mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-22 21:55:25 +00:00
client: Change default location of known_hosts file for libssh2 layer
Unfortunately libssh2 doesn't support all types of host keys that can be saved in the known_hosts file. Also it does not report that parsing of the file failed. This results into truncated known_hosts files where the standard client stores keys also in other formats (eg. ecdsa-sha2-nistp256). This patch changes the default location of the known_hosts file into the libvirt private configuration directory, where it will be only written by the libssh2 layer itself. This prevents trashing user's known_host file.
This commit is contained in:
parent
f1d0b92a01
commit
225f280744
@ -417,23 +417,25 @@ virNetClientPtr virNetClientNewLibSSH2(const char *host,
|
||||
char *command = NULL;
|
||||
|
||||
char *homedir = virGetUserDirectory();
|
||||
char *confdir = virGetUserConfigDirectory();
|
||||
char *knownhosts = NULL;
|
||||
char *privkey = NULL;
|
||||
|
||||
/* Use default paths for known hosts an public keys if not provided */
|
||||
if (homedir) {
|
||||
if (confdir) {
|
||||
if (!knownHostsPath) {
|
||||
virBufferAsprintf(&buf, "%s/.ssh/known_hosts", homedir);
|
||||
if (!(knownhosts = virBufferContentAndReset(&buf)))
|
||||
goto no_memory;
|
||||
|
||||
if (!(virFileExists(knownhosts)))
|
||||
VIR_FREE(knownhosts);
|
||||
if (virFileExists(confdir)) {
|
||||
virBufferAsprintf(&buf, "%s/known_hosts", confdir);
|
||||
if (!(knownhosts = virBufferContentAndReset(&buf)))
|
||||
goto no_memory;
|
||||
}
|
||||
} else {
|
||||
if (!(knownhosts = strdup(knownHostsPath)))
|
||||
goto no_memory;
|
||||
}
|
||||
}
|
||||
|
||||
if (homedir) {
|
||||
if (!privkeyPath) {
|
||||
/* RSA */
|
||||
virBufferAsprintf(&buf, "%s/.ssh/id_rsa", homedir);
|
||||
@ -501,6 +503,7 @@ cleanup:
|
||||
VIR_FREE(privkey);
|
||||
VIR_FREE(knownhosts);
|
||||
VIR_FREE(homedir);
|
||||
VIR_FREE(confdir);
|
||||
VIR_FREE(nc);
|
||||
virObjectUnref(sock);
|
||||
return ret;
|
||||
|
Loading…
Reference in New Issue
Block a user