WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel] [RFC][PATCH] Secure XML-RPC for Xend

To: Anil Madhavapeddy <anil@xxxxxxxxxx>
Subject: Re: [Xen-devel] [RFC][PATCH] Secure XML-RPC for Xend
From: Anthony Liguori <aliguori@xxxxxxxxxx>
Date: Fri, 09 Jun 2006 07:00:57 -0500
Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>, Ewan Mellor <ewan@xxxxxxxxxxxxx>
Delivery-date: Fri, 09 Jun 2006 05:01:31 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <20060609083434.GA19035@xxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <4488D93D.7070303@xxxxxxxxxx> <20060609083434.GA19035@xxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird 1.5.0.2 (X11/20060522)

Why not just do the SSH every time, and let the user either set up
connection multiplexing or ssh agent in their local environment
instead?  That way it will work for old OpenSSH versions and you
don't have to deal with all the quirks.

Another option is just to make sure that the XML-RPC supports keep-alive and reuse the same xm serve session. I think that's probably the most compatible approach.

2) A command *must* be executed to cleanup the ssh session on exit.  I
   currently use __del__() which doesn't seem to make Python happy in certain
   cases.
3) I have done basic testing but not regression testing with xm-test

diff -r 4f1e39ec05d6 -r 4de241a7e91a tools/python/xen/util/xmlrpclib2.py
...
+    def runcmd(self, cmd, data=None):
+        """Runs a command using an existing SSH connection.
+
+        This function will run the passed in command on a remote
+        machine and either return the output or raise an OSError
+        if the command exits with a non-zero status (or some
+        other failure occurs)."""
+
+        cmdline = self.getcmd(cmd)
+        if data:
+            f = open("/tmp/stuff.txt", "w")
+            f.write(data)
+            f.close()
+            cmdline = "cat /tmp/stuff.txt | %s" % cmdline

Ouch, this bit definitely needs to be fixed at least :)

Yikes, didn't know that was still there :-)

Regards,

Anthony Liguori


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel