From nobody Sat May 18 22:54:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673972486; cv=none; d=zohomail.com; s=zohoarc; b=fWKLNeP7dhvH6qizjAK8oyr2AQ41tTKrJlEEJdY3hFSBPVgfbuBkOFrXcL6GcScUv7SusxSkWbqzm4HEnRqLrY1EORRNyWlQQMn0SzpMLpNSN5mUGn5kVB0cdRz5FkGD8MjkZ+Y0IWspv7wY2O59cDliHPJIjYGEnIh0xmNOtTI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673972486; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=X62oRqazvWl669ARTdnxURAItuzIFgNnW7W7kmHx1OU=; b=Yyz0QuFCrNtvHN+sW9M4nL0y1rqKicQc1dAy+YvH46Ew6gwdVY9xkxdm1/jvEpcTtAlXXvDZ4/a4vBNyyPbgX1ysjw2l+90o/yBJe1eV6ElyxWIZMCgYiQ8HAFdOIixqkfHk09lgK0Mzr5C1bCV6g9uVuNILNFjY31lvn4ctaOI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 167397248620947.91757902352367; Tue, 17 Jan 2023 08:21:26 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-227-de1BPw-2MS6EcvXpgQs7vQ-1; Tue, 17 Jan 2023 11:21:19 -0500 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 9912C19705D0; Tue, 17 Jan 2023 16:20:44 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 82D7C4078903; Tue, 17 Jan 2023 16:20:44 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id D91471946A79; Tue, 17 Jan 2023 16:20:43 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 82B2619465A3 for ; Tue, 17 Jan 2023 16:20:43 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 74E871121318; Tue, 17 Jan 2023 16:20:43 +0000 (UTC) Received: from speedmetal.lan (ovpn-208-29.brq.redhat.com [10.40.208.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id E39491121315 for ; Tue, 17 Jan 2023 16:20:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673972485; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=X62oRqazvWl669ARTdnxURAItuzIFgNnW7W7kmHx1OU=; b=KmshcU3gbhg3RzsroaPpwcvIuRgHnIJ6LjZEBwL1atKejsn6I+fFVKkg2m3764rhpJo6pl U2aIXVT02PBg4yP8cybD3K5MmwVjLBHU+xQcqoyfkuUnFj48v4AVKf7V63qLBPsqr1DWK+ IHs7CShI8JOw+N3WhDoMwgqvff+XBck= X-MC-Unique: de1BPw-2MS6EcvXpgQs7vQ-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 01/15] virNetLibsshSessionAuthAddPrivKeyAuth: Drop 'password' argument Date: Tue, 17 Jan 2023 17:20:26 +0100 Message-Id: <7bc357e1aac2684944c320fa023338cf2403e968.1673972406.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673972486726100004 Content-Type: text/plain; charset="utf-8" The only caller doesn't actually populate it. Remove it to simplify internals. Signed-off-by: Peter Krempa Reviewed-by: Jonathon Jongsma --- src/rpc/virnetlibsshsession.c | 4 +--- src/rpc/virnetlibsshsession.h | 3 +-- src/rpc/virnetsocket.c | 4 +--- 3 files changed, 3 insertions(+), 8 deletions(-) diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c index b1420bea2c..bbc5d54386 100644 --- a/src/rpc/virnetlibsshsession.c +++ b/src/rpc/virnetlibsshsession.c @@ -988,8 +988,7 @@ virNetLibsshSessionAuthAddAgentAuth(virNetLibsshSession= *sess) int virNetLibsshSessionAuthAddPrivKeyAuth(virNetLibsshSession *sess, - const char *keyfile, - const char *password) + const char *keyfile) { virNetLibsshAuthMethod *auth; @@ -1006,7 +1005,6 @@ virNetLibsshSessionAuthAddPrivKeyAuth(virNetLibsshSes= sion *sess, return -1; } - auth->password =3D g_strdup(password); auth->filename =3D g_strdup(keyfile); auth->method =3D VIR_NET_LIBSSH_AUTH_PRIVKEY; auth->ssh_flags =3D SSH_AUTH_METHOD_PUBLICKEY; diff --git a/src/rpc/virnetlibsshsession.h b/src/rpc/virnetlibsshsession.h index c3b5f3e80d..7f94fd15dc 