[PATCH 2/2] client: Change default location of known_hosts file for libssh2 layer

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Unfortunately libssh2 doesn't support all types of host keys that can be
saved in the known_hosts file. Also it does not report that parsing of
the file failed. This results into truncated known_hosts files where the
standard client stores keys also in other formats (eg.
ecdsa-sha2-nistp256).

This patch changes the default location of the known_hosts file into the
libvirt private configuration directory, where it will be only written
by the libssh2 layer itself. This prevents thrashing user's files.
---
 src/rpc/virnetclient.c |   17 ++++++++++-------
 1 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/src/rpc/virnetclient.c b/src/rpc/virnetclient.c
index 8ff5e09..4ecc703 100644
--- a/src/rpc/virnetclient.c
+++ b/src/rpc/virnetclient.c
@@ -417,23 +417,25 @@ virNetClientPtr virNetClientNewLibSSH2(const char *host,
     char *command = NULL;

     char *homedir = virGetUserDirectory();
+    char *confdir = virGetUserConfigDirectory();
     char *knownhosts = NULL;
     char *privkey = NULL;

     /* Use default paths for known hosts an public keys if not provided */
-    if (homedir) {
+    if (confdir) {
         if (!knownHostsPath) {
-            virBufferAsprintf(&buf, "%s/.ssh/known_hosts", homedir);
-            if (!(knownhosts = virBufferContentAndReset(&buf)))
-                goto no_memory;
-
-            if (!(virFileExists(knownhosts)))
-                VIR_FREE(knownhosts);
+            if (virFileExists(confdir)) {
+                virBufferAsprintf(&buf, "%s/known_hosts", confdir);
+                if (!(knownhosts = virBufferContentAndReset(&buf)))
+                    goto no_memory;
+            }
         } else {
             if (!(knownhosts = strdup(knownHostsPath)))
                 goto no_memory;
         }
+    }

+    if (homedir) {
         if (!privkeyPath) {
             /* RSA */
             virBufferAsprintf(&buf, "%s/.ssh/id_rsa", homedir);
@@ -501,6 +503,7 @@ cleanup:
     VIR_FREE(privkey);
     VIR_FREE(knownhosts);
     VIR_FREE(homedir);
+    VIR_FREE(confdir);
     VIR_FREE(nc);
     virObjectUnref(sock);
     return ret;
-- 
1.7.8.6

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]