On Thu, Nov 03, 2016 at 15:01:41 +0100, Peter Krempa wrote: > On Wed, Nov 02, 2016 at 15:18:04 +0100, Pino Toscano wrote: > > Hi, > > > > this series introduces a new libssh transport in libvirt, based on the > > libssh C library. This library supports what libssh2 does, and more: > > - easier API for known_hosts handling (there's a ticket upstream to > > request extensions for it, but what is implemented now works well) > > - potential GSSAPI authentication (not enabled yet because of a libssh > > bug [1]) > > - easier API for ssh-agent support > > > > The implementation for the new transport is based on the libssh2 one, > > hence it shares origin and style. > > ACK, > > I'll push this series shortly. Actually I spoke too soon. While doing some final testing I found a bug. If libvirtd is not running on the remote side the client hangs with following backtrace: Thread 1 (Thread 0x7fb4d909d880 (LWP 2382303)): #0 0x00007fb4d54a8b6d in poll () from /lib64/libc.so.6 #1 0x00007fb4d8498a40 in poll (__timeout=-1, __nfds=2, __fds=0x7fffacc067d0) at /usr/include/bits/poll2.h:46 #2 virNetClientIOEventLoop (client=client@entry=0x560dd8a3b980, thiscall=thiscall@entry=0x560dd8a390b0) at rpc/virnetclient.c:1662 #3 0x00007fb4d8499208 in virNetClientIO (thiscall=0x560dd8a390b0, client=0x560dd8a3b980) at rpc/virnetclient.c:1944 #4 virNetClientSendInternal (client=client@entry=0x560dd8a3b980, msg=msg@entry=0x560dd8a38a50, expectReply=expectReply@entry=true, nonBlock=nonBlock@entry=false) at rpc/virnetclient.c:2116 #5 0x00007fb4d849a403 in virNetClientSendWithReply (client=client@entry=0x560dd8a3b980, msg=msg@entry=0x560dd8a38a50) at rpc/virnetclient.c:2144 #6 0x00007fb4d849abe0 in virNetClientProgramCall (prog=prog@entry=0x560dd8a35710, client=client@entry=0x560dd8a3b980, serial=serial@entry=0, proc=proc@entry=66, noutfds=noutfds@entry=0, outfds=outfds@entry=0x0, ninfds=0x0, infds=0x0, args_filter=0x7fb4d54de720 <xdr_void>, args=0x0, ret_filter=0x7fb4d8492d3c <xdr_remote_auth_list_ret>, ret=0x7fffacc06c10) at rpc/virnetclientprogram.c:329 #7 0x00007fb4d84744aa in callFull (conn=conn@entry=0x560dd8a33940, priv=priv@entry=0x560dd8a33c70, flags=flags@entry=0, fdin=fdin@entry=0x0, fdinlen=fdinlen@entry=0, fdout=fdout@entry=0x0, fdoutlen=0x0, proc_nr=66, args_filter=0x7fb4d54de720 <xdr_void>, args=0x0, ret_filter=0x7fb4d8492d3c <xdr_remote_auth_list_ret>, ret=0x7fffacc06c10 "") at remote/remote_driver.c:6446 #8 0x00007fb4d84744f6 in call (conn=conn@entry=0x560dd8a33940, priv=priv@entry=0x560dd8a33c70, flags=flags@entry=0, proc_nr=proc_nr@entry=66, args_filter=<optimized out>, args=args@entry=0x0, ret_filter=0x7fb4d8492d3c <xdr_remote_auth_list_ret>, ret=0x7fffacc06c10 "") at remote/remote_driver.c:6468 #9 0x00007fb4d8476f71 in remoteAuthenticate (authtype=0x0, auth=0x7fb4d8861940 <virConnectAuthDefault>, priv=0x560dd8a33c70, conn=0x560dd8a33940) at remote/remote_driver.c:3551 #10 doRemoteOpen (conn=conn@entry=0x560dd8a33940, priv=0x560dd8a33c70, auth=auth@entry=0x7fb4d8861940 <virConnectAuthDefault>, conf=conf@entry=0x560dd8a35a40, flags=flags@entry=0) at remote/remote_driver.c:1143 #11 0x00007fb4d8477c8e in remoteConnectOpen (conn=0x560dd8a33940, auth=0x7fb4d8861940 <virConnectAuthDefault>, conf=0x560dd8a35a40, flags=<optimized out>) at remote/remote_driver.c:1328 #12 0x00007fb4d842f16f in virConnectOpenInternal (name=<optimized out>, name@entry=0x560dd8a2ee00 "qemu+libssh://pipo@xxxxxxxxxxxxxxxxxxxxxxxxxxx/system", auth=auth@entry=0x7fb4d8861940 <virConnectAuthDefault>, flags=flags@entry=0) at libvirt.c:1093 #13 0x00007fb4d8430362 in virConnectOpenAuth (name=0x560dd8a2ee00 "qemu+libssh://pipo@xxxxxxxxxxxxxxxxxxxxxxxxxxx/system", auth=0x7fb4d8861940 <virConnectAuthDefault>, flags=0) at libvirt.c:1247 #14 0x0000560dd739fecf in virshConnect (ctl=0x7fffacc06ea0, uri=0x560dd8a2ee00 "qemu+libssh://pipo@xxxxxxxxxxxxxxxxxxxxxxxxxxx/system", readonly=false) at virsh.c:161 #15 0x0000560dd73a00cb in virshReconnect (ctl=0x7fffacc06ea0, name=0x0, readonly=<optimized out>, force=<optimized out>) at virsh.c:233 #16 0x0000560dd73a122d in virshInit (ctl=0x7fffacc06ea0) at virsh.c:420 #17 main (argc=<optimized out>, argv=<optimized out>) at virsh.c:948 It's pretty easy to reproduce: just stop libvirtd. After starting it it works as expected. It also breaks if the user does not have permission to access the socket. Looks like the failure of netcat is not propagated properly. Peter
Attachment:
signature.asc
Description: Digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list