commit 7910ef3ee50a847edf72d755381699f169d46278
Author: Adam Majer <amajer@suse.de>
Date: Mon Jun 25 15:06:38 2018 +0200
Ticket #3921: Enable keyboard interactive authentication
If SSH server does not support cleartext tunneled password
authentication and only 'keyboard interactive' authentication
instead, then we need to use different authentication
function along with a interactive callback.
Signed-off-by: Adam Majer <amajer@suse.de>
diff --git a/src/vfs/sftpfs/connection.c b/src/vfs/sftpfs/connection.c
index 537159129..a6b7d1b2c 100644
|
a
|
b
|
sftpfs_open_connection_ssh_key (struct vfs_s_super *super, GError ** mcerror) |
| 292 | 292 | return ret_value; |
| 293 | 293 | } |
| 294 | 294 | |
| | 295 | |
| | 296 | /** |
| | 297 | * Keyboard-interactive password helper for opening connection to host by |
| | 298 | * sftpfs_open_connection_ssh_password |
| | 299 | * |
| | 300 | * Uses global kbi_super (data with existing connection) and kbi_passwd (password) |
| | 301 | * |
| | 302 | * @param name username |
| | 303 | * @param name_len length of @name |
| | 304 | * @param instruction unused |
| | 305 | * @param instruction_len unused |
| | 306 | * @param num_prompts number of possible problems to process |
| | 307 | * @param prompts array of prompts to process |
| | 308 | * @param responses array of responses, one per prompt |
| | 309 | * @param abstract unused |
| | 310 | */ |
| | 311 | |
| | 312 | static const char *kbi_passwd; |
| | 313 | static const struct vfs_s_super *kbi_super; |
| | 314 | static |
| | 315 | LIBSSH2_USERAUTH_KBDINT_RESPONSE_FUNC (keyboard_interactive_helper) |
| | 316 | { |
| | 317 | int i; |
| | 318 | int len; |
| | 319 | |
| | 320 | (void) instruction; |
| | 321 | (void) instruction_len; |
| | 322 | (void) abstract; |
| | 323 | |
| | 324 | if (!kbi_super || !kbi_passwd) |
| | 325 | return; |
| | 326 | |
| | 327 | if (strncmp (name, kbi_super->path_element->user, name_len) != 0) |
| | 328 | return; |
| | 329 | |
| | 330 | // assume these are password prompts |
| | 331 | len = strlen (kbi_passwd); |
| | 332 | for (i = 0; i < num_prompts; ++i) |
| | 333 | { |
| | 334 | if (strncmp (prompts[i].text, "Password: ", prompts[i].length) == 0) |
| | 335 | { |
| | 336 | responses[i].text = strdup (kbi_passwd); |
| | 337 | responses[i].length = len; |
| | 338 | } |
| | 339 | } |
| | 340 | } |
| | 341 | |
| 295 | 342 | /* --------------------------------------------------------------------------------------------- */ |
| 296 | 343 | /** |
| 297 | 344 | * Open connection to host using password. |
| … |
… |
sftpfs_open_connection_ssh_password (struct vfs_s_super *super, GError ** mcerro |
| 323 | 370 | LIBSSH2_ERROR_EAGAIN); |
| 324 | 371 | if (rc == 0) |
| 325 | 372 | return TRUE; |
| | 373 | |
| | 374 | kbi_super = super; |
| | 375 | kbi_passwd = super->path_element->password; |
| | 376 | while ((rc = |
| | 377 | libssh2_userauth_keyboard_interactive (super_data->session, |
| | 378 | super->path_element->user, |
| | 379 | keyboard_interactive_helper)) == |
| | 380 | LIBSSH2_ERROR_EAGAIN); |
| | 381 | kbi_super = NULL; |
| | 382 | kbi_passwd = NULL; |
| | 383 | if (rc == 0) |
| | 384 | return TRUE; |
| 326 | 385 | } |
| 327 | 386 | |
| 328 | 387 | p = g_strdup_printf (_("sftp: Enter password for %s "), super->path_element->user); |
| … |
… |
sftpfs_open_connection_ssh_password (struct vfs_s_super *super, GError ** mcerro |
| 337 | 396 | passwd)) == LIBSSH2_ERROR_EAGAIN) |
| 338 | 397 | ; |
| 339 | 398 | |
| | 399 | if (rc != 0) |
| | 400 | { |
| | 401 | kbi_super = super; |
| | 402 | kbi_passwd = passwd; |
| | 403 | while ((rc = |
| | 404 | libssh2_userauth_keyboard_interactive (super_data->session, |
| | 405 | super->path_element->user, |
| | 406 | keyboard_interactive_helper)) == |
| | 407 | LIBSSH2_ERROR_EAGAIN); |
| | 408 | kbi_super = NULL; |
| | 409 | kbi_passwd = NULL; |
| | 410 | } |
| | 411 | |
| 340 | 412 | if (rc == 0) |
| 341 | 413 | { |
| 342 | 414 | ret_value = TRUE; |
