diff options
| author | Pino Toscano <ptoscano@redhat.com> | 2019-06-20 22:08:40 +0200 |
|---|---|---|
| committer | Max Reitz <mreitz@redhat.com> | 2019-06-24 16:01:04 +0200 |
| commit | b10d49d7619e4957b4b971f816661b57e5061d71 (patch) | |
| tree | bf8bf1c96bf8ffe72bcc4928b27e70654d25b6eb /tests/qemu-iotests/207 | |
| parent | 98eb9733f4cf2eeab6d12db7e758665d2fd5367b (diff) | |
ssh: switch from libssh2 to libssh
Rewrite the implementation of the ssh block driver to use libssh instead
of libssh2. The libssh library has various advantages over libssh2:
- easier API for authentication (for example for using ssh-agent)
- easier API for known_hosts handling
- supports newer types of keys in known_hosts
Use APIs/features available in libssh 0.8 conditionally, to support
older versions (which are not recommended though).
Adjust the iotest 207 according to the different error message, and to
find the default key type for localhost (to properly compare the
fingerprint with).
Contributed-by: Max Reitz <mreitz@redhat.com>
Adjust the various Docker/Travis scripts to use libssh when available
instead of libssh2. The mingw/mxe testing is dropped for now, as there
are no packages for it.
Signed-off-by: Pino Toscano <ptoscano@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20190620200840.17655-1-ptoscano@redhat.com
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 5873173.t2JhDm7DL7@lindworm.usersys.redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
Diffstat (limited to 'tests/qemu-iotests/207')
| -rwxr-xr-x | tests/qemu-iotests/207 | 54 |
1 files changed, 43 insertions, 11 deletions
diff --git a/tests/qemu-iotests/207 b/tests/qemu-iotests/207 index b3816136f7..ec8c1d06f0 100755 --- a/tests/qemu-iotests/207 +++ b/tests/qemu-iotests/207 @@ -110,12 +110,49 @@ with iotests.FilePath('t.img') as disk_path, \ iotests.img_info_log(remote_path) - md5_key = subprocess.check_output( - 'ssh-keyscan -t rsa 127.0.0.1 2>/dev/null | grep -v "\\^#" | ' + - 'cut -d" " -f3 | base64 -d | md5sum -b | cut -d" " -f1', - shell=True).rstrip().decode('ascii') + keys = subprocess.check_output( + 'ssh-keyscan 127.0.0.1 2>/dev/null | grep -v "\\^#" | ' + + 'cut -d" " -f3', + shell=True).rstrip().decode('ascii').split('\n') + + # Mappings of base64 representations to digests + md5_keys = {} + sha1_keys = {} + + for key in keys: + md5_keys[key] = subprocess.check_output( + 'echo %s | base64 -d | md5sum -b | cut -d" " -f1' % key, + shell=True).rstrip().decode('ascii') + + sha1_keys[key] = subprocess.check_output( + 'echo %s | base64 -d | sha1sum -b | cut -d" " -f1' % key, + shell=True).rstrip().decode('ascii') vm.launch() + + # Find correct key first + matching_key = None + for key in keys: + result = vm.qmp('blockdev-add', + driver='ssh', node_name='node0', path=disk_path, + server={ + 'host': '127.0.0.1', + 'port': '22', + }, host_key_check={ + 'mode': 'hash', + 'type': 'md5', + 'hash': md5_keys[key], + }) + + if 'error' not in result: + vm.qmp('blockdev-del', node_name='node0') + matching_key = key + break + + if matching_key is None: + vm.shutdown() + iotests.notrun('Did not find a key that fits 127.0.0.1') + blockdev_create(vm, { 'driver': 'ssh', 'location': { 'path': disk_path, @@ -140,7 +177,7 @@ with iotests.FilePath('t.img') as disk_path, \ 'host-key-check': { 'mode': 'hash', 'type': 'md5', - 'hash': md5_key, + 'hash': md5_keys[matching_key], } }, 'size': 8388608 }) @@ -148,11 +185,6 @@ with iotests.FilePath('t.img') as disk_path, \ iotests.img_info_log(remote_path) - sha1_key = subprocess.check_output( - 'ssh-keyscan -t rsa 127.0.0.1 2>/dev/null | grep -v "\\^#" | ' + - 'cut -d" " -f3 | base64 -d | sha1sum -b | cut -d" " -f1', - shell=True).rstrip().decode('ascii') - vm.launch() blockdev_create(vm, { 'driver': 'ssh', 'location': { @@ -178,7 +210,7 @@ with iotests.FilePath('t.img') as disk_path, \ 'host-key-check': { 'mode': 'hash', 'type': 'sha1', - 'hash': sha1_key, + 'hash': sha1_keys[matching_key], } }, 'size': 4194304 }) |