (pcmk_is_set(p->rap_flags, ra_param_private)) { - controld_set_ra_flags(md, key, ra_uses_private); + any_private_params = true; } md->ra_params = g_list_prepend(md->ra_params, p); } } + /* Newer resource agents support the "private" parameter attribute to + * indicate sensitive parameters. For backward compatibility with older + * agents, implicitly treat a few common names as private when the agent + * doesn't specify any explicitly. + */ + if (!any_private_params) { + for (GList *iter = md->ra_params; iter != NULL; iter = iter->next) { + struct ra_param_s *p = iter->data; + + if (pcmk__str_any_of(p->rap_name, "password", "passwd", "user", + NULL)) { + controld_set_ra_param_flags(p, ra_param_private); + } + } + } + g_hash_table_replace(mdc, key, md); free_xml(metadata); return md; diff --git a/daemons/controld/controld_metadata.h b/daemons/controld/controld_metadata.h index 010092f..398d12a 100644 --- a/daemons/controld/controld_metadata.h +++ b/daemons/controld/controld_metadata.h @@ -12,7 +12,6 @@ enum ra_flags_e { ra_supports_reload = 0x01, - ra_uses_private = 0x02, }; enum ra_param_flags_e {