100644 --- a/src/rpc/virnetlibsshsession.h +++ b/src/rpc/virnetlibsshsession.h @@ -46,8 +46,7 @@ int virNetLibsshSessionAuthAddPasswordAuth(virNetLibsshSe= ssion *sess, int virNetLibsshSessionAuthAddAgentAuth(virNetLibsshSession *sess); int virNetLibsshSessionAuthAddPrivKeyAuth(virNetLibsshSession *sess, - const char *keyfile, - const char *password); + const char *keyfile); int virNetLibsshSessionAuthAddKeyboardAuth(virNetLibsshSession *sess, int tries); diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c index 8280bda007..8fbc69d51c 100644 --- a/src/rpc/virnetsocket.c +++ b/src/rpc/virnetsocket.c @@ -1080,9 +1080,7 @@ virNetSocketNewConnectLibssh(const char *host, } else if (STRCASEEQ(authMethod, "password")) { ret =3D virNetLibsshSessionAuthAddPasswordAuth(sess, uri); } else if (STRCASEEQ(authMethod, "privkey")) { - ret =3D virNetLibsshSessionAuthAddPrivKeyAuth(sess, - privkey, - NULL); + ret =3D virNetLibsshSessionAuthAddPrivKeyAuth(sess, privkey); } else if (STRCASEEQ(authMethod, "agent")) { ret =3D virNetLibsshSessionAuthAddAgentAuth(sess); } else { --=20 2.38.1 From nobody Sat May 18 22:54:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673972457; cv=none; d=zohomail.com; s=zohoarc; b=cD+VFka8IUrd2tuz5Zd+trLL2l0so+hLU3X68QczxXyy54O2GtosTAgAYN32VUtQ9ZEhB1fYKvriMMcZyD0NoHXDq6BlWn9FonOECMj+uajKEnTBx6dlqIysI2geajUE29KtWj16nP93SI0v/dNGZS1u+pI7wsV2pEiIM0WzeKA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673972457; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=IQO7o7Crwbik5QuQOKcnieyRMRrnd/lMYFfjf3a3Tmk=; b=HTyMUO2rXmVULJUBXIrEmVTuk2ZhvHyvUyhw2LcJPSeRqP5+2XtzsgIWSwyvYbiFbIbno3kGhTstZfjbNtiz7L+ka6x4PU7O+v4P1PpUujKtFofzu0c/bawOxRkGveTf9K8T5JgYlAwkDl6FJvSGPVGCfFNaGNBNdQ+/ACVqHEE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 167397245710288.4972035914717; Tue, 17 Jan 2023 08:20:57 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-209-YbeZA09OPzCbD_kVi4BKFw-1; Tue, 17 Jan 2023 11:20:48 -0500 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 47B4E80B3C1; Tue, 17 Jan 2023 16:20:45 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 336C74078903; Tue, 17 Jan 2023 16:20:45 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 27C6F19465A4; Tue, 17 Jan 2023 16:20:45 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 73F4619465A4 for ; Tue, 17 Jan 2023 16:20:44 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 657A71121318; Tue, 17 Jan 2023 16:20:44 +0000 (UTC) Received: from speedmetal.lan (ovpn-208-29.brq.redhat.com [10.40.208.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id C77C31121315 for ; Tue, 17 Jan 2023 16:20:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673972456; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=IQO7o7Crwbik5QuQOKcnieyRMRrnd/lMYFfjf3a3Tmk=; b=cbDjwEce9PrHf6jvyjJtwZ2Xcorr5R6Er1VIXhgkra/MfZ4U2YGIAuKDU35SKSYhKmLrxX ibJYSmutc7yXncPDArKgRFBra5FCiD4WMqvq82mT2VMPoBQqOIph8CNYOSGOTMQiYggPny pc5jNF8yCmyOCI2icA4S/pZSVcgYTns= X-MC-Unique: YbeZA09OPzCbD_kVi4BKFw-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 02/15] virNetLibsshAuthMethod: Drop 'password' field Date: Tue, 17 Jan 2023 17:20:27 +0100 Message-Id: <981ba4243e7b219c01dd84686eecad176b1d9863.1673972406.