11:08 a.m.
For ssh disks that are served by nbdkit, use the configured value for
knownHosts and pass it to the nbdkit process.
Signed-off-by: Jonathon Jongsma <jjongsma(a)redhat.com>
---
src/conf/domain_conf.c | 8 ++++++++
src/conf/storage_source_conf.c | 1 +
src/conf/storage_source_conf.h | 2 ++
src/qemu/qemu_nbdkit.c | 3 +++
tests/qemunbdkitdata/disk-network-ssh-password.args.disk0 | 3 ++-
tests/qemunbdkitdata/disk-network-ssh.args.disk0 | 3 ++-
tests/qemuxml2argvdata/disk-network-ssh-password.xml | 1 +
tests/qemuxml2argvdata/disk-network-ssh.xml | 1 +
8 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index a5578324b9..cb9d01dc6d 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -7214,6 +7214,11 @@ virDomainDiskSourceNetworkParse(xmlNodePtr node,
return -1;
}
}
+ if (src->protocol == VIR_STORAGE_NET_PROTOCOL_SSH &&
+ (tmpnode = virXPathNode("./knownHosts", ctxt))) {
+ if (!(src->ssh_known_hosts_file = virXMLPropStringRequired(tmpnode,
"path")))
+ return -1;
+ }
return 0;
}
@@ -22091,6 +22096,9 @@ virDomainDiskSourceFormatNetwork(virBuffer *attrBuf,
if (src->timeout)
virBufferAsprintf(childBuf, "<timeout
seconds='%llu'/>\n", src->timeout);
+
+ if (src->protocol == VIR_STORAGE_NET_PROTOCOL_SSH &&
src->ssh_known_hosts_file)
+ virBufferAsprintf(childBuf, "<knownHosts path='%s'/>\n",
src->ssh_known_hosts_file);
}
diff --git a/src/conf/storage_source_conf.c b/src/conf/storage_source_conf.c
index cecd7e811e..5d60c46cfc 100644
--- a/src/conf/storage_source_conf.c
+++ b/src/conf/storage_source_conf.c
@@ -1167,6 +1167,7 @@ virStorageSourceClear(virStorageSource *def)
VIR_FREE(def->tlsHostname);
VIR_FREE(def->ssh_user);
+ VIR_FREE(def->ssh_known_hosts_file);
VIR_FREE(def->nfs_user);
VIR_FREE(def->nfs_group);
diff --git a/src/conf/storage_source_conf.h b/src/conf/storage_source_conf.h
index 14a6825d54..a2d8b1f8bd 100644
--- a/src/conf/storage_source_conf.h
+++ b/src/conf/storage_source_conf.h
@@ -405,6 +405,8 @@ struct _virStorageSource {
/* these must not be used apart from formatting the output JSON in the qemu driver
*/
char *ssh_user;
bool ssh_host_key_check_disabled;
+ /* additional ssh variables */
+ char *ssh_known_hosts_file;
/* nfs_user and nfs_group store the strings passed in by the user for NFS params.
* nfs_uid and nfs_gid represent the converted/looked up ID numbers which are used
diff --git a/src/qemu/qemu_nbdkit.c b/src/qemu/qemu_nbdkit.c
index 14e31ec186..dbbe71944f 100644
--- a/src/qemu/qemu_nbdkit.c
+++ b/src/qemu/qemu_nbdkit.c
@@ -1078,6 +1078,9 @@ qemuNbdkitProcessBuildCommandSSH(qemuNbdkitProcess *proc,
if (proc->source->ssh_host_key_check_disabled)
virCommandAddArgPair(cmd, "verify-remote-host", "false");
+ if (proc->source->ssh_known_hosts_file)
+ virCommandAddArgPair(cmd, "known-hosts",
proc->source->ssh_known_hosts_file);
+
return 0;
}
diff --git a/tests/qemunbdkitdata/disk-network-ssh-password.args.disk0
b/tests/qemunbdkitdata/disk-network-ssh-password.args.disk0
index 30711f7f07..ee2d7c3343 100644
--- a/tests/qemunbdkitdata/disk-network-ssh-password.args.disk0
+++ b/tests/qemunbdkitdata/disk-network-ssh-password.args.disk0
@@ -5,4 +5,5 @@ host=example.org \
port=2222 \
path=test2.img \
user=testuser \
-password=-777
+password=-777 \
+known-hosts=/path/to/knownhosts
diff --git a/tests/qemunbdkitdata/disk-network-ssh.args.disk0
b/tests/qemunbdkitdata/disk-network-ssh.args.disk0
index c04dc8bb03..481b218936 100644
--- a/tests/qemunbdkitdata/disk-network-ssh.args.disk0
+++ b/tests/qemunbdkitdata/disk-network-ssh.args.disk0
@@ -3,4 +3,5 @@ nbdkit \
--foreground ssh \
host=example.org \
port=2222 \
-path=test.img
+path=test.img \
+known-hosts=/path/to/ssh_known_hosts
diff --git a/tests/qemuxml2argvdata/disk-network-ssh-password.xml
b/tests/qemuxml2argvdata/disk-network-ssh-password.xml
index 266acb761f..bdb4cf6e35 100644
--- a/tests/qemuxml2argvdata/disk-network-ssh-password.xml
+++ b/tests/qemuxml2argvdata/disk-network-ssh-password.xml
@@ -22,6 +22,7 @@
<auth username='testuser'>
<secret type='iscsi' usage='mycluster_myname'/>
</auth>
+ <knownHosts path='/path/to/knownhosts'/>
</source>
<target dev='vda' bus='virtio'/>
</disk>
diff --git a/tests/qemuxml2argvdata/disk-network-ssh.xml
b/tests/qemuxml2argvdata/disk-network-ssh.xml
index 355add4fea..a3aeca0c99 100644
--- a/tests/qemuxml2argvdata/disk-network-ssh.xml
+++ b/tests/qemuxml2argvdata/disk-network-ssh.xml
@@ -19,6 +19,7 @@
<host name='example.org' port='2222'/>
<timeout seconds='1234'/>
<readahead size='1024'/>
+ <knownHosts path="/path/to/ssh_known_hosts"/>
</source>
<target dev='vda' bus='virtio'/>
</disk>
--
2.39.1