libssh2_session: Add support for creating known_hosts file

The libssh2 code wasn't supposed to create the known_hosts file, but recent findings show, that we can't use the default created by OpenSSH as libssh2 might damage it. We need to create a private known_hosts file in the config path. This patch adds support for skipping error if the known_hosts file is not present and let libssh2 create a new one.
author: Peter Krempa <pkrempa@redhat.com> 2012-08-21 18:28:11 +0200
committer: Peter Krempa <pkrempa@redhat.com> 2012-08-22 11:49:07 +0200
commit: f1d0b92a01f5bef029d25368674849e9ac89932b (patch)
tree: 280745581b2c46a8c7e976f86e82eab5f693567f /src/rpc/virnetsshsession.c
parent: qemu: support of emulator_period and emulator_quota's modification (diff)
download: libvirt-f1d0b92a01f5bef029d25368674849e9ac89932b.tar.gz
libvirt-f1d0b92a01f5bef029d25368674849e9ac89932b.tar.bz2
libvirt-f1d0b92a01f5bef029d25368674849e9ac89932b.zip
1 files changed, 16 insertions, 10 deletions
diff --git a/src/rpc/virnetsshsession.c b/src/rpc/virnetsshsession.c
index fe0197e68..59013c752 100644
--- a/src/rpc/virnetsshsession.c
+++ b/src/rpc/virnetsshsession.c
@@ -1123,8 +1123,8 @@ virNetSSHSessionSetHostKeyVerification(virNetSSHSessionPtr sess,
                                        const char *hostname,
                                        int port,
                                        const char *hostsfile,
-                                       bool readonly,
-                                       virNetSSHHostkeyVerify opt)
+                                       virNetSSHHostkeyVerify opt,
+                                       unsigned int flags)
 {
     char *errmsg;
 
@@ -1140,19 +1140,25 @@ virNetSSHSessionSetHostKeyVerification(virNetSSHSessionPtr sess,
 
     /* load the known hosts file */
     if (hostsfile) {
-        if (libssh2_knownhost_readfile(sess->knownHosts,
-                                       hostsfile,
-                                       LIBSSH2_KNOWNHOST_FILE_OPENSSH) < 0) {
-            libssh2_session_last_error(sess->session, &errmsg, NULL, 0);
+        if (virFileExists(hostsfile)) {
+            if (libssh2_knownhost_readfile(sess->knownHosts,
+                                           hostsfile,
+                                           LIBSSH2_KNOWNHOST_FILE_OPENSSH) < 0) {
+                libssh2_session_last_error(sess->session, &errmsg, NULL, 0);
+                virReportError(VIR_ERR_SSH,
+                               _("unable to load knownhosts file '%s': %s"),
+                               hostsfile, errmsg);
+                goto error;
+            }
+        } else if (!(flags & VIR_NET_SSH_HOSTKEY_FILE_CREATE)) {
             virReportError(VIR_ERR_SSH,
-                           _("unable to load knownhosts file '%s': %s"),
-                           hostsfile, errmsg);
+                           _("known hosts file '%s' does not exist"),
+                           hostsfile);
             goto error;
         }
 
         /* set filename only if writing to the known hosts file is requested */
-
-        if (!readonly) {
+        if (!(flags & VIR_NET_SSH_HOSTKEY_FILE_READONLY)) {
             VIR_FREE(sess->knownHostsFile);
             if (!(sess->knownHostsFile = strdup(hostsfile)))
                 goto no_memory;
author	Peter Krempa <pkrempa@redhat.com>	2012-08-21 18:28:11 +0200
committer	Peter Krempa <pkrempa@redhat.com>	2012-08-22 11:49:07 +0200
commit	f1d0b92a01f5bef029d25368674849e9ac89932b (patch)
tree	280745581b2c46a8c7e976f86e82eab5f693567f /src/rpc/virnetsshsession.c
parent	qemu: support of emulator_period and emulator_quota's modification (diff)
download	libvirt-f1d0b92a01f5bef029d25368674849e9ac89932b.tar.gz libvirt-f1d0b92a01f5bef029d25368674849e9ac89932b.tar.bz2 libvirt-f1d0b92a01f5bef029d25368674849e9ac89932b.zip