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673972458561100001 Content-Type: text/plain; charset="utf-8" The field was never populated so we can remove it and all the associated logic. Both for password authentication and fetching the password for the public key we still can use the authentication callbacks. Signed-off-by: Peter Krempa Reviewed-by: Jonathon Jongsma --- src/rpc/virnetlibsshsession.c | 61 ++++++++++++++--------------------- 1 file changed, 25 insertions(+), 36 deletions(-) diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c index bbc5d54386..084224b3f8 100644 --- a/src/rpc/virnetlibsshsession.c +++ b/src/rpc/virnetlibsshsession.c @@ -69,7 +69,6 @@ struct _virNetLibsshAuthMethod { virNetLibsshAuthMethods method; int ssh_flags; /* SSH_AUTH_METHOD_* for this auth method */ - char *password; char *filename; int tries; @@ -129,8 +128,6 @@ virNetLibsshSessionDispose(void *obj) } for (i =3D 0; i < sess->nauths; i++) { - virSecureEraseString(sess->auths[i]->password); - g_free(sess->auths[i]->password); g_free(sess->auths[i]->filename); g_free(sess->auths[i]); } @@ -456,7 +453,7 @@ virNetLibsshImportPrivkey(virNetLibsshSession *sess, * failed or libssh did. */ virResetLastError(); - ret =3D ssh_pki_import_privkey_file(priv->filename, priv->password, + ret =3D ssh_pki_import_privkey_file(priv->filename, NULL, virNetLibsshAuthenticatePrivkeyCb, sess, &key); if (ret =3D=3D SSH_EOF) { @@ -564,47 +561,39 @@ virNetLibsshAuthenticatePrivkey(virNetLibsshSession *= sess, * returns SSH_AUTH_* values */ static int -virNetLibsshAuthenticatePassword(virNetLibsshSession *sess, - virNetLibsshAuthMethod *priv) +virNetLibsshAuthenticatePassword(virNetLibsshSession *sess) { const char *errmsg; int rc =3D SSH_AUTH_ERROR; VIR_DEBUG("sess=3D%p", sess); - if (priv->password) { - /* tunnelled password authentication */ - if ((rc =3D ssh_userauth_password(sess->session, NULL, - priv->password)) =3D=3D 0) - return SSH_AUTH_SUCCESS; - } else { - /* password authentication with interactive password request */ - if (!sess->cred || !sess->cred->cb) { - virReportError(VIR_ERR_LIBSSH, "%s", - _("Can't perform authentication: " - "Authentication callback not provided")); - return SSH_AUTH_ERROR; - } + /* password authentication with interactive password request */ + if (!sess->cred || !sess->cred->cb) { + virReportError(VIR_ERR_LIBSSH, "%s", + _("Can't perform authentication: " + "Authentication callback not provided")); + return SSH_AUTH_ERROR; + } - /* Try the authenticating the set amount of times. The server brea= ks the - * connection if maximum number of bad auth tries is exceeded */ - while (true) { - g_autofree char *password =3D NULL; + /* Try the authenticating the set amount of times. The server breaks t= he + * connection if maximum number of bad auth tries is exceeded */ + while (true) { + g_autofree char *password =3D NULL; - if (!(password =3D virAuthGetPasswordPath(sess->authPath, sess= ->cred, - "ssh", sess->username, - sess->hostname))) - return SSH_AUTH_ERROR; + if (!(password =3D virAuthGetPasswordPath(sess->authPath, sess->cr= ed, + "ssh", sess->username, + sess->hostname))) + return SSH_AUTH_ERROR; - /* tunnelled password authentication */ - rc =3D ssh_userauth_password(sess->session, NULL, password); - virSecureEraseString(password); + /* tunnelled password authentication */ + rc =3D ssh_userauth_password(sess->session, NULL, password); + virSecureEraseString(password); - if (rc =3D=3D 0) - return SSH_AUTH_SUCCESS; - else if (rc !