[PATCH] rpc: libssh2: Enable EC host keys
Neal Gompa
ngompa13 at gmail.com
Sun Mar 28 19:15:03 UTC 2021
On Sun, Mar 28, 2021 at 9:17 AM Bastian Germann
<bastiangermann at fishpost.de> wrote:
>
> libssh2 has ECDSA and ED25519 support beginning with v1.9.0. libvirt cannot
> make use of those because it will handle them as unknown key types.
>
> Add support for those host key types.
>
> Signed-off-by: Bastian Germann <bastiangermann at fishpost.de>
> ---
> libvirt.spec.in | 2 +-
> meson.build | 2 +-
> src/rpc/virnetsshsession.c | 12 ++++++++++++
> 3 files changed, 14 insertions(+), 2 deletions(-)
>
> diff --git a/libvirt.spec.in b/libvirt.spec.in
> index f9af330186..8f5b3f126c 100644
> --- a/libvirt.spec.in
> +++ b/libvirt.spec.in
> @@ -359,7 +359,7 @@ BuildRequires: libcap-ng-devel >= 0.5.0
> BuildRequires: fuse-devel >= 2.8.6
> %endif
> %if %{with_libssh2}
> -BuildRequires: libssh2-devel >= 1.3.0
> +BuildRequires: libssh2-devel >= 1.9.0
> %endif
> %if %{with_netcf}
> BuildRequires: netcf-devel >= 0.2.2
> diff --git a/meson.build b/meson.build
> index ea93a2a8ec..5e5b22107c 100644
> --- a/meson.build
> +++ b/meson.build
> @@ -1142,7 +1142,7 @@ else
> libssh_dep = dependency('', required: false)
> endif
>
> -libssh2_version = '1.3'
> +libssh2_version = '1.9'
> if get_option('driver_remote').enabled()
> libssh2_dep = dependency('libssh2', version: '>=' + libssh2_version, required: get_option('libssh2'))
> if libssh2_dep.found()
> diff --git a/src/rpc/virnetsshsession.c b/src/rpc/virnetsshsession.c
> index fe77594f65..cb081bcf4f 100644
> --- a/src/rpc/virnetsshsession.c
> +++ b/src/rpc/virnetsshsession.c
> @@ -389,6 +389,18 @@ virNetSSHCheckHostKey(virNetSSHSessionPtr sess)
> case LIBSSH2_HOSTKEY_TYPE_DSS:
> keyType = LIBSSH2_KNOWNHOST_KEY_SSHDSS;
> break;
> + case LIBSSH2_HOSTKEY_TYPE_ECDSA_256:
> + keyType = LIBSSH2_KNOWNHOST_KEY_ECDSA_256;
> + break;
> + case LIBSSH2_HOSTKEY_TYPE_ECDSA_384:
> + keyType = LIBSSH2_KNOWNHOST_KEY_ECDSA_384;
> + break;
> + case LIBSSH2_HOSTKEY_TYPE_ECDSA_521:
> + keyType = LIBSSH2_KNOWNHOST_KEY_ECDSA_521;
> + break;
> + case LIBSSH2_HOSTKEY_TYPE_ED25519:
> + keyType = LIBSSH2_KNOWNHOST_KEY_ED25519;
> + break;
>
> case LIBSSH2_HOSTKEY_TYPE_UNKNOWN:
> default:
> --
> 2.30.2
>
While this looks good to me, could we have this adjusted so that this
would be supported only if libssh2 >= 1.9.0 is detected and just not
add these cases when an older version is present?
libssh2 is only at 1.8.0 on Ubuntu 20.04, so this would cause it to fail there.
--
真実はいつも一つ!/ Always, there's only one truth!
More information about the libvir-list
mailing list