[libvirt] [PATCH v3 4/6] remote: expose a new libssh transport
Peter Krempa
pkrempa at redhat.com
Tue Nov 1 12:40:01 UTC 2016
On Wed, Oct 19, 2016 at 14:40:37 +0200, Pino Toscano wrote:
> Implement in virtNetClient and VirNetSocket the needed functions to
> expose a new libssh transport, providing all the options that the
> libssh2 transport supports.
> ---
> docs/remote.html.in | 35 ++++++---
> src/remote/remote_driver.c | 41 +++++++++++
> src/rpc/virnetclient.c | 118 ++++++++++++++++++++++++++++++
> src/rpc/virnetclient.h | 13 ++++
> src/rpc/virnetsocket.c | 179 +++++++++++++++++++++++++++++++++++++++++++++
> src/rpc/virnetsocket.h | 13 ++++
> 6 files changed, 387 insertions(+), 12 deletions(-)
[...]
> diff --git a/src/rpc/virnetclient.c b/src/rpc/virnetclient.c
> index 361dc1a..6d406ff 100644
> --- a/src/rpc/virnetclient.c
> +++ b/src/rpc/virnetclient.c
> @@ -505,6 +505,124 @@ virNetClientPtr virNetClientNewLibSSH2(const char *host,
> }
> #undef DEFAULT_VALUE
>
> +#define DEFAULT_VALUE(VAR, VAL) \
> + if (!VAR) \
> + VAR = VAL;
> +virNetClientPtr virNetClientNewLibssh(const char *host,
> + const char *port,
> + int family,
> + const char *username,
> + const char *privkeyPath,
> + const char *knownHostsPath,
> + const char *knownHostsVerify,
> + const char *authMethods,
> + const char *netcatPath,
> + const char *socketPath,
> + virConnectAuthPtr authPtr,
> + virURIPtr uri)
> +{
> + virNetSocketPtr sock = NULL;
> + virNetClientPtr ret = NULL;
> +
> + virBuffer buf = VIR_BUFFER_INITIALIZER;
> + char *nc = NULL;
> + char *command = NULL;
> +
> + char *homedir = virGetUserDirectory();
> + char *confdir = virGetUserConfigDirectory();
> + char *knownhosts = NULL;
> + char *privkey = NULL;
> +
> + /* Use default paths for known hosts an public keys if not provided */
> + if (confdir) {
> + if (!knownHostsPath) {
> + if (virFileExists(confdir)) {
> + if (virAsprintf(&knownhosts, "%s/known_hosts", confdir) < 0)
So does libssh break the known hosts file? It's not very pleasant to
keep two separate files, since you'd have to re-authenticate all the
hosts key for use with libvirt.
> + goto cleanup;
> + }
> + } else {
> + if (VIR_STRDUP(knownhosts, knownHostsPath) < 0)
> + goto cleanup;
> + }
> + }
> +
> + if (homedir) {
> + if (!privkeyPath) {
> + /* RSA */
> + if (virAsprintf(&privkey, "%s/.ssh/id_rsa", homedir) < 0)
> + goto cleanup;
> +
> + if (!(virFileExists(privkey)))
> + VIR_FREE(privkey);
> + /* DSA */
> + if (!privkey) {
> + if (virAsprintf(&privkey, "%s/.ssh/id_dsa", homedir) < 0)
> + goto cleanup;
> +
> + if (!(virFileExists(privkey)))
> + VIR_FREE(privkey);
Documentation for ssh-keygen states that the following paths are tried
by default:
~/.ssh/identity, ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 or
~/.ssh/id_rsa
> + }
> + } else {
> + if (VIR_STRDUP(privkey, privkeyPath) < 0)
> + goto cleanup;
> + }
> + }
> +
> + if (!authMethods) {
> + if (privkey)
> + authMethods = "agent,privkey,password,keyboard-interactive";
> + else
> + authMethods = "agent,password,keyboard-interactive";
> + }
> +
> + DEFAULT_VALUE(host, "localhost");
> + DEFAULT_VALUE(port, "22");
> + DEFAULT_VALUE(username, "root");
> + DEFAULT_VALUE(netcatPath, "nc");
> + DEFAULT_VALUE(knownHostsVerify, "normal");
> +
> + virBufferEscapeShell(&buf, netcatPath);
> + if (!(nc = virBufferContentAndReset(&buf)))
> + goto no_memory;
The known_hosts issue needs clarification. Other than that this patch
looks okay.
Peter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20161101/1e05de0b/attachment-0001.sig>
More information about the libvir-list
mailing list