Re: [PATCH 13/15] virNetLibsshCheckHostKey: Use virAuthAskCredential

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 1/17/23 10:20 AM, Peter Krempa wrote:
Signed-off-by: Peter Krempa <pkrempa@xxxxxxxxxx>
---
  src/rpc/virnetlibsshsession.c | 57 +++++------------------------------
  1 file changed, 7 insertions(+), 50 deletions(-)

diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c
index 748c1ed569..ecee30e5df 100644
--- a/src/rpc/virnetlibsshsession.c
+++ b/src/rpc/virnetlibsshsession.c
@@ -218,27 +218,6 @@ virLibsshServerKeyAsString(virNetLibsshSession *sess)
      return str;
  }

-static int
-virCredTypeForPrompt(virConnectAuthPtr cred, char echo)
-{
-    size_t i;
-
-    for (i = 0; i < cred->ncredtype; ++i) {
-        int type = cred->credtype[i];
-        if (echo) {
-            if (type == VIR_CRED_ECHOPROMPT)
-                return type;
-        } else {
-            if (type == VIR_CRED_PASSPHRASE ||
-                type == VIR_CRED_NOECHOPROMPT) {
-                return type;
-            }
-        }
-    }
-
-    return -1;
-}
-
  static int
  virLengthForPromptString(const char *str)
  {
@@ -296,9 +275,8 @@ virNetLibsshCheckHostKey(virNetLibsshSession *sess)
      case SSH_SERVER_NOT_KNOWN:
          /* key was not found, query to add it to database */
          if (sess->hostKeyVerify == VIR_NET_LIBSSH_HOSTKEY_VERIFY_NORMAL) {
-            virConnectCredential askKey;
-            int cred_type;
-            char *tmp;
+            g_autoptr(virConnectCredential) cred = NULL;
+            g_autofree char *prompt = NULL;

              /* ask to add the key */
              if (!sess->cred || !sess->cred->cb) {
@@ -308,48 +286,27 @@ virNetLibsshCheckHostKey(virNetLibsshSession *sess)
                  return -1;
              }

-            cred_type = virCredTypeForPrompt(sess->cred, 1 /* echo */);

Here `echo` was 1

-            if (cred_type == -1) {
-                virReportError(VIR_ERR_LIBSSH, "%s",
-                               _("no suitable callback for host key "
-                                 "verification"));
-                return -1;
-            }
-
-            /* prepare data for the callback */
-            memset(&askKey, 0, sizeof(virConnectCredential));
-            askKey.type = cred_type;
-
              keyhashstr = virLibsshServerKeyAsString(sess);
              if (!keyhashstr)
                  return -1;

-            tmp = g_strdup_printf(_("Accept SSH host key with hash '%s' for " "host '%s:%d' (%s/%s)?"),
-                                  keyhashstr, sess->hostname, sess->port, "y", "n");
-            askKey.prompt = tmp;
+            prompt = g_strdup_printf(_("Accept SSH host key with hash '%s' for " "host '%s:%d' (%s/%s)?"),
+                                     keyhashstr, sess->hostname, sess->port, "y", "n");

-            if (sess->cred->cb(&askKey, 1, sess->cred->cbdata)) {
-                virReportError(VIR_ERR_LIBSSH, "%s",
-                               _("failed to retrieve decision to accept "
-                                 "host key"));
-                VIR_FREE(tmp);
+            if (!(cred = virAuthAskCredential(sess->cred, prompt, false))) {

Here you're passing `false` for `echo`.

                  ssh_string_free_char(keyhashstr);
                  return -1;
              }

-            VIR_FREE(tmp);
-
-            if (!askKey.result ||
-                STRCASENEQ(askKey.result, "y")) {
+            if (!cred->result ||
+                STRCASENEQ(cred->result, "y")) {
                  virReportError(VIR_ERR_LIBSSH,
                                 _("SSH host key for '%s' (%s) was not accepted"),
                                 sess->hostname, keyhashstr);
                  ssh_string_free_char(keyhashstr);
-                VIR_FREE(askKey.result);
                  return -1;
              }
              ssh_string_free_char(keyhashstr);
-            VIR_FREE(askKey.result);
          }

          /* write the host key file, if specified */




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux