[libvirt] Some questions about virConnectAuthCallbackPtr
Richard W.M. Jones
rjones at redhat.com
Sat Oct 13 17:08:42 UTC 2012
On Sat, Oct 13, 2012 at 05:47:24PM +0100, Richard W.M. Jones wrote:
> BTW I cannot get the libssh2 backend in libvirt to work. For
> every host it says:
>
> libvirt_auth.c: authentication required for libvirt URI 'qemu+libssh2://localhost/system'
> libvirt_auth.c: credential 'echoprompt'
> Accept SSH host key with hash '<correct host key>' for host 'localhost:22' (y/n)?: y
> libguestfs: error: could not connect to libvirt (code 85, domain 50): SSH transport error: SSH host key for 'localhost' (<correct host key>) was not accepted
>
> No idea what I'm doing wrong. Nothing in the logs on the server
> indicate that anything is wrong on the remote side.
Peter,
This is because of a bug in the libvirt code:
if (!askKey.result ||
STRCASENEQ(askKey.result, "y")) {
virReportError(VIR_ERR_SSH,
_("SSH host key for '%s' (%s) was not accepted"),
sess->hostname, keyhash);
VIR_FREE(keyhash);
VIR_FREE(askKey.result);
return -1;
}
The problem with this code is that it ignores the resultlen field.
If the caller passes result[] = { 'y' } (no trailing \0), resultlen = 1,
(which IMHO is a correct use of the API as described by the
documentation), then STRCASENEQ above will not match the string.
You need to use something like:
askKey.resultlen >= 1 && askKey.result[0] == 'y'
or else some sort of memcmp function.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming blog: http://rwmj.wordpress.com
Fedora now supports 80 OCaml packages (the OPEN alternative to F#)
http://cocan.org/getting_started_with_ocaml_on_red_hat_and_fedora
More information about the libvir-list
mailing list