[PATCH 10/15] virNetLibsshAuthenticateKeyboardInteractive: Use virAuthAskCredential
Jonathon Jongsma
jjongsma at redhat.com
Tue Jan 17 17:08:41 UTC 2023
I personally would've preferred to have this patch combined with the
previous one so that it's easier to verify that the refactored code
maintains the same functionality as the replaced code. But I understand
that you're refactoring more cases in the upcoming commits, so I guess
there's not much point making this one any different than the others.
Reviewed-by: Jonathon Jongsma <jjongsma at redhat.com>
On 1/17/23 10:20 AM, Peter Krempa wrote:
> Rework the code to use the new helper instead of open coding the auth
> callback interaction.
>
> Signed-off-by: Peter Krempa <pkrempa at redhat.com>
> ---
> src/rpc/virnetlibsshsession.c | 47 ++++++-----------------------------
> 1 file changed, 7 insertions(+), 40 deletions(-)
>
> diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c
> index 084224b3f8..942f8526c2 100644
> --- a/src/rpc/virnetlibsshsession.c
> +++ b/src/rpc/virnetlibsshsession.c
> @@ -647,26 +647,17 @@ virNetLibsshAuthenticateKeyboardInteractive(virNetLibsshSession *sess,
> virBufferAddChar(&buff, '\n');
>
> for (iprompt = 0; iprompt < nprompts; ++iprompt) {
> - virConnectCredential retr_passphrase;
> const char *promptStr;
> int promptStrLen;
> char echo;
> - char *prompt = NULL;
> - int cred_type;
> + g_autofree char *prompt = NULL;
> + g_autoptr(virConnectCredential) cred = NULL;
>
> /* get the prompt */
> promptStr = ssh_userauth_kbdint_getprompt(sess->session, iprompt,
> &echo);
> promptStrLen = virLengthForPromptString(promptStr);
>
> - cred_type = virCredTypeForPrompt(sess->cred, echo);
> - if (cred_type == -1) {
> - virReportError(VIR_ERR_LIBSSH, "%s",
> - _("no suitable callback for input of keyboard "
> - "response"));
> - goto prompt_error;
> - }
> -
> /* create the prompt for the user, using the instruction
> * buffer if specified
> */
> @@ -681,42 +672,18 @@ virNetLibsshAuthenticateKeyboardInteractive(virNetLibsshSession *sess,
> prompt = g_strndup(promptStr, promptStrLen);
> }
>
> - memset(&retr_passphrase, 0, sizeof(virConnectCredential));
> - retr_passphrase.type = cred_type;
> - retr_passphrase.prompt = prompt;
> -
> - if (retr_passphrase.type == -1) {
> - virReportError(VIR_ERR_LIBSSH, "%s",
> - _("no suitable callback for input of key "
> - "passphrase"));
> - goto prompt_error;
> - }
> -
> - if (sess->cred->cb(&retr_passphrase, 1, sess->cred->cbdata)) {
> - virReportError(VIR_ERR_LIBSSH, "%s",
> - _("failed to retrieve keyboard interactive "
> - "result: callback has failed"));
> - goto prompt_error;
> - }
> + if (!(cred = virAuthAskCredential(sess->cred, prompt, echo)))
> + return SSH_AUTH_ERROR;
>
> - VIR_FREE(prompt);
> -
> - ret = ssh_userauth_kbdint_setanswer(sess->session, iprompt,
> - retr_passphrase.result);
> - virSecureEraseString(retr_passphrase.result);
> - g_free(retr_passphrase.result);
> - if (ret < 0) {
> + if (ssh_userauth_kbdint_setanswer(sess->session, iprompt,
> + cred->result) < 0) {
> errmsg = ssh_get_error(sess->session);
> virReportError(VIR_ERR_AUTH_FAILED,
> _("authentication failed: %s"), errmsg);
> - goto prompt_error;
> + return SSH_AUTH_ERROR;
> }
>
> continue;
> -
> - prompt_error:
> - VIR_FREE(prompt);
> - return SSH_AUTH_ERROR;
> }
>
> ret = ssh_userauth_kbdint(sess->session, NULL, NULL);
More information about the libvir-list
mailing list