From: Peter Krempa <pkrempa@redhat.com>
Date: Tue, 21 Aug 2012 15:54:26 +0000 (+0200)
Subject: client: Change default location of known_hosts file for libssh2 layer
X-Git-Tag: v0.10.0-rc1~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=225f280744e38fae883bd289ef34bb3f6db71c10;p=thirdparty%2Flibvirt.git

client: Change default location of known_hosts file for libssh2 layer

Unfortunately libssh2 doesn't support all types of host keys that can be
saved in the known_hosts file. Also it does not report that parsing of
the file failed. This results into truncated known_hosts files where the
standard client stores keys also in other formats (eg.
ecdsa-sha2-nistp256).

This patch changes the default location of the known_hosts file into the
libvirt private configuration directory, where it will be only written
by the libssh2 layer itself. This prevents trashing user's known_host
file.
---

diff --git a/src/rpc/virnetclient.c b/src/rpc/virnetclient.c
index 8ff5e09e73..4ecc7035bc 100644
--- a/src/rpc/virnetclient.c
+++ b/src/rpc/virnetclient.c
@@ -417,23 +417,25 @@ virNetClientPtr virNetClientNewLibSSH2(const char *host,
     char *command = NULL;
 
     char *homedir = virGetUserDirectory();
+    char *confdir = virGetUserConfigDirectory();
     char *knownhosts = NULL;
     char *privkey = NULL;
 
     /* Use default paths for known hosts an public keys if not provided */
-    if (homedir) {
+    if (confdir) {
         if (!knownHostsPath) {
-            virBufferAsprintf(&buf, "%s/.ssh/known_hosts", homedir);
-            if (!(knownhosts = virBufferContentAndReset(&buf)))
-                goto no_memory;
-
-            if (!(virFileExists(knownhosts)))
-                VIR_FREE(knownhosts);
+            if (virFileExists(confdir)) {
+                virBufferAsprintf(&buf, "%s/known_hosts", confdir);
+                if (!(knownhosts = virBufferContentAndReset(&buf)))
+                    goto no_memory;
+            }
         } else {
             if (!(knownhosts = strdup(knownHostsPath)))
                 goto no_memory;
         }
+    }
 
+    if (homedir) {
         if (!privkeyPath) {
             /* RSA */
             virBufferAsprintf(&buf, "%s/.ssh/id_rsa", homedir);
@@ -501,6 +503,7 @@ cleanup:
     VIR_FREE(privkey);
     VIR_FREE(knownhosts);
     VIR_FREE(homedir);
+    VIR_FREE(confdir);
     VIR_FREE(nc);
     virObjectUnref(sock);
     return ret;