External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-08 22:15:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

libssh2_session: Add support for creating known_hosts file

Browse Source 
The libssh2 code wasn't supposed to create the known_hosts file, but
recent findings show, that we can't use the default created by OpenSSH
as libssh2 might damage it. We need to create a private known_hosts file
in the config path.

This patch adds support for skipping error if the known_hosts file is
not present and let libssh2 create a new one.
This commit is contained in:
Peter Krempa 2012-08-21 18:28:11 +02:00
parent 5065942019
commit f1d0b92a01
3 changed files with 25 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/rpc/virnetsocket.c
View File

@ -788,8 +788,8 @@ virNetSocketNewConnectLibSSH2(const char *host,
host,
portN,
knownHosts,
false,
verify) != 0)
verify,
VIR_NET_SSH_HOSTKEY_FILE_CREATE) != 0)
goto error;
if (virNetSSHSessionSetChannelCommand(sess, command) != 0)

26
src/rpc/virnetsshsession.c
View File

@ -1123,8 +1123,8 @@ virNetSSHSessionSetHostKeyVerification(virNetSSHSessionPtr sess,
const char *hostname,
int port,
const char *hostsfile,
bool readonly,
virNetSSHHostkeyVerify opt)
virNetSSHHostkeyVerify opt,
unsigned int flags)
{
char *errmsg;
@ -1140,19 +1140,25 @@ virNetSSHSessionSetHostKeyVerification(virNetSSHSessionPtr sess,
/* load the known hosts file */
if (hostsfile) {
if (libssh2_knownhost_readfile(sess->knownHosts,
hostsfile,
LIBSSH2_KNOWNHOST_FILE_OPENSSH) < 0) {
libssh2_session_last_error(sess->session, &errmsg, NULL, 0);
if (virFileExists(hostsfile)) {
if (libssh2_knownhost_readfile(sess->knownHosts,
hostsfile,
LIBSSH2_KNOWNHOST_FILE_OPENSSH) < 0) {
libssh2_session_last_error(sess->session, &errmsg, NULL, 0);
virReportError(VIR_ERR_SSH,
_("unable to load knownhosts file '%s': %s"),
hostsfile, errmsg);
goto error;
}
} else if (!(flags & VIR_NET_SSH_HOSTKEY_FILE_CREATE)) {
virReportError(VIR_ERR_SSH,
_("unable to load knownhosts file '%s': %s"),
hostsfile, errmsg);
_("known hosts file '%s' does not exist"),
hostsfile);
goto error;
}
/* set filename only if writing to the known hosts file is requested */
if (!readonly) {
if (!(flags & VIR_NET_SSH_HOSTKEY_FILE_READONLY)) {
VIR_FREE(sess->knownHostsFile);
if (!(sess->knownHostsFile = strdup(hostsfile)))
goto no_memory;

9
src/rpc/virnetsshsession.h
View File

@ -36,6 +36,11 @@ typedef enum {
VIR_NET_SSH_HOSTKEY_VERIFY_IGNORE
} virNetSSHHostkeyVerify;
typedef enum {
VIR_NET_SSH_HOSTKEY_FILE_READONLY = 1 << 0,
VIR_NET_SSH_HOSTKEY_FILE_CREATE = 1 << 1,
} virNetSSHHostKeyFileFlags;
int virNetSSHSessionSetChannelCommand(virNetSSHSessionPtr sess,
const char *command);
@ -64,8 +69,8 @@ int virNetSSHSessionSetHostKeyVerification(virNetSSHSessionPtr sess,
const char *hostname,
int port,
const char *hostsfile,
bool readonly,
virNetSSHHostkeyVerify opt);
virNetSSHHostkeyVerify opt,
unsigned int flags);
int virNetSSHSessionConnect(virNetSSHSessionPtr sess,
int sock);