[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Re: [RFC][PATCH] Secure XML-RPC for Xend

On Thu, Jun 08, 2006 at 09:13:17PM -0500, Anthony Liguori wrote:

> Hi,
> The following patch implements a secure XML-RPC protocol for Xend.  
> Instead of using HTTPS with basic authentication and dealing with all 
> that nasty OpenSSL/PAM integration, it just uses SSH.  This gives you 
> all the properties you want (great security and PAM integration) with 
> very little code.
> There are some minor issues so I'd rather it not be applied 
> immediately.  I'd like to get some feedback from people as to whether 
> this approach is reasonable.  A user-facing change is that now you can 
> use the XM_SERVER environmental variable to specific an XML-RPC URI.

I'm with Ian -- I'd rather see the SSL/PAM solution done properly than this.
That said, I don't see why we can't have this transport as well -- it's not a
big patch.

What happens if SSH isn't installed?  I don't see any nice diagnostic of that,
so I'm guessing that it just splats out an "execv failed" exception (unless
I've missed something).


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.