=3D SSH_AUTH_DENIED) - break; - } + if (rc =3D=3D 0) + return SSH_AUTH_SUCCESS; + else if (rc !=3D SSH_AUTH_DENIED) + break; } /* error path */ @@ -809,7 +798,7 @@ virNetLibsshAuthenticate(virNetLibsshSession *sess) break; case VIR_NET_LIBSSH_AUTH_PASSWORD: /* try to authenticate with password */ - ret =3D virNetLibsshAuthenticatePassword(sess, auth); + ret =3D virNetLibsshAuthenticatePassword(sess); break; } --=20 2.38.1 From nobody Sat May 18 22:54:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673972479; cv=none; d=zohomail.com; s=zohoarc; b=LMzS29lT6RUIpLD3lR+SDnQEkeFrQGjyRjGOCLeq6a1a5sIGnCeSvzF5AxlD0jnDCikSN0TeEsIVj1sATgxvuqSHIo5PL3ABkLl6yRWoi6rOtIpoqELuievU47ESzjlJ5ldrpw97G+37Rpjm4qws8aGvZAR0TEcMmdOy4jVtelY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673972479; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Q85R+e0ShCD/47TfczxldapEEEzObVtb8iwFB/M6hHY=; b=D+Wb25haUOejPw45oAEu4DMyQu6eBjZDlyjAfwlcYJPYoZKoEeTcV4Z+XC93Kgkx/V7GnrZug91CsAmrqjvCBjNXRBjr449Vp3sX0nnPam977cctxFGU+Q29iwn5x0fzz81c7aq9j8i39WovdD6EWApD0SZDzCf2WKwX9OmwQfQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1673972479687434.1676066223347; Tue, 17 Jan 2023 08:21:19 -0800 (PST) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-529-aet4u14hMh-d3f-Y7a9W2Q-1; Tue, 17 Jan 2023 11:21:14 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id DD5241C07825; Tue, 17 Jan 2023 16:20:46 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id C8EBF1415108; Tue, 17 Jan 2023 16:20:46 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id B363819465A4; Tue, 17 Jan 2023 16:20:46 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 76D3719465A3 for ; Tue, 17 Jan 2023 16:20:45 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 591DA1121318; Tue, 17 Jan 2023 16:20:45 +0000 (UTC) Received: from speedmetal.lan (ovpn-208-29.brq.redhat.com [10.40.208.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id BFD2B1121315 for ; Tue, 17 Jan 2023 16:20:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673972478; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=Q85R+e0ShCD/47TfczxldapEEEzObVtb8iwFB/M6hHY=; b=OAAqqkEhJ4NHVGn3HoU2sAiVmwtB+2DbVNfbIo7YS4ytuDtKYodKtz6iXHZzEaBoN0wZih SBjbkdMxsdvcBEKi/R0eUPe7gqoAjK4BypjCJPvT/YNO7lEVJ3tqfnFE2ZcaRp/eVYbj4A NwJ9N4JO1IcaDCMDoG1yxdKibdbQUog= X-MC-Unique: aet4u14hMh-d3f-Y7a9W2Q-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 03/15] util: authconfig: Use automatic pointer clearing for virAuthConfig Date: Tue, 17 Jan 2023 17:20:28 +0100 Message-Id: <4959b56e93b5f8ecc59a76e1ffbaf7ae5aa9fef9.1673972406.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673972480687100003 Content-Type: text/plain; charset="utf-8" Fix and clean up the error paths in virAuthConfigNew*. Signed-off-by: Peter Krempa Reviewed-by: Jonathon Jongsma --- src/util/virauthconfig.c | 28 ++++++++-------------------- 1 file changed, 8 insertions(+), 20 deletions(-) diff --git a/src/util/virauthconfig.c b/src/util/virauthconfig.c index dabd7cd217..983ac47f6b 100644 --- a/src/util/virauthconfig.c +++ b/src/util/virauthconfig.c @@ -37,23 +37,17 @@ VIR_LOG_INIT("util.authconfig"); virAuthConfig *virAuthConfigNew(const char *path) { - virAuthConfig *auth; - - auth =3D g_new0(virAuthConfig, 1); + g_autoptr(virAuthConfig) auth =3D g_new0(virAuthConfig, 1); auth->path =3D g_strdup(path); if (!(auth->keyfile =3D g_key_file_new())) - goto error; + return NULL; if (!g_key_file_load_from_file(auth->keyfile, path, 0, NULL)) - goto error; - - return auth; + return NULL; - error: - virAuthConfigFree(auth); - return NULL; + return g_steal_pointer(&auth); } @@ -61,23 +55,17 @@ virAuthConfig *virAuthConfigNewData(const char *path, const char *data, size_t len) { - virAuthConfig *auth; - - auth =3D g_new0(virAuthConfig, 1); + g_autoptr(virAuthConfig) auth =3D g_new0(virAuthConfig, 1); auth->path =3D g_strdup(path); if (!(auth->keyfile =3D g_key_file_new())) - goto error; + return NULL; if (!g_key_file_load_from_data(auth->keyfile, data, len, 0, NULL)) - goto error; - - return auth; + return NULL; - error: - virAuthConfigFree(auth); - return NULL; + return g_steal_pointer(&auth); } --=20 2.38.1 From nobody Sat May 18 22:54:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673972479; cv=none; d=zohomail.com; s=zohoarc; b=Ux0ds0OJRb1DU2gPgBFoaJ4nuQd0ygbLHIwXonX04N5hQgxooT9OQhrrRk4y3S/9kf+m21ZdIaYu3obJvvg6V6YVXLPi8FrS+xkGukW7Wwfzpf3mK5d20a//3Do0JN4x4nbga2Gy/GtdDWVLEzxncJLwmnGfRDTumiBQbysGrnI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673972479; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=0yK/Yvd7Zx3jsQ1oRvWRkILmqC71emLCo298OlkDZpk=; b=Si6myNuJD+Dg3eUbYdNP3kR6XK1gajg3UsZv59H267as19F5/IeB4fI4+whs52awJGKu6/GvvDuT+uj8HQ67D+meCrrXBMz5HGsuLFRpl6d5fmCGG7XnXUwHFMRcbYxZ6ks56M4JwviLKDQ1kCJqE/LI598RYQ71P1+DrjcHgtA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1673972479107175.31415939987596; Tue, 17 Jan 2023 08:21:19 -0800 (PST) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-518-zNaLx9FpM4q0D7uCpcYjeQ-1; Tue, 17 Jan 2023 11:21:12 -0500 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 262FF2801E59; Tue, 17 Jan 2023 16:20:47 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 088954078909; Tue, 17 Jan 2023 16:20:47 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id E8B991946A77; Tue, 17 Jan 2023 16:20:46 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 742B519465A3 for ; Tue, 17 Jan 2023 16:20:46 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 5869B1121318; Tue, 17 Jan 2023 16:20:46 +0000 (UTC) Received: from speedmetal.lan (ovpn-208-29.brq.redhat.com [10.40.208.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id C03821121315 for ; Tue, 17 Jan 2023 16:20:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673972477; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=0yK/Yvd7Zx3jsQ1oRvWRkILmqC71emLCo298OlkDZpk=; b=X+lM5UGR8HmTDmQnFxzs8R7IC6DgyToZb82sbsZV7izS48QnXxEVVsJrI4XzQi3KxYXUZQ W0YtjL9zXbrPorsX2jYKxSfCkaV3U6viqp7KnQa8EIe62bcA642LndYqOEDKtiy+2uOyKj 4z5T77hIcj+Mmz2dwxMveUVgpfQeVak= X-MC-Unique: zNaLx9FpM4q0D7uCpcYjeQ-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 04/15] util: authconfig: Use conteporary and consistent header style Date: Tue, 17 Jan 2023 17:20:29 +0100 Message-Id: <8518fde3b8bea2c0b6947e75d0c116c18c72f82c.1673972406.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673972480680100002 Content-Type: text/plain; charset="utf-8" Signed-off-by: Peter Krempa Reviewed-by: Jonathon Jongsma --- src/util/virauthconfig.c | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/src/util/virauthconfig.c b/src/util/virauthconfig.c index 983ac47f6b..0363a1bef9 100644 --- a/src/util/virauthconfig.c +++ b/src/util/virauthconfig.c @@ -35,7 +35,8 @@ struct _virAuthConfig { VIR_LOG_INIT("util.authconfig"); -virAuthConfig *virAuthConfigNew(const char *path) +virAuthConfig * +virAuthConfigNew(const char *path) { g_autoptr(virAuthConfig) auth =3D g_new0(virAuthConfig, 1); @@ -51,9 +52,10 @@ virAuthConfig *virAuthConfigNew(const char *path) } -virAuthConfig *virAuthConfigNewData(const char *path, - const char *data, - size_t len) +virAuthConfig * +virAuthConfigNewData(const char *path, + const char *data, + size_t len) { g_autoptr(virAuthConfig) auth =3D g_new0(virAuthConfig, 1); @@ -69,7 +71,8 @@ virAuthConfig *virAuthConfigNewData(const char *path, } -void virAuthConfigFree(virAuthConfig *auth) +void +virAuthConfigFree(virAuthConfig *auth) { if (!auth) return; @@ -80,11 +83,12 @@ void virAuthConfigFree(virAuthConfig *auth) } -int virAuthConfigLookup(virAuthConfig *auth, - const char *service, - const char *hostname, - const char *credname, - char **value) +int +virAuthConfigLookup(virAuthConfig *auth, + const char *service, + const char *hostname, + const char *credname, + char **value) { g_autofree char *authgroup =3D NULL; g_autofree char *credgroup =3D NULL; --=20 2.38.1 From nobody Sat May 18 22:54:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673972493; cv=none; d=zohomail.com; s=zohoarc; b=HqAkfZOOc7HeDCSBPjBf4gWeZmRuRlR69LsxxlRXm5RVXAojjUclyF7GWkoougaTOH15iVSHk/k8kubkfliO9tknEYcNSceaB4wf7cnIH5/rFjCSeCcIflsv3NEsXrgUvcYh2P4i7BJi7QvCOHicsrYJskOLpv8oT93gHeBCCkE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673972493; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=y9+SXpX+H9s0gopa3mDiz5q2BewFgPuwpP2kZEg51Oc=; b=e68oXP4Cedcp0eT0P2J8vVnnE/kUjPjl4T39saorlWHI4cK9JmpQszjPqTLI35Moxy9XqRngqYFhMf3ko03PCQ/JQ9DFuZrGAGUIn/V8M9vEwNeGQSVkeyAt8sH5X/JL+vBQUwttSP/MMSYrCPxY7PLcNRoUWXC+32dGrxzRhKQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 167397249347187.41477541058657; Tue, 17 Jan 2023 08:21:33 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-46-Hyx4XJ8NOAuioFfoH3BO7w-1; Tue, 17 Jan 2023 11:21:07 -0500 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B67581991C4A; Tue, 17 Jan 2023 16:20:49 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6BCFAC15BA0; Tue, 17 Jan 2023 16:20:49 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 5DA0019465A4; Tue, 17 Jan 2023 16:20:49 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id A0ABD19465A3 for ; Tue, 17 Jan 2023 16:20:47 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 81BDF112131E; Tue, 17 Jan 2023 16:20:47 +0000 (UTC) Received: from speedmetal.lan (ovpn-208-29.brq.redhat.com [10.40.208.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id BC3D21121315 for ; Tue, 17 Jan 2023 16:20:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673972492; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=y9+SXpX+H9s0gopa3mDiz5q2BewFgPuwpP2kZEg51Oc=; b=WChCx2DdnWsXMhTkbJS4UEt/Xv5Uok43fbOq2t6DXBA4KN7sZBrvzKNbJbqfDU/IEPuVu2 vjz4mmGedIGHVa1ekIYPWjEe+kCDw9y9LxtMfDChkrk4bgwtsb7t36JA2wBGCT+f7Pr0X1 2C81p3BfBjIaxMUD+l+oo2iD8GndzuM= X-MC-Unique: Hyx4XJ8NOAuioFfoH3BO7w-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 05/15] virNetSSHSessionAuthAddPrivKeyAuth: Remove unused 'password' argument Date: Tue, 17 Jan 2023 17:20:30 +0100 Message-Id: <79dd0f34e26b5457fa4b3a8a13a9a7afe2508ca5.1673972406.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.8 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673972494932100001 Content-Type: text/plain; charset="utf-8" The only caller doesn't pass the password. Remove the argument. Signed-off-by: Peter Krempa Reviewed-by: Jonathon Jongsma --- src/rpc/virnetsocket.c | 3 +-- src/rpc/virnetsshsession.c | 7 +------ src/rpc/virnetsshsession.h | 3 +-- 3 files changed, 3 insertions(+), 10 deletions(-) diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c index 8fbc69d51c..b9b7328f87 100644 --- a/src/rpc/virnetsocket.c +++ b/src/rpc/virnetsocket.c @@ -954,8 +954,7 @@ virNetSocketNewConnectLibSSH2(const char *host, } else if (STRCASEEQ(authMethod, "privkey")) { ret =3D virNetSSHSessionAuthAddPrivKeyAuth(sess, username, - privkey, - NULL); + privkey); } else if (STRCASEEQ(authMethod, "agent")) { ret =3D virNetSSHSessionAuthAddAgentAuth(sess, username); } else { diff --git a/src/rpc/virnetsshsession.c b/src/rpc/virnetsshsession.c index 485318d09b..08f246be61 100644 --- a/src/rpc/virnetsshsession.c +++ b/src/rpc/virnetsshsession.c @@ -1056,13 +1056,11 @@ virNetSSHSessionAuthAddAgentAuth(virNetSSHSession *= sess, int virNetSSHSessionAuthAddPrivKeyAuth(virNetSSHSession *sess, const char *username, - const char *keyfile, - const char *password) + const char *keyfile) { virNetSSHAuthMethod *auth; char *user =3D NULL; - char *pass =3D NULL; char *file =3D NULL; if (!username || !keyfile) { @@ -1076,13 +1074,11 @@ virNetSSHSessionAuthAddPrivKeyAuth(virNetSSHSession= *sess, user =3D g_strdup(username); file =3D g_strdup(keyfile); - pass =3D g_strdup(password); if (!(auth =3D virNetSSHSessionAuthMethodNew(sess))) goto error; auth->username =3D user; - auth->password =3D pass; auth->filename =3D file; auth->method =3D VIR_NET_SSH_AUTH_PRIVKEY; @@ -1091,7 +1087,6 @@ virNetSSHSessionAuthAddPrivKeyAuth(virNetSSHSession *= sess, error: VIR_FREE(user); - VIR_FREE(pass); VIR_FREE(file); virObjectUnlock(sess); return -1; diff --git a/src/rpc/virnetsshsession.h b/src/rpc/virnetsshsession.h index 7a056df37f..8d6c99c547 100644 --- a/src/rpc/virnetsshsession.h +++ b/src/rpc/virnetsshsession.h @@ -56,8 +56,7 @@ int virNetSSHSessionAuthAddAgentAuth(virNetSSHSession *se= ss, int virNetSSHSessionAuthAddPrivKeyAuth(virNetSSHSession *sess, const char *username, - const char *keyfile, - const char *password); + const char *keyfile); int virNetSSHSessionAuthAddKeyboardAuth(virNetSSHSession *sess, const char *username, --=20 2.38.1 From nobody Sat May 18 22:54:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673972459; cv=none; d=zohomail.com; s=zohoarc; b=bkgKF+se54Skmm+DSf5tQXo++Mu9Zv9REqMU/zhvbTHtJNUSkuNEoYuSxM6G1MBC49bizSjRLQBP8Lw82lif1f6SLuZzKfvpv2xoJCor/f+pnRoJytWs6K60UvHrfRdjpF/mM7GTgQEk+YNeg0wDXbwrzswyljuUZuTP3CI4XwQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673972459; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=QYI8/6DNccXmxB43UCj6fEyzi/f2olkSZJiN6Qk/Veg=; b=ZLELFMnXapmAW+yZYPG1xSyyC9PTWqEezMmttAan9m6i8eEgsIRvmUehTYCtKKjcL/UMazigYFM8fiRd70f7Ko0074IQ3FNxqXGoyN9bcc/BZXpwubqOBMNeskI+51qWaNk3+7JuUiQzVPMK3zh1Qb0J1PBCr0CBOR4PgmXq/2I= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1673972459226796.6656854309864; Tue, 17 Jan 2023 08:20:59 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-164-yFAxQLj2MPm-rHo8a58DSA-1; Tue, 17 Jan 2023 11:20:53 