[PATCH] docs: Add 'known_hosts_verify' parameter for libssh(2) connection uris

Jakob Meng posted 1 patch 3 years, 1 month ago
Test syntax-check failed
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/20210129125506.29477-1-jakobmeng@web.de
docs/uri.html.in | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
[PATCH] docs: Add 'known_hosts_verify' parameter for libssh(2) connection uris
Posted by Jakob Meng 3 years, 1 month ago
Parameter 'known_hosts_verify' is supported for some time now,
but it is not yet documented.

Ref.:
https://gitlab.com/libvirt/libvirt/-/blob/master/src/rpc/virnetsocket.c#L941
https://gitlab.com/libvirt/libvirt/-/blob/master/src/rpc/virnetsocket.c#L1073
---
 docs/uri.html.in | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/docs/uri.html.in b/docs/uri.html.in
index f96c2970a5..61917e77b4 100644
--- a/docs/uri.html.in
+++ b/docs/uri.html.in
@@ -421,6 +421,23 @@ Note that parameter values must be
         <td colspan="2"/>
         <td> Example: <code>known_hosts=/root/.ssh/known_hosts</code> </td>
       </tr>
+      <tr>
+        <td>
+          <code>known_hosts_verify</code>
+        </td>
+        <td> libssh2, libssh </td>
+        <td>
+            If set to <code>normal</code> (default), then the user will be
+            asked to accept new host keys. If set to <code>auto</code>, new
+            host keys will be auto-accepted, but existing host keys will
+            still be validated. If set to <code>ignore</code>, this disables
+            client's strict host key checking.
+        </td>
+      </tr>
+      <tr>
+        <td colspan="2"/>
+        <td> Example: <code>known_hosts_verify=ignore</code> </td>
+      </tr>
       <tr>
         <td>
           <code>sshauth</code>
--
2.20.1


Re: [PATCH] docs: Add 'known_hosts_verify' parameter for libssh(2) connection uris
Posted by Michal Privoznik 3 years, 1 month ago
On 1/29/21 1:55 PM, Jakob Meng wrote:
> Parameter 'known_hosts_verify' is supported for some time now,
> but it is not yet documented.
> 
> Ref.:
> https://gitlab.com/libvirt/libvirt/-/blob/master/src/rpc/virnetsocket.c#L941
> https://gitlab.com/libvirt/libvirt/-/blob/master/src/rpc/virnetsocket.c#L1073

While these help with review I'd rather not put them into commit message 
because they are valid now, but as code shifts and move those lines 
might become stale. In fact, since the same code is in two places I 
think it should be de-duplicated. But that can be done in a follow up patch.

However, you did not signed off your patch. We require patches to be 
signed off per 
https://libvirt.org/hacking.html#developer-certificate-of-origin

No need to resend the patch, just reply to this e-mail with that line 
and I can amend it to the commit message and push.

Michal

Re: [PATCH] docs: Add 'known_hosts_verify' parameter for libssh(2) connection uris
Posted by Jakob Meng 3 years, 1 month ago
Signed-off-by: Jakob Meng <jakobmeng@web.de>

Thanks for the review! Feel free to drop or change the URLs, e.g. to 
permalinks:

https://gitlab.com/libvirt/libvirt/-/blob/f209d40a7e74e7e53a02c0c7ed20be218d390754/src/rpc/virnetsocket.c#L941
https://gitlab.com/libvirt/libvirt/-/blob/f209d40a7e74e7e53a02c0c7ed20be218d390754/src/rpc/virnetsocket.c#L1073

Jakob

Am 05.02.21 um 12:52 schrieb Michal Privoznik:
> On 1/29/21 1:55 PM, Jakob Meng wrote:
>> Parameter 'known_hosts_verify' is supported for some time now,
>> but it is not yet documented.
>>
>> Ref.:
>> https://gitlab.com/libvirt/libvirt/-/blob/master/src/rpc/virnetsocket.c#L941 
>>
>> https://gitlab.com/libvirt/libvirt/-/blob/master/src/rpc/virnetsocket.c#L1073 
>>
>
> While these help with review I'd rather not put them into commit 
> message because they are valid now, but as code shifts and move those 
> lines might become stale. In fact, since the same code is in two 
> places I think it should be de-duplicated. But that can be done in a 
> follow up patch.
>
> However, you did not signed off your patch. We require patches to be 
> signed off per 
> https://libvirt.org/hacking.html#developer-certificate-of-origin
>
> No need to resend the patch, just reply to this e-mail with that line 
> and I can amend it to the commit message and push.
>
> Michal
>


Re: [PATCH] docs: Add 'known_hosts_verify' parameter for libssh(2) connection uris
Posted by Michal Privoznik 3 years, 1 month ago
On 2/5/21 2:53 PM, Jakob Meng wrote:
> Signed-off-by: Jakob Meng <jakobmeng@web.de>
> 
> Thanks for the review! Feel free to drop or change the URLs, e.g. to 
> permalinks:
> 
> https://gitlab.com/libvirt/libvirt/-/blob/f209d40a7e74e7e53a02c0c7ed20be218d390754/src/rpc/virnetsocket.c#L941 
> 
> https://gitlab.com/libvirt/libvirt/-/blob/f209d40a7e74e7e53a02c0c7ed20be218d390754/src/rpc/virnetsocket.c#L1073 

I've dropped them.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>

and pushed. Congratulations on your first libvirt contribution!

Michal

Re: [PATCH] docs: Add 'known_hosts_verify' parameter for libssh(2) connection uris
Posted by Daniel Henrique Barboza 3 years, 1 month ago

On 1/29/21 9:55 AM, Jakob Meng wrote:
> Parameter 'known_hosts_verify' is supported for some time now,
> but it is not yet documented.
> 
> Ref.:
> https://gitlab.com/libvirt/libvirt/-/blob/master/src/rpc/virnetsocket.c#L941
> https://gitlab.com/libvirt/libvirt/-/blob/master/src/rpc/virnetsocket.c#L1073
> ---

Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>

>   docs/uri.html.in | 17 +++++++++++++++++
>   1 file changed, 17 insertions(+)
> 
> diff --git a/docs/uri.html.in b/docs/uri.html.in
> index f96c2970a5..61917e77b4 100644
> --- a/docs/uri.html.in
> +++ b/docs/uri.html.in
> @@ -421,6 +421,23 @@ Note that parameter values must be
>           <td colspan="2"/>
>           <td> Example: <code>known_hosts=/root/.ssh/known_hosts</code> </td>
>         </tr>
> +      <tr>
> +        <td>
> +          <code>known_hosts_verify</code>
> +        </td>
> +        <td> libssh2, libssh </td>
> +        <td>
> +            If set to <code>normal</code> (default), then the user will be
> +            asked to accept new host keys. If set to <code>auto</code>, new
> +            host keys will be auto-accepted, but existing host keys will
> +            still be validated. If set to <code>ignore</code>, this disables
> +            client's strict host key checking.
> +        </td>
> +      </tr>
> +      <tr>
> +        <td colspan="2"/>
> +        <td> Example: <code>known_hosts_verify=ignore</code> </td>
> +      </tr>
>         <tr>
>           <td>
>             <code>sshauth</code>
> --
> 2.20.1
> 
>