From nobody Fri Apr 19 19:23:49 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.133.124 as permitted sender) client-ip=170.10.133.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1616937453; cv=none;
	d=zohomail.com; s=zohoarc;
	b=J/uC++waql/NoOFpY+aQ69R2NGKCS2JhJwT6YeQE3R3q+EJQ7gCvLXjVLR8vzdMqHR0PMyzTtShJX7BPdGnEEhpViPkAxfafsyPu5yPmw01hHGtE+vUR+lieYnsZhnTXopF7wIlD7igW01MHnZAVxZEBXnH0+qNQa/TRqE1mEvE=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1616937453;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To;
	bh=yc0RqYLWchYC7S3ymUObQ58dnOnMH36ZCxBmQzsbP+E=;
	b=laddIcoIO+OL1f1BQwpZCatSfa2WxxxE7tUzs6UIXoDb/yG5oK+1urjUXF+ISOvY6+RCP5AXBm/NOLSWSIx6QErFFszXTV59/ybtJZetyl4GHZr4IZQPqbp0k+n+2rvi+uSV8QRJ91bFfJmk0EvUbZBf2F9C3GwtmqIoOw+39kw=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com
	with SMTPS id 1616937453687904.7851085157183;
 Sun, 28 Mar 2021 06:17:33 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-376-oDSoGSSjPAOqhjnb-2pKeg-1; Sun, 28 Mar 2021 09:17:29 -0400
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com
 [10.5.11.22])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 757F2180FCA5;
	Sun, 28 Mar 2021 13:17:24 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id B20BF10016DB;
	Sun, 28 Mar 2021 13:17:19 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 23C311809C83;
	Sun, 28 Mar 2021 13:17:14 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com
	[10.11.54.6])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 12SDHDBJ019892 for <libvir-list@listman.util.phx.redhat.com>;
	Sun, 28 Mar 2021 09:17:13 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id A14E62166BA2; Sun, 28 Mar 2021 13:17:13 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
	(mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 9B3552166B2F
	for <libvir-list@redhat.com>; Sun, 28 Mar 2021 13:17:08 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E84F4811E7A
	for <libvir-list@redhat.com>; Sun, 28 Mar 2021 13:17:07 +0000 (UTC)
Received: from mail-ej1-f68.google.com (mail-ej1-f68.google.com
	[209.85.218.68]) (Using TLS) by relay.mimecast.com with ESMTP id
	us-mta-23-Y9VXDbE3NDOa9Og-cpPX_A-1; Sun, 28 Mar 2021 09:17:05 -0400
Received: by mail-ej1-f68.google.com with SMTP id u9so15330362ejj.7
	for <libvir-list@redhat.com>; Sun, 28 Mar 2021 06:17:04 -0700 (PDT)
Received: from thinkbage.fritz.box
	(p200300d06f10a800c2d8328c30b6edfc.dip0.t-ipconnect.de.
	[2003:d0:6f10:a800:c2d8:328c:30b6:edfc])
	by smtp.gmail.com with ESMTPSA id k9sm7291144edn.68.2021.03.28.06.17.03
	(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
	Sun, 28 Mar 2021 06:17:03 -0700 (PDT)
X-MC-Unique: oDSoGSSjPAOqhjnb-2pKeg-1
X-MC-Unique: Y9VXDbE3NDOa9Og-cpPX_A-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
	:content-transfer-encoding;
	bh=yc0RqYLWchYC7S3ymUObQ58dnOnMH36ZCxBmQzsbP+E=;
	b=jzev01oko28S0cb9KtzsiWOWc4JUf0kjFlqtUT9yqyvELIYXOkWSI1vtJ9gw1XdaFt
	GCMeO+4oZ8SxPbS1lf5tGftk9kk24j9iO7X9H7YF88EwQt2TvMDIytvnzNtr9nLtcAw5
	QpwMzx0kX2+vBtN5QK2UU0iDXajzKRPk7iC4x8jgmfIYGiL5HvfvHMtWNq3IaebGX6TG
	O4+184FcQBhjjEl9ObUoEyxxwEspgNP3IlUJCyu1TFtgkSbu12W5cgY57MsCJI7ybVyD
	1doWK8T7e96QwozB0z5Rfap8geboM8FT5+6to3A9cwyO1bx6spih5PrYbdpcKpjBStBA
	PkUA==
X-Gm-Message-State: AOAM532+xy1SZSiHXf/EHtdUG+xBH/tiipHVc2SwMEVdehmfZxTKiMeh
	Xitz6YX9dyQcjCLn93mh+j6jzRdijARhlJYd
X-Google-Smtp-Source: 
 ABdhPJwmp7RwwhygIUz1E8pqF6/LfVYopLDVVEI00KmHUK9cACaKSnMCCidUM987RCmL1LC1pjWuWw==
X-Received: by 2002:a17:906:39cf:: with SMTP id
	i15mr24326147eje.534.1616937424043;
	Sun, 28 Mar 2021 06:17:04 -0700 (PDT)
From: Bastian Germann <bastiangermann@fishpost.de>
To: libvir-list@redhat.com
Subject: [PATCH] rpc: libssh2: Enable EC host keys
Date: Sun, 28 Mar 2021 15:16:56 +0200
Message-Id: <20210328131656.1865-1-bastiangermann@fishpost.de>
MIME-Version: 1.0
X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection
	Definition; Similar Internal Domain=false;
	Similar Monitored External Domain=false;
	Custom External Domain=false; Mimecast External Domain=false;
	Newly Observed Domain=false; Internal User Name=false;
	Custom Display Name List=false; Reply-to Address Mismatch=false;
	Targeted Threat Dictionary=false;
	Mimecast Threat Dictionary=false; Custom Threat Dictionary=false
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6
X-loop: libvir-list@redhat.com
Cc: Bastian Germann <bastiangermann@fishpost.de>
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://listman.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

