On 8/7/20 7:40 PM, Daniel P. Berrangé wrote:
We have long had a problem with use of netcat for ssh tunnelling because there's no guarantee the UNIX socket path the client builds will match the UNIX socket path the remote host uses. We don't even allow session mode SSH tunnelling for this reason. We also can't easily auto-spawn libvirtd in session mode. With the introduction of modular daemons we also have potential for two completely different UNIX socket paths even for system mode, and the client can't know which to use. The solution to all these problems is to introduce a custom netcat impl. Instead passing the UNIX socket path, we pass the libvirt driver URI. The custom netcat then decides which socket path to use based on the remote build host environment. We still have to support netcat for interoperability with legacy libvirt versions, but we can default to the new virt-nc. v4: Now with many fixed bugs to make it actually work v3: Now with more meson and less autotools ! Daniel P. Berrangé (11): rpc: merge logic for generating remote SSH shell script remote: push logic for default netcat binary into common helper remote: split off enums into separate source file remote: split out function for parsing URI scheme remote: parse the remote transport string earlier remote: split out function for constructing socket path remote: extract logic for determining daemon to connect to remote: introduce virt-ssh-helper binary rpc: switch order of args in virNetClientNewSSH rpc: use new virt-ssh-helper binary for remote tunnelling remote: fix error reporting for invalid daemon mode build-aux/syntax-check.mk | 2 +- docs/uri.html.in | 24 +- libvirt.spec.in | 2 + po/POTFILES.in | 2 + src/libvirt_remote.syms | 1 + src/remote/meson.build | 18 ++ src/remote/remote_driver.c | 331 +++++-------------------- src/remote/remote_sockets.c | 277 +++++++++++++++++++++ src/remote/remote_sockets.h | 70 ++++++ src/remote/remote_ssh_helper.c | 425 +++++++++++++++++++++++++++++++++ src/rpc/virnetclient.c | 167 +++++++++---- src/rpc/virnetclient.h | 29 ++- src/rpc/virnetsocket.c | 37 +-- src/rpc/virnetsocket.h | 4 +- tests/virnetsockettest.c | 12 +- 15 files changed, 1030 insertions(+), 371 deletions(-) create mode 100644 src/remote/remote_sockets.c create mode 100644 src/remote/remote_sockets.h create mode 100644 src/remote/remote_ssh_helper.c
Reviewed-by: Michal Privoznik <mprivozn@xxxxxxxxxx> Michal
