client: Change default location of known_hosts file for libssh2 layer

Unfortunately libssh2 doesn't support all types of host keys that can be
saved in the known_hosts file. Also it does not report that parsing of
the file failed. This results into truncated known_hosts files where the
standard client stores keys also in other formats (eg.
ecdsa-sha2-nistp256).

This patch changes the default location of the known_hosts file into the
libvirt private configuration directory, where it will be only written
by the libssh2 layer itself. This prevents trashing user's known_host
file.

diff --git a/src/rpc/virnetclient.c b/src/rpc/virnetclient.c
index 8ff5e09e73dacf0322d127c5bc51bb202a8e87af..4ecc7035bcbec9a089eed38c1d52dc68fb9d6874 100644 (file)
--- a/src/rpc/virnetclient.c
+++ b/src/rpc/virnetclient.c
@@ -417,23 +417,25 @@ virNetClientPtr virNetClientNewLibSSH2(const char *host,
     char *command = NULL;
 
     char *homedir = virGetUserDirectory();
+    char *confdir = virGetUserConfigDirectory();
     char *knownhosts = NULL;
     char *privkey = NULL;
 
     /* Use default paths for known hosts an public keys if not provided */
-    if (homedir) {
+    if (confdir) {
         if (!knownHostsPath) {
-            virBufferAsprintf(&buf, "%s/.ssh/known_hosts", homedir);
-            if (!(knownhosts = virBufferContentAndReset(&buf)))
-                goto no_memory;
-
-            if (!(virFileExists(knownhosts)))
-                VIR_FREE(knownhosts);
+            if (virFileExists(confdir)) {
+                virBufferAsprintf(&buf, "%s/known_hosts", confdir);
+                if (!(knownhosts = virBufferContentAndReset(&buf)))
+                    goto no_memory;
+            }
         } else {
             if (!(knownhosts = strdup(knownHostsPath)))
                 goto no_memory;
         }
+    }
 
+    if (homedir) {
         if (!privkeyPath) {
             /* RSA */
             virBufferAsprintf(&buf, "%s/.ssh/id_rsa", homedir);
@@ -501,6 +503,7 @@ cleanup:
     VIR_FREE(privkey);
     VIR_FREE(knownhosts);
     VIR_FREE(homedir);
+    VIR_FREE(confdir);
     VIR_FREE(nc);
     virObjectUnref(sock);
     return ret;