From d743dabfb5fdad89c1bce1daff9d55d29581aaa6 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Daniel=20P=2E=20Berrang=C3=A9?= Date: Mon, 24 May 2021 16:36:15 +0100 Subject: [PATCH] remote: fix regression connecting to remote session daemon MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit While we couldn't historically connect to the remote session daemon automatically, we do allow the user to set an explicit socket path to enable the connections to work. This ability was accidentally lost in commit f8ec7c842df9e40c6607eae9b0223766cb226336 Author: Daniel P. Berrangé Date: Wed Jul 8 17:03:38 2020 +0100 rpc: use new virt-ssh-helper binary for remote tunnelling We need to force use of 'netcat' when a 'socket' path is given in the URI parameters. Reviewed-by: Ján Tomko Signed-off-by: Daniel P. Berrangé --- src/remote/remote_driver.c | 31 +++++++++++++++++++++++++++---- 1 file changed, 27 insertions(+), 4 deletions(-) diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index 856909fc60..48423f3619 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -891,10 +891,33 @@ doRemoteOpen(virConnectPtr conn, goto failed; } } else { - /* Historically we didn't allow ssh tunnel with session mode, - * since we can't construct the accurate path remotely, - * so we can default to modern virt-ssh-helper */ - if (flags & VIR_DRV_OPEN_REMOTE_USER) + /* + * Goal is to maximise usage of virt-ssh-helper + * + * Historically tunnelling access for the session mode + * daemon did not automatically work, since we can't + * construct the accurate path remotely. Users could, + * however, specify the 'socket' URI parameter explicitly. + * + * If we see a 'socket' path we must always use netcat, + * since virt-ssh-helper won't handle an explicit socket. + * Autostart won't work for session mode, so we assume + * user started it manually on the remote host in this + * case. + * + * If we have a 'session' URI without explicit socket, + * we can just assume the use of virt-ssh-helper, since + * logic for constructing socket paths relies on env + * envs whose values have no guarantee of matching those + * on the remote host. It was explicitly blocked with an + * error check before virt-ssh-helper was introduced. + * + * For 'system' URIs, we need to try virt-ssh-helper but + * with fallback to netcat for back compat. + */ + if (sockname) + proxy = VIR_NET_CLIENT_PROXY_NETCAT; + else if (flags & VIR_DRV_OPEN_REMOTE_USER) proxy = VIR_NET_CLIENT_PROXY_NATIVE; else proxy = VIR_NET_CLIENT_PROXY_AUTO; -- 2.47.2