[libvirt] Some questions about virConnectAuthCallbackPtr
Peter Krempa
pkrempa at redhat.com
Mon Oct 15 10:17:42 UTC 2012
On 10/13/12 19:08, Richard W.M. Jones wrote:
> On Sat, Oct 13, 2012 at 05:47:24PM +0100, Richard W.M. Jones wrote:
>> BTW I cannot get the libssh2 backend in libvirt to work. For
>> every host it says:
>>
>> libvirt_auth.c: authentication required for libvirt URI 'qemu+libssh2://localhost/system'
>> libvirt_auth.c: credential 'echoprompt'
>> Accept SSH host key with hash '<correct host key>' for host 'localhost:22' (y/n)?: y
>> libguestfs: error: could not connect to libvirt (code 85, domain 50): SSH transport error: SSH host key for 'localhost' (<correct host key>) was not accepted
>>
>> No idea what I'm doing wrong. Nothing in the logs on the server
>> indicate that anything is wrong on the remote side.
>
> Peter,
>
> This is because of a bug in the libvirt code:
>
> if (!askKey.result ||
> STRCASENEQ(askKey.result, "y")) {
> virReportError(VIR_ERR_SSH,
> _("SSH host key for '%s' (%s) was not accepted"),
> sess->hostname, keyhash);
> VIR_FREE(keyhash);
> VIR_FREE(askKey.result);
> return -1;
> }
>
> The problem with this code is that it ignores the resultlen field.
>
> If the caller passes result[] = { 'y' } (no trailing \0), resultlen = 1,
> (which IMHO is a correct use of the API as described by the
> documentation), then STRCASENEQ above will not match the string.
>
> You need to use something like:
>
> askKey.resultlen >= 1 && askKey.result[0] == 'y'
>
> or else some sort of memcmp function.
>
> Rich.
>
Hm, that seems to be a fair point. I'll have a look and try to fix this
today.
Peter
More information about the libvir-list
mailing list