[libvirt] [PATCH TECHPREVIEW RFC 0/4] LibSSH2 transport option for libvirt

Peter Krempa pkrempa at redhat.com
Mon Nov 14 17:04:03 UTC 2011 

This patchset adds a new secure transport layer to enable secure connections
without the need to spawn external processes. The layer is implemented into virNetSocket.

This patches still lack some functionality, which I will add before the final
version is done, but I'd like to have some feedback about the features and mistakes
I made, so I can incorporate them into the final version.

Unfortunately, while working with libssh2, I found several bugs, and older versions
(1.2.2, which is default in gentoo) are unusable (same error codes on authentication failure
and closed socket and others). I decided to limit version of libssh2 to 1.3.0 for
the transport to work.

Please let me know if you find something that would you like to see implemented
or improoved or I've done wrong, or you've got some questions.

Usage:
virsh -c qemu+libssh://root@locahost:22/system (user/port/host may be omitted, 
                                                these are defaults)

Possible problems:
 - segmentation fault in libssh2 when corrupted known_hosts file is used
   (will investigate)

Things that have to be done:
 - private key authentication
 - SSH agent support
 - Add unknown host key dialog
 - documentation
 - change error codes and messages (any suggestions?)


    Thanks for your time

    Peter

Peter Krempa (4):
  libssh2_transport: add main libssh2 transport implementation
  libssh2_transport: add ssh context support to virNetSocket
  libssh2_transport: Add libssh2 session support to net client code
  libssh2_transport: Use libssh2 driver code in remote driver

 configure.ac                  |   40 ++-
 po/POTFILES.in                |    1 +
 src/Makefile.am               |    9 +
 src/libvirt_private.syms      |    1 +
 src/remote/remote_driver.c    |   97 ++++--
 src/rpc/virnetclient.c        |   66 +++
 src/rpc/virnetclient.h        |   11 +
 src/rpc/virnetlibsshcontext.c |  900 +++++++++++++++++++++++++++++++++++++++++
 src/rpc/virnetlibsshcontext.h |   76 ++++
 src/rpc/virnetsocket.c        |  137 +++++++-
 src/rpc/virnetsocket.h        |   12 +
 11 files changed, 1318 insertions(+), 32 deletions(-)
 create mode 100644 src/rpc/virnetlibsshcontext.c
 create mode 100644 src/rpc/virnetlibsshcontext.h

-- 
1.7.3.4

More information about the libvir-list mailing list