[libvirt] [PATCH] remote/ssh: support for no_verify.

Oskari Saarenmaa os at ohmu.fi
Sat Jul 2 08:47:09 UTC 2011


Set StrictHostKeyChecking=no to auto-accept new ssh host keys if the
no_verify extra parameter was specified.  This won't disable host key
checking for already known hosts.
---
 src/remote/remote_driver.c |    1 +
 src/rpc/virnetclient.c     |    3 ++-
 src/rpc/virnetclient.h     |    1 +
 src/rpc/virnetsocket.c     |    3 +++
 src/rpc/virnetsocket.h     |    1 +
 tests/virnetsockettest.c   |    2 ++
 6 files changed, 10 insertions(+), 1 deletions(-)

diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
index f318740..a2f54c8 100644
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
@@ -571,6 +571,7 @@ doRemoteOpen (virConnectPtr conn,
                                                 command,
                                                 username,
                                                 no_tty,
+                                                no_verify,
                                                 netcat ? netcat : "nc",
                                                 sockname)))
             goto failed;
diff --git a/src/rpc/virnetclient.c b/src/rpc/virnetclient.c
index b551b99..fc0fef8 100644
--- a/src/rpc/virnetclient.c
+++ b/src/rpc/virnetclient.c
@@ -187,12 +187,13 @@ virNetClientPtr virNetClientNewSSH(const char *nodename,
                                    const char *binary,
                                    const char *username,
                                    bool noTTY,
+                                   bool noVerify,
                                    const char *netcat,
                                    const char *path)
 {
     virNetSocketPtr sock;
 
-    if (virNetSocketNewConnectSSH(nodename, service, binary, username, noTTY, netcat, path, &sock) < 0)
+    if (virNetSocketNewConnectSSH(nodename, service, binary, username, noTTY, noVerify, netcat, path, &sock) < 0)
         return NULL;
 
     return virNetClientNew(sock, NULL);
diff --git a/src/rpc/virnetclient.h b/src/rpc/virnetclient.h
index de0782c..6acdf50 100644
--- a/src/rpc/virnetclient.h
+++ b/src/rpc/virnetclient.h
@@ -44,6 +44,7 @@ virNetClientPtr virNetClientNewSSH(const char *nodename,
                                    const char *binary,
                                    const char *username,
                                    bool noTTY,
+                                   bool noVerify,
                                    const char *netcat,
                                    const char *path);
 
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
index 4b0c2ee..e827b4f 100644
--- a/src/rpc/virnetsocket.c
+++ b/src/rpc/virnetsocket.c
@@ -576,6 +576,7 @@ int virNetSocketNewConnectSSH(const char *nodename,
                               const char *binary,
                               const char *username,
                               bool noTTY,
+                              bool noVerify,
                               const char *netcat,
                               const char *path,
                               virNetSocketPtr *retsock)
@@ -596,6 +597,8 @@ int virNetSocketNewConnectSSH(const char *nodename,
     if (noTTY)
         virCommandAddArgList(cmd, "-T", "-o", "BatchMode=yes",
                              "-e", "none", NULL);
+    if (noVerify)
+        virCommandAddArgList(cmd, "-oStrictHostKeyChecking=no", NULL);
     virCommandAddArgList(cmd, nodename,
                          netcat ? netcat : "nc",
                          "-U", path, NULL);
diff --git a/src/rpc/virnetsocket.h b/src/rpc/virnetsocket.h
index 356d6c6..5f882ac 100644
--- a/src/rpc/virnetsocket.h
+++ b/src/rpc/virnetsocket.h
@@ -67,6 +67,7 @@ int virNetSocketNewConnectSSH(const char *nodename,
                               const char *binary,
                               const char *username,
                               bool noTTY,
+                              bool noVerify,
                               const char *netcat,
                               const char *path,
                               virNetSocketPtr *addr);
diff --git a/tests/virnetsockettest.c b/tests/virnetsockettest.c
index f6c7274..87f3dfa 100644
--- a/tests/virnetsockettest.c
+++ b/tests/virnetsockettest.c
@@ -377,6 +377,7 @@ struct testSSHData {
     const char *binary;
     const char *username;
     bool noTTY;
+    bool noVerify;
     const char *netcat;
     const char *path;
 
@@ -397,6 +398,7 @@ static int testSocketSSH(const void *opaque)
                                   data->binary,
                                   data->username,
                                   data->noTTY,
+                                  data->noVerify,
                                   data->netcat,
                                   data->path,
                                   &csock) < 0)
-- 
1.7.5.4




More information about the libvir-list mailing list