libssh2 has ECDSA and ED25519 support beginning with v1.9.0. libvirt cannot
make use of those because it will handle them as unknown key types.

Add support for those host key types.

Signed-off-by: Bastian Germann <bastiangermann@fishpost.de>
---
 libvirt.spec.in            |  2 +-
 meson.build                |  2 +-
 src/rpc/virnetsshsession.c | 12 ++++++++++++
 3 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/libvirt.spec.in b/libvirt.spec.in
index f9af330186..8f5b3f126c 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -359,7 +359,7 @@ BuildRequires: libcap-ng-devel >=3D 0.5.0
 BuildRequires: fuse-devel >=3D 2.8.6
 %endif
 %if %{with_libssh2}
-BuildRequires: libssh2-devel >=3D 1.3.0
+BuildRequires: libssh2-devel >=3D 1.9.0
 %endif
 %if %{with_netcf}
 BuildRequires: netcf-devel >=3D 0.2.2
diff --git a/meson.build b/meson.build
index ea93a2a8ec..5e5b22107c 100644
--- a/meson.build
+++ b/meson.build
@@ -1142,7 +1142,7 @@ else
   libssh_dep =3D dependency('', required: false)
 endif

-libssh2_version =3D '1.3'
+libssh2_version =3D '1.9'
 if get_option('driver_remote').enabled()
   libssh2_dep =3D dependency('libssh2', version: '>=3D' + libssh2_version,=
 required: get_option('libssh2'))
   if libssh2_dep.found()
diff --git a/src/rpc/virnetsshsession.c b/src/rpc/virnetsshsession.c
index fe77594f65..cb081bcf4f 100644
--- a/src/rpc/virnetsshsession.c
+++ b/src/rpc/virnetsshsession.c
@@ -389,6 +389,18 @@ virNetSSHCheckHostKey(virNetSSHSessionPtr sess)
         case LIBSSH2_HOSTKEY_TYPE_DSS:
             keyType =3D LIBSSH2_KNOWNHOST_KEY_SSHDSS;
             break;
+        case LIBSSH2_HOSTKEY_TYPE_ECDSA_256:
+            keyType =3D LIBSSH2_KNOWNHOST_KEY_ECDSA_256;
+            break;
+        case LIBSSH2_HOSTKEY_TYPE_ECDSA_384:
+            keyType =3D LIBSSH2_KNOWNHOST_KEY_ECDSA_384;
+            break;
+        case LIBSSH2_HOSTKEY_TYPE_ECDSA_521:
+            keyType =3D LIBSSH2_KNOWNHOST_KEY_ECDSA_521;
+            break;
+        case LIBSSH2_HOSTKEY_TYPE_ED25519:
+            keyType =3D LIBSSH2_KNOWNHOST_KEY_ED25519;
+            break;

         case LIBSSH2_HOSTKEY_TYPE_UNKNOWN:
         default:
--
2.30.2