On Fri, Jun 21, 2019 at 09:56:37AM +0200, Peter Krempa wrote:
On Fri, Jun 21, 2019 at 09:30:36 +0200, Pavel Hrdina wrote:
In libssh 0.9.0 functions ssh_is_server_known and ssh_write_knownhost are marked as deprecated.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1722735
Signed-off-by: Pavel Hrdina <phrdina@redhat.com> --- m4/virt-libssh.m4 | 8 ++++++++ src/rpc/virnetlibsshsession.c | 4 ++-- 2 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/m4/virt-libssh.m4 b/m4/virt-libssh.m4 index 01c3b75c72..132447da16 100644 --- a/m4/virt-libssh.m4 +++ b/m4/virt-libssh.m4 @@ -33,6 +33,14 @@ AC_DEFUN([LIBVIRT_CHECK_LIBSSH],[ [], [AC_DEFINE_UNQUOTED([ssh_get_server_publickey], [ssh_get_publickey], [ssh_get_publickey is deprecated and replaced by ssh_get_server_publickey.])]) + AC_CHECK_FUNC([ssh_session_is_known_server], + [], + [AC_DEFINE_UNQUOTED([ssh_session_is_known_server], [ssh_is_server_known], + [ssh_is_server_known is deprecated and replaced by ssh_session_is_known_server.])]) + AC_CHECK_FUNC([ssh_session_update_known_hosts], + [], + [AC_DEFINE_UNQUOTED([ssh_session_update_known_hosts], [ssh_write_knownhost], + [ssh_write_knownhost is deprecated and replaced by ssh_session_update_known_hosts.])]) CFLAGS="$old_CFLAGS" LIBS="$old_LIBS"
I'm not entirely a fan of this. I'd probably prefer defining a macro ...
fi diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c index 486437e7bf..093ac29071 100644 --- a/src/rpc/virnetlibsshsession.c +++ b/src/rpc/virnetlibsshsession.c @@ -284,7 +284,7 @@ virNetLibsshCheckHostKey(virNetLibsshSessionPtr sess) if (sess->hostKeyVerify == VIR_NET_LIBSSH_HOSTKEY_VERIFY_IGNORE) return 0;
... which would select both the old and new impl here:
#if defined HAS_NEW_LIBSSH state = ssh_session_is_known_server(sess->session); #else - state = ssh_is_server_known(sess->session); #endif
This makes it shady and obscure.
Solid point, I've already pushed it so we can fix it as follow-up together with the preexisting ssh_get_server_publickey. I checked that the only other case where we follow this logic is to workaround gnulib and kerberos symbol clash. Pavel