On 3/6/19 9:40 AM, Richard W.M. Jones wrote:
---
plugins/curl/nbdkit-curl-plugin.pod | 22 +-
plugins/ssh/nbdkit-ssh-plugin.pod | 150 ++++++++
configure.ac | 17 +
plugins/ssh/ssh.c | 521 ++++++++++++++++++++++++++++
README | 4 +
TODO | 10 +-
plugins/ssh/Makefile.am | 69 ++++
7 files changed, 779 insertions(+), 14 deletions(-)
+
+=item B<password=>PASSWORD
+
+Set the password to use when connecting to the remote server.
+
+Note that passing this on the command line is not secure on shared
+machines.
Worth noting that PASSWORD cannot begin with - or +, because of:
+
+=item B<password=->
+
+Ask for the password (interactively) when nbdkit starts up.
+
+=item B<password=+>FILENAME
+
+Read the password from the named file. This is the most secure method
+to supply a password, as long as you set the permissions on the file
+appropriately.
these?
Is it also worth a way to read the password over an inherited file
descriptor (including a pipe)?
+=head1 AUTHORS
+
+Richard W.M. Jones
+
+Parts derived from Pino Toscano’s qemu libssh driver.
Is that a compatible license? Or I guess another way of wording it -
what is the license of libssh itself? The resulting ssh plugin may
already require a stronger license than what nbdkit proper allows, but
the license of the .so plugin being stronger than the license of the .c
files does not require the same level of care as when the license of one
.c file prevents refactoring code out from there into a looser licensed
.c file elsewhere.
+++ b/plugins/ssh/ssh.c
@@ -0,0 +1,521 @@
+/* nbdkit
+ * Copyright (C) 2014-2019 Red Hat Inc.
+ * All rights reserved.
I've always found it funny to consider how "All rights reserved" is
compatible with the later statements that modification rights are being
granted - how can you reserve a right that you gave away? But that's
not a problem with this patch (so much as a more general musing on the
typical boilerplate for the BSD license), as you are faithfully
copying-and-pasting a widely used pattern (that is, it's not a problem
unique to nbdkit, and I don't see a reason to change that phrase in any
of the existing nbdkit files or this patch without specific instructions
from a legal department).
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3226
Virtualization:
qemu.org |
libvirt.org