mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-08-28 03:21:19 +00:00
virNetLibsshCheckHostKey: Use virAuthAskCredential
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Jonathon Jongsma <jjongsma@redhat.com>
This commit is contained in:
parent
d40ff5fef2
commit
88fde18644
@ -218,27 +218,6 @@ virLibsshServerKeyAsString(virNetLibsshSession *sess)
|
|||||||
return str;
|
return str;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
|
||||||
virCredTypeForPrompt(virConnectAuthPtr cred, char echo)
|
|
||||||
{
|
|
||||||
size_t i;
|
|
||||||
|
|
||||||
for (i = 0; i < cred->ncredtype; ++i) {
|
|
||||||
int type = cred->credtype[i];
|
|
||||||
if (echo) {
|
|
||||||
if (type == VIR_CRED_ECHOPROMPT)
|
|
||||||
return type;
|
|
||||||
} else {
|
|
||||||
if (type == VIR_CRED_PASSPHRASE ||
|
|
||||||
type == VIR_CRED_NOECHOPROMPT) {
|
|
||||||
return type;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int
|
static int
|
||||||
virLengthForPromptString(const char *str)
|
virLengthForPromptString(const char *str)
|
||||||
{
|
{
|
||||||
@ -296,9 +275,8 @@ virNetLibsshCheckHostKey(virNetLibsshSession *sess)
|
|||||||
case SSH_SERVER_NOT_KNOWN:
|
case SSH_SERVER_NOT_KNOWN:
|
||||||
/* key was not found, query to add it to database */
|
/* key was not found, query to add it to database */
|
||||||
if (sess->hostKeyVerify == VIR_NET_LIBSSH_HOSTKEY_VERIFY_NORMAL) {
|
if (sess->hostKeyVerify == VIR_NET_LIBSSH_HOSTKEY_VERIFY_NORMAL) {
|
||||||
virConnectCredential askKey;
|
g_autoptr(virConnectCredential) cred = NULL;
|
||||||
int cred_type;
|
g_autofree char *prompt = NULL;
|
||||||
char *tmp;
|
|
||||||
|
|
||||||
/* ask to add the key */
|
/* ask to add the key */
|
||||||
if (!sess->cred || !sess->cred->cb) {
|
if (!sess->cred || !sess->cred->cb) {
|
||||||
@ -308,48 +286,27 @@ virNetLibsshCheckHostKey(virNetLibsshSession *sess)
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
cred_type = virCredTypeForPrompt(sess->cred, 1 /* echo */);
|
|
||||||
if (cred_type == -1) {
|
|
||||||
virReportError(VIR_ERR_LIBSSH, "%s",
|
|
||||||
_("no suitable callback for host key "
|
|
||||||
"verification"));
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* prepare data for the callback */
|
|
||||||
memset(&askKey, 0, sizeof(virConnectCredential));
|
|
||||||
askKey.type = cred_type;
|
|
||||||
|
|
||||||
keyhashstr = virLibsshServerKeyAsString(sess);
|
keyhashstr = virLibsshServerKeyAsString(sess);
|
||||||
if (!keyhashstr)
|
if (!keyhashstr)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
tmp = g_strdup_printf(_("Accept SSH host key with hash '%s' for " "host '%s:%d' (%s/%s)?"),
|
prompt = g_strdup_printf(_("Accept SSH host key with hash '%s' for " "host '%s:%d' (%s/%s)?"),
|
||||||
keyhashstr, sess->hostname, sess->port, "y", "n");
|
keyhashstr, sess->hostname, sess->port, "y", "n");
|
||||||
askKey.prompt = tmp;
|
|
||||||
|
|
||||||
if (sess->cred->cb(&askKey, 1, sess->cred->cbdata)) {
|
if (!(cred = virAuthAskCredential(sess->cred, prompt, true))) {
|
||||||
virReportError(VIR_ERR_LIBSSH, "%s",
|
|
||||||
_("failed to retrieve decision to accept "
|
|
||||||
"host key"));
|
|
||||||
VIR_FREE(tmp);
|
|
||||||
ssh_string_free_char(keyhashstr);
|
ssh_string_free_char(keyhashstr);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
VIR_FREE(tmp);
|
if (!cred->result ||
|
||||||
|
STRCASENEQ(cred->result, "y")) {
|
||||||
if (!askKey.result ||
|
|
||||||
STRCASENEQ(askKey.result, "y")) {
|
|
||||||
virReportError(VIR_ERR_LIBSSH,
|
virReportError(VIR_ERR_LIBSSH,
|
||||||
_("SSH host key for '%s' (%s) was not accepted"),
|
_("SSH host key for '%s' (%s) was not accepted"),
|
||||||
sess->hostname, keyhashstr);
|
sess->hostname, keyhashstr);
|
||||||
ssh_string_free_char(keyhashstr);
|
ssh_string_free_char(keyhashstr);
|
||||||
VIR_FREE(askKey.result);
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
ssh_string_free_char(keyhashstr);
|
ssh_string_free_char(keyhashstr);
|
||||||
VIR_FREE(askKey.result);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* write the host key file, if specified */
|
/* write the host key file, if specified */
|
||||||
|
Loading…
Reference in New Issue
Block a user