From mboxrd@z Thu Jan  1 00:00:00 1970
From: Anthony Liguori <aliguori@us.ibm.com>
Subject: Re: [RFC][PATCH] Secure XML-RPC for Xend
Date: Wed, 14 Jun 2006 12:26:18 -0500
Message-ID: <449046BA.6060606@us.ibm.com>
References: <4488D93D.7070303@us.ibm.com>
	<20060614083613.GE5840@leeni.uk.xensource.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <20060614083613.GE5840@leeni.uk.xensource.com>
List-Unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Ewan Mellor <ewan@xensource.com>
Cc: xen-devel <xen-devel@lists.xensource.com>
List-Id: xen-devel@lists.xenproject.org

Ewan Mellor wrote:
> On Thu, Jun 08, 2006 at 09:13:17PM -0500, Anthony Liguori wrote:
>
>   
>> Hi,
>>
>> The following patch implements a secure XML-RPC protocol for Xend.  
>> Instead of using HTTPS with basic authentication and dealing with all 
>> that nasty OpenSSL/PAM integration, it just uses SSH.  This gives you 
>> all the properties you want (great security and PAM integration) with 
>> very little code.
>>
>> There are some minor issues so I'd rather it not be applied 
>> immediately.  I'd like to get some feedback from people as to whether 
>> this approach is reasonable.  A user-facing change is that now you can 
>> use the XM_SERVER environmental variable to specific an XML-RPC URI.
>>     
>
> I'm with Ian -- I'd rather see the SSL/PAM solution done properly than this.
> That said, I don't see why we can't have this transport as well -- it's not a
> big patch.
>
> What happens if SSH isn't installed?  I don't see any nice diagnostic of that,
> so I'm guessing that it just splats out an "execv failed" exception (unless
> I've missed something).
>   

In the current code, Popen throws an OSError.

I really don't like catching exceptions and doing an sys.exit within the 
command handler.  I'd rather introduce a new exception type for use in 
xm and rethrow the OSError with a friendly message.  This will make 
localization quite a bit easier.

What do you think of this?

Regards,

Anthony Liguori

> Ewan.
>