[libvirt] [RFC] Power Hypervisor Libvirt support

Daniel P. Berrange berrange at redhat.com
Mon Mar 30 09:44:28 UTC 2009


On Fri, Mar 27, 2009 at 05:33:43PM -0300, Eduardo Otubo wrote:
> > > @@ -714,6 +716,21 @@ AM_CONDITIONAL([HAVE_NUMACTL], [test "$with_numactl" != "no"])
> > >  AC_SUBST([NUMACTL_CFLAGS])
> > >  AC_SUBST([NUMACTL_LIBS])
> > >  
> > > +if test "$with_phyp" = "yes"; then
> > > +  AC_CHECK_LIB([ssh],[ssh_new],[
> > > +        LIBSSH_LIBS="$LIBSSH_LIBS -lssh -L/usr/local/lib/"
> > > +        AC_SUBST([LIBSSH_LIBS])],[
> > > +        AC_MSG_ERROR([You must install the libssh to compile Phype driver.])])
> > > +
> > > +  AC_CHECK_HEADERS([libssh/libssh.h],[
> > > +        LIBSSH_CFLAGS="-I/usr/local/include/libssh"
> > > +        AC_SUBST([LIBSSH_CFLAGS])],[
> > > +        AC_MSG_ERROR([Cannot find libssh headers.Is libssh installed ?])],[])
> > > +  AC_DEFINE_UNQUOTED([WITH_PHYP], 1,
> > > +        [whether IBM HMC / IVM driver is enabled])
> > > +fi
> > > +AM_CONDITIONAL([WITH_PHYP],[test "$with_phyp" = "yes"])
> > 
> > For this it is preferable to avoid using hardcoded paths in this way. If
> > we are going to use libssh2 for phyp driver, then I reckon it woul dbe
> > desirable to also use it for our existing remote RPC driver too (it currently
> > just fork/exec's  /usr/bin/ssh). 
> 
> 
> In fact I use libssh <http://0xbadc0de.be/wiki/libssh:libssh> and not
> libssh2. I choosed libssh instead of libssh2 for some reasons: libssh2
> doesn't handle server side ssh or sshv1. And I am more used to work with
> its API then libssh2.

Hmm, I hadn't come across  libssh  before. To be honest I'm not really
all that impressed with the code quality of libssh. There is a serious
lack of basic error checking in system calls & libc calls they make,
in particular no malloc() call is ever checked for failure. It is
hardcoded to use IPv4 for sockets. It is not const-correct in its
API usage, or its exposed public API.

As such I don't think libssh is suitable for use in libvirt, and would
rather this used libssh2. libssh2 also has the benefit that it has
been ported to Win32 platform already.

As for SSH v1 protocol support, this is a flawed protocol and should not
be used in any apps or libraries anymore because it cannot be considered
secure by modern standards. 

Regards,
Daniel
-- 
|: Red Hat, Engineering, London   -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|




More information about the libvir-list mailing list