[PATCH 13/15] virNetLibsshCheckHostKey: Use virAuthAskCredential
Jonathon Jongsma
jjongsma at redhat.com
Tue Jan 17 17:17:49 UTC 2023
On 1/17/23 10:20 AM, Peter Krempa wrote:
> Signed-off-by: Peter Krempa <pkrempa at redhat.com>
> ---
> src/rpc/virnetlibsshsession.c | 57 +++++------------------------------
> 1 file changed, 7 insertions(+), 50 deletions(-)
>
> diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c
> index 748c1ed569..ecee30e5df 100644
> --- a/src/rpc/virnetlibsshsession.c
> +++ b/src/rpc/virnetlibsshsession.c
> @@ -218,27 +218,6 @@ virLibsshServerKeyAsString(virNetLibsshSession *sess)
> return str;
> }
>
> -static int
> -virCredTypeForPrompt(virConnectAuthPtr cred, char echo)
> -{
> - size_t i;
> -
> - for (i = 0; i < cred->ncredtype; ++i) {
> - int type = cred->credtype[i];
> - if (echo) {
> - if (type == VIR_CRED_ECHOPROMPT)
> - return type;
> - } else {
> - if (type == VIR_CRED_PASSPHRASE ||
> - type == VIR_CRED_NOECHOPROMPT) {
> - return type;
> - }
> - }
> - }
> -
> - return -1;
> -}
> -
> static int
> virLengthForPromptString(const char *str)
> {
> @@ -296,9 +275,8 @@ virNetLibsshCheckHostKey(virNetLibsshSession *sess)
> case SSH_SERVER_NOT_KNOWN:
> /* key was not found, query to add it to database */
> if (sess->hostKeyVerify == VIR_NET_LIBSSH_HOSTKEY_VERIFY_NORMAL) {
> - virConnectCredential askKey;
> - int cred_type;
> - char *tmp;
> + g_autoptr(virConnectCredential) cred = NULL;
> + g_autofree char *prompt = NULL;
>
> /* ask to add the key */
> if (!sess->cred || !sess->cred->cb) {
> @@ -308,48 +286,27 @@ virNetLibsshCheckHostKey(virNetLibsshSession *sess)
> return -1;
> }
>
> - cred_type = virCredTypeForPrompt(sess->cred, 1 /* echo */);
Here `echo` was 1
> - if (cred_type == -1) {
> - virReportError(VIR_ERR_LIBSSH, "%s",
> - _("no suitable callback for host key "
> - "verification"));
> - return -1;
> - }
> -
> - /* prepare data for the callback */
> - memset(&askKey, 0, sizeof(virConnectCredential));
> - askKey.type = cred_type;
> -
> keyhashstr = virLibsshServerKeyAsString(sess);
> if (!keyhashstr)
> return -1;
>
> - tmp = g_strdup_printf(_("Accept SSH host key with hash '%s' for " "host '%s:%d' (%s/%s)?"),
> - keyhashstr, sess->hostname, sess->port, "y", "n");
> - askKey.prompt = tmp;
> + prompt = g_strdup_printf(_("Accept SSH host key with hash '%s' for " "host '%s:%d' (%s/%s)?"),
> + keyhashstr, sess->hostname, sess->port, "y", "n");
>
> - if (sess->cred->cb(&askKey, 1, sess->cred->cbdata)) {
> - virReportError(VIR_ERR_LIBSSH, "%s",
> - _("failed to retrieve decision to accept "
> - "host key"));
> - VIR_FREE(tmp);
> + if (!(cred = virAuthAskCredential(sess->cred, prompt, false))) {
Here you're passing `false` for `echo`.
> ssh_string_free_char(keyhashstr);
> return -1;
> }
>
> - VIR_FREE(tmp);
> -
> - if (!askKey.result ||
> - STRCASENEQ(askKey.result, "y")) {
> + if (!cred->result ||
> + STRCASENEQ(cred->result, "y")) {
> virReportError(VIR_ERR_LIBSSH,
> _("SSH host key for '%s' (%s) was not accepted"),
> sess->hostname, keyhashstr);
> ssh_string_free_char(keyhashstr);
> - VIR_FREE(askKey.result);
> return -1;
> }
> ssh_string_free_char(keyhashstr);
> - VIR_FREE(askKey.result);
> }
>
> /* write the host key file, if specified */
More information about the libvir-list
mailing list