[libvirt PATCH v3 00/10] remote: introduce a custom netcat impl for ssh tunnelling

Daniel Henrique Barboza danielhb413 at gmail.com
Mon Aug 24 16:23:57 UTC 2020 


On 8/6/20 7:45 AM, Daniel P. Berrangé wrote:
> We have long had a problem with use of netcat for ssh tunnelling because
> there's no guarantee the UNIX socket path the client builds will match
> the UNIX socket path the remote host uses. We don't even allow session
> mode SSH tunnelling for this reason. We also can't easily auto-spawn
> libvirtd in session mode.
> 
> With the introduction of modular daemons we also have potential for two
> completely different UNIX socket paths even for system mode, and the
> client can't know which to use.
> 
> The solution to all these problems is to introduce a custom netcat impl.
> Instead passing the UNIX socket path, we pass the libvirt driver URI.
> The custom netcat then decides which socket path to use based on the
> remote build host environment.
> 
> We still have to support netcat for interoperability with legacy libvirt
> versions, but we can default to the new virt-nc.
> 
> v3: Now with more meson and less autotools !

Series:

Reviewed-by: Daniel Henrique Barboza <danielhb413 at gmail.com>

> 
> Daniel P. Berrangé (10):
>    rpc: merge logic for generating remote SSH shell script
>    remote: push logic for default netcat binary into common helper
>    remote: split off enums into separate source file
>    remote: split out function for parsing URI scheme
>    remote: parse the remote transport string earlier
>    remote: split out function for constructing socket path
>    remote: extract logic for determining daemon to connect to
>    remote: introduce virt-ssh-helper binary
>    rpc: switch order of args in virNetClientNewSSH
>    rpc: use new virt-ssh-helper binary for remote tunnelling
> 
>   build-aux/syntax-check.mk      |   2 +-
>   docs/uri.html.in               |  24 +-
>   libvirt.spec.in                |   2 +
>   po/POTFILES.in                 |   2 +
>   src/libvirt_remote.syms        |   1 +
>   src/remote/meson.build         |  18 ++
>   src/remote/remote_driver.c     | 323 ++++---------------------
>   src/remote/remote_sockets.c    | 277 +++++++++++++++++++++
>   src/remote/remote_sockets.h    |  70 ++++++
>   src/remote/remote_ssh_helper.c | 425 +++++++++++++++++++++++++++++++++
>   src/rpc/virnetclient.c         | 170 ++++++++-----
>   src/rpc/virnetclient.h         |  29 ++-
>   src/rpc/virnetsocket.c         |  37 +--
>   src/rpc/virnetsocket.h         |   4 +-
>   tests/virnetsockettest.c       |  12 +-
>   15 files changed, 1024 insertions(+), 372 deletions(-)
>   create mode 100644 src/remote/remote_sockets.c
>   create mode 100644 src/remote/remote_sockets.h
>   create mode 100644 src/remote/remote_ssh_helper.c
>

More information about the libvir-list mailing list