WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] [RFC][PATCH] Secure XML-RPC for Xend

from [Anthony Liguori] [Permanent Link][Original]
To: Anil Madhavapeddy <anil@xxxxxxxxxx>
Subject: Re: [Xen-devel] [RFC][PATCH] Secure XML-RPC for Xend
From: Anthony Liguori <aliguori@xxxxxxxxxx>
Date: Fri, 09 Jun 2006 07:00:57 -0500
Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>, Ewan Mellor <ewan@xxxxxxxxxxxxx>
Delivery-date: Fri, 09 Jun 2006 05:01:31 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <20060609083434.GA19035@xxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <4488D93D.7070303@xxxxxxxxxx> <20060609083434.GA19035@xxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird 1.5.0.2 (X11/20060522) 


Why not just do the SSH every time, and let the user either set up
connection multiplexing or ssh agent in their local environment
instead?  That way it will work for old OpenSSH versions and you
don't have to deal with all the quirks.
Another option is just to make sure that the XML-RPC supports keep-alive and reuse the same xm serve session. I think that's probably the most compatible approach. 


2) A command *must* be executed to cleanup the ssh session on exit.  I
   currently use __del__() which doesn't seem to make Python happy in certain
   cases.
3) I have done basic testing but not regression testing with xm-test

diff -r 4f1e39ec05d6 -r 4de241a7e91a tools/python/xen/util/xmlrpclib2.py

...

+    def runcmd(self, cmd, data=None):
+        """Runs a command using an existing SSH connection.
+
+        This function will run the passed in command on a remote
+        machine and either return the output or raise an OSError
+        if the command exits with a non-zero status (or some
+        other failure occurs)."""
+
+        cmdline = self.getcmd(cmd)
+        if data:
+            f = open("/tmp/stuff.txt", "w")
+            f.write(data)
+            f.close()
+            cmdline = "cat /tmp/stuff.txt | %s" % cmdline


Ouch, this bit definitely needs to be fixed at least :)


Yikes, didn't know that was still there :-)

Regards,

Anthony Liguori


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] Re: dom0cut script patches, Kazuo Moriwaka
Next by Date:  Re: [Xen-devel] [RFC][PATCH] Secure XML-RPC for Xend, Anthony Liguori
Previous by Thread:  [Xen-devel] Re: Re: [RFC][PATCH] Secure XML-RPC for Xend, Anthony Liguori
Next by Thread:  [Xen-devel] Re: [RFC][PATCH] Secure XML-RPC for Xend, Ewan Mellor
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy