For ssh disks that are served by nbdkit, use the configured value for knownHosts and pass it to the nbdkit process. Signed-off-by: Jonathon Jongsma <jjongsma@xxxxxxxxxx> --- src/conf/domain_conf.c | 8 ++++++++ src/conf/storage_source_conf.c | 1 + src/conf/storage_source_conf.h | 2 ++ src/qemu/qemu_nbdkit.c | 3 +++ tests/qemunbdkitdata/disk-network-ssh-password.args.disk0 | 3 ++- tests/qemunbdkitdata/disk-network-ssh.args.disk0 | 3 ++- tests/qemuxml2argvdata/disk-network-ssh-password.xml | 1 + tests/qemuxml2argvdata/disk-network-ssh.xml | 1 + 8 files changed, 20 insertions(+), 2 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 45965fa0fa..f383bb8aaa 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -7143,6 +7143,11 @@ virDomainDiskSourceNetworkParse(xmlNodePtr node, return -1; } } + if (src->protocol == VIR_STORAGE_NET_PROTOCOL_SSH && + (tmpnode = virXPathNode("./knownHosts", ctxt))) { + if (!(src->ssh_known_hosts_file = virXMLPropStringRequired(tmpnode, "path"))) + return -1; + } return 0; } @@ -21940,6 +21945,9 @@ virDomainDiskSourceFormatNetwork(virBuffer *attrBuf, if (src->timeout) virBufferAsprintf(childBuf, "<timeout seconds='%llu'/>\n", src->timeout); + + if (src->protocol == VIR_STORAGE_NET_PROTOCOL_SSH && src->ssh_known_hosts_file) + virBufferAsprintf(childBuf, "<knownHosts path='%s'/>\n", src->ssh_known_hosts_file); } diff --git a/src/conf/storage_source_conf.c b/src/conf/storage_source_conf.c index cecd7e811e..5d60c46cfc 100644 --- a/src/conf/storage_source_conf.c +++ b/src/conf/storage_source_conf.c @@ -1167,6 +1167,7 @@ virStorageSourceClear(virStorageSource *def) VIR_FREE(def->tlsHostname); VIR_FREE(def->ssh_user); + VIR_FREE(def->ssh_known_hosts_file); VIR_FREE(def->nfs_user); VIR_FREE(def->nfs_group); diff --git a/src/conf/storage_source_conf.h b/src/conf/storage_source_conf.h index 14a6825d54..a2d8b1f8bd 100644 --- a/src/conf/storage_source_conf.h +++ b/src/conf/storage_source_conf.h @@ -405,6 +405,8 @@ struct _virStorageSource { /* these must not be used apart from formatting the output JSON in the qemu driver */ char *ssh_user; bool ssh_host_key_check_disabled; + /* additional ssh variables */ + char *ssh_known_hosts_file; /* nfs_user and nfs_group store the strings passed in by the user for NFS params. * nfs_uid and nfs_gid represent the converted/looked up ID numbers which are used diff --git a/src/qemu/qemu_nbdkit.c b/src/qemu/qemu_nbdkit.c index 39afad106a..4b10df6b7c 100644 --- a/src/qemu/qemu_nbdkit.c +++ b/src/qemu/qemu_nbdkit.c @@ -1110,6 +1110,9 @@ qemuNbdkitProcessBuildCommandSSH(qemuNbdkitProcess *proc, if (proc->source->ssh_host_key_check_disabled) virCommandAddArgPair(cmd, "verify-remote-host", "false"); + if (proc->source->ssh_known_hosts_file) + virCommandAddArgPair(cmd, "known-hosts", proc->source->ssh_known_hosts_file); + return 0; } diff --git a/tests/qemunbdkitdata/disk-network-ssh-password.args.disk0 b/tests/qemunbdkitdata/disk-network-ssh-password.args.disk0 index 30711f7f07..ee2d7c3343 100644 --- a/tests/qemunbdkitdata/disk-network-ssh-password.args.disk0 +++ b/tests/qemunbdkitdata/disk-network-ssh-password.args.disk0 @@ -5,4 +5,5 @@ host=example.org \ port=2222 \ path=test2.img \ user=testuser \ -password=-777 +password=-777 \ +known-hosts=/path/to/knownhosts diff --git a/tests/qemunbdkitdata/disk-network-ssh.args.disk0 b/tests/qemunbdkitdata/disk-network-ssh.args.disk0 index c04dc8bb03..481b218936 100644 --- a/tests/qemunbdkitdata/disk-network-ssh.args.disk0 +++ b/tests/qemunbdkitdata/disk-network-ssh.args.disk0 @@ -3,4 +3,5 @@ nbdkit \ --foreground ssh \ host=example.org \ port=2222 \ -path=test.img +path=test.img \ +known-hosts=/path/to/ssh_known_hosts diff --git a/tests/qemuxml2argvdata/disk-network-ssh-password.xml b/tests/qemuxml2argvdata/disk-network-ssh-password.xml index 266acb761f..bdb4cf6e35 100644 --- a/tests/qemuxml2argvdata/disk-network-ssh-password.xml +++ b/tests/qemuxml2argvdata/disk-network-ssh-password.xml @@ -22,6 +22,7 @@ <auth username='testuser'> <secret type='iscsi' usage='mycluster_myname'/> </auth> + <knownHosts path='/path/to/knownhosts'/> </source> <target dev='vda' bus='virtio'/> </disk> diff --git a/tests/qemuxml2argvdata/disk-network-ssh.xml b/tests/qemuxml2argvdata/disk-network-ssh.xml index 355add4fea..a3aeca0c99 100644 --- a/tests/qemuxml2argvdata/disk-network-ssh.xml +++ b/tests/qemuxml2argvdata/disk-network-ssh.xml @@ -19,6 +19,7 @@ <host name='example.org' port='2222'/> <timeout seconds='1234'/> <readahead size='1024'/> + <knownHosts path="/path/to/ssh_known_hosts"/> </source> <target dev='vda' bus='virtio'/> </disk> -- 2.39.0