diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index 7a0c1f6..012d6d5 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -658,7 +658,9 @@ doRemoteOpen(virConnectPtr conn, sshauth, netcat, sockname, - auth); + auth, + conn); This line will require tweaking ... see below ... + if (!priv->client) goto failed; diff --git a/src/rpc/virnetclient.c b/src/rpc/virnetclient.c index fed2c87..75c22d7 100644 --- a/src/rpc/virnetclient.c +++ b/src/rpc/virnetclient.c @@ -37,6 +37,7 @@ #include "virutil.h" #include "virerror.h" #include "virstring.h" +#include "virauth.h" #define VIR_FROM_THIS VIR_FROM_RPC @@ -389,7 +390,9 @@ virNetClientPtr virNetClientNewLibSSH2(const char *host, const char *authMethods, const char *netcatPath, const char *socketPath, - virConnectAuthPtr authPtr) + virConnectAuthPtr authPtr, + virConnectPtr conn ... the virConnectPtr should be the first argument in this case. Also the closing brace of the parameter list should be on the same line as the last argument. + ) { virNetSocketPtr sock = NULL; virNetClientPtr ret = NULL; @@ -402,6 +405,7 @@ virNetClientPtr virNetClientNewLibSSH2(const char *host, char *confdir = virGetUserConfigDirectory(); char *knownhosts = NULL; char *privkey = NULL; + char *password = NULL; /* Use default paths for known hosts an public keys if not provided */ if (confdir) { @@ -471,11 +475,21 @@ virNetClientPtr virNetClientNewLibSSH2(const char *host, if (!(command = virBufferContentAndReset(&buf))) goto no_memory; - if (virNetSocketNewConnectLibSSH2(host, port, username, NULL, privkey, + password = virAuthGetPassword(conn, authPtr, "libssh2", username, host); + + if ((strcmp(authMethods,"password") == 0) && password) { authMethods is a comma separated list of possible methods to use. With a strcmp this will not work if the list will contain other methods too. Use strstr() instead of strcmp. Also this condition should make the call to virAuthGetPassword conditional otherwise we would always ask the user for the password if it isn't stored in the auth file even if it will never be used. Additionally, even with the password method enabled, the password authentication may be skipped as other methods can be used before. This would query the user for the password allways even if it wouldn't be used ... for example as agent based authentication would succeed before password based auth would be tried. + + if (virNetSocketNewConnectLibSSH2(host, port, username, password, privkey, knownhosts, knownHostsVerify, authMethods, command, authPtr, &sock) != 0) - goto cleanup; + goto cleanup; + } else { + if (virNetSocketNewConnectLibSSH2(host, port, username, NULL, privkey, + knownhosts, knownHostsVerify, authMethods, + command, authPtr, &sock) != 0) + goto cleanup; + } if (!(ret = virNetClientNew(sock, NULL))) goto cleanup; sock = NULL; diff --git a/src/rpc/virnetclient.h b/src/rpc/virnetclient.h index 4204a93..ccaf8ab 100644 --- a/src/rpc/virnetclient.h +++ b/src/rpc/virnetclient.h @@ -61,7 +61,9 @@ virNetClientPtr virNetClientNewLibSSH2(const char *host, const char *authMethods, const char *netcatPath, const char *socketPath, - virConnectAuthPtr authPtr); + virConnectAuthPtr authPtr, + virConnectPtr conn again, the brace should be on the same line as the argument. + ); virNetClientPtr virNetClientNewExternal(const char **cmdargv); In common, the idea is okay, but the implementation has a few problems that can't be solved trivially. I'll try to revive the patches I wrote a few months ago to solve the same issue and post them. Peter