diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c index 530c081dbc2a83323e26463f34add0bf8299c321..5a483003861b627b26527a947bdbed1e45d6f2c3 100644 --- a/src/rpc/virnetsocket.c +++ b/src/rpc/virnetsocket.c @@ -788,8 +788,8 @@ virNetSocketNewConnectLibSSH2(const char *host, host, portN, knownHosts, - false, - verify) != 0) + verify, + VIR_NET_SSH_HOSTKEY_FILE_CREATE) != 0) goto error; if (virNetSSHSessionSetChannelCommand(sess, command) != 0) diff --git a/src/rpc/virnetsshsession.c b/src/rpc/virnetsshsession.c index fe0197e683ddc2947711a666735b6e4373e6aca8..59013c752c7e1863114fa352fdc317f51cf5b1d8 100644 --- a/src/rpc/virnetsshsession.c +++ b/src/rpc/virnetsshsession.c @@ -1123,8 +1123,8 @@ virNetSSHSessionSetHostKeyVerification(virNetSSHSessionPtr sess, const char *hostname, int port, const char *hostsfile, - bool readonly, - virNetSSHHostkeyVerify opt) + virNetSSHHostkeyVerify opt, + unsigned int flags) { char *errmsg; @@ -1140,19 +1140,25 @@ virNetSSHSessionSetHostKeyVerification(virNetSSHSessionPtr sess, /* load the known hosts file */ if (hostsfile) { - if (libssh2_knownhost_readfile(sess->knownHosts, - hostsfile, - LIBSSH2_KNOWNHOST_FILE_OPENSSH) < 0) { - libssh2_session_last_error(sess->session, &errmsg, NULL, 0); + if (virFileExists(hostsfile)) { + if (libssh2_knownhost_readfile(sess->knownHosts, + hostsfile, + LIBSSH2_KNOWNHOST_FILE_OPENSSH) < 0) { + libssh2_session_last_error(sess->session, &errmsg, NULL, 0); + virReportError(VIR_ERR_SSH, + _("unable to load knownhosts file '%s': %s"), + hostsfile, errmsg); + goto error; + } + } else if (!(flags & VIR_NET_SSH_HOSTKEY_FILE_CREATE)) { virReportError(VIR_ERR_SSH, - _("unable to load knownhosts file '%s': %s"), - hostsfile, errmsg); + _("known hosts file '%s' does not exist"), + hostsfile); goto error; } /* set filename only if writing to the known hosts file is requested */ - - if (!readonly) { + if (!(flags & VIR_NET_SSH_HOSTKEY_FILE_READONLY)) { VIR_FREE(sess->knownHostsFile); if (!(sess->knownHostsFile = strdup(hostsfile))) goto no_memory; diff --git a/src/rpc/virnetsshsession.h b/src/rpc/virnetsshsession.h index eb92e43fd296034ddd10e5c8a421be47d8a6d97f..1199eeff28483a690da766c98218f2094b5366c0 100644 --- a/src/rpc/virnetsshsession.h +++ b/src/rpc/virnetsshsession.h @@ -36,6 +36,11 @@ typedef enum { VIR_NET_SSH_HOSTKEY_VERIFY_IGNORE } virNetSSHHostkeyVerify; +typedef enum { + VIR_NET_SSH_HOSTKEY_FILE_READONLY = 1 << 0, + VIR_NET_SSH_HOSTKEY_FILE_CREATE = 1 << 1, +} virNetSSHHostKeyFileFlags; + int virNetSSHSessionSetChannelCommand(virNetSSHSessionPtr sess, const char *command); @@ -64,8 +69,8 @@ int virNetSSHSessionSetHostKeyVerification(virNetSSHSessionPtr sess, const char *hostname, int port, const char *hostsfile, - bool readonly, - virNetSSHHostkeyVerify opt); + virNetSSHHostkeyVerify opt, + unsigned int flags); int virNetSSHSessionConnect(virNetSSHSessionPtr sess, int sock);