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 52684857D0D; Tue, 17 Jan 2023 16:20:51 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3EC3440444C3; Tue, 17 Jan 2023 16:20:51 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 3023219465A4; Tue, 17 Jan 2023 16:20:51 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 9BA9E19465A3 for ; Tue, 17 Jan 2023 16:20:48 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 729881121315; Tue, 17 Jan 2023 16:20:48 +0000 (UTC) Received: from speedmetal.lan (ovpn-208-29.brq.redhat.com [10.40.208.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id E196B1121318 for ; Tue, 17 Jan 2023 16:20:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673972457; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=QYI8/6DNccXmxB43UCj6fEyzi/f2olkSZJiN6Qk/Veg=; b=iCqiTx9s+H3jfogxbQNMUkONZIDOlv4HmuvzNslH4sGV7Cnr4Qczu96P38WxPzHaU+Zmt6 oruL8B1LxNanDkJxUEd/n9PjCchHAw1DXeqqoEiQMcpiOXhOKLJZM1HdT4VKDOzeYkX9Oz lMbeho+3Qj91iE8ui1l+9nKGB1HgDk8= X-MC-Unique: yFAxQLj2MPm-rHo8a58DSA-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 06/15] virNetSSHSessionAuthAddPrivKeyAuth: Refactor cleanup Date: Tue, 17 Jan 2023 17:20:31 +0100 Message-Id: <871dc585965374237c8534b5769697767849d202.1673972406.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673972460588100003 Content-Type: text/plain; charset="utf-8" With g_strdup not failing we can remove all of the 'error' section. Signed-off-by: Peter Krempa Reviewed-by: Jonathon Jongsma --- src/rpc/virnetsshsession.c | 18 +++--------------- 1 file changed, 3 insertions(+), 15 deletions(-) diff --git a/src/rpc/virnetsshsession.c b/src/rpc/virnetsshsession.c index 08f246be61..9f2aa17131 100644 --- a/src/rpc/virnetsshsession.c +++ b/src/rpc/virnetsshsession.c @@ -1060,9 +1060,6 @@ virNetSSHSessionAuthAddPrivKeyAuth(virNetSSHSession *= sess, { virNetSSHAuthMethod *auth; - char *user =3D NULL; - char *file =3D NULL; - if (!username || !keyfile) { virReportError(VIR_ERR_SSH, "%s", _("Username and key file path must be provided " @@ -1072,24 +1069,15 @@ virNetSSHSessionAuthAddPrivKeyAuth(virNetSSHSession= *sess, virObjectLock(sess); - user =3D g_strdup(username); - file =3D g_strdup(keyfile); - if (!(auth =3D virNetSSHSessionAuthMethodNew(sess))) - goto error; + return -1; - auth->username =3D user; - auth->filename =3D file; + auth->username =3D g_strdup(username); + auth->filename =3D g_strdup(keyfile); auth->method =3D VIR_NET_SSH_AUTH_PRIVKEY; virObjectUnlock(sess); return 0; - - error: - VIR_FREE(user); - VIR_FREE(file); - virObjectUnlock(sess); - return -1; } int --=20 2.38.1 From nobody Sat May 18 22:54:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673972476; cv=none; d=zohomail.com; s=zohoarc; b=OZdvVhvotsW7VNotgjdG50Y+eiiq37ZaDEl7RykvVPeFL7jF1bqECRkG9/MVyc/mSEtxrnu9uZbTAZjwN6MQTfq0k0D9eQ1u1f6w9xGgBOohz2sfL8B/o3GfPCGiEro1+XxFU4krPHJmzh9Zmb+3Ze6mEKEE+q1ZGZwkNJ4MCk8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673972476; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=lhCJIV+AowgfKjU3N4oB9EW9gRllL/41gF/ccMqrWu8=; b=P9L9gW6qGkLRhJUGJMiEhHSfCoSMvUzdeKkLFzBMRra/xb7O0qsMNQew0HXE6MKaEfeHdiVFncn2GwmRhEtK4/6ucr2WS2L4ruz9WZLJOb7/b68ewRU/0QNUvaFbnd6ZuDH2/8U+rH3NMbpTY928sK7/jIwOXV9UC0PnbRJ1krg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1673972476108740.3814602211032; Tue, 17 Jan 2023 08:21:16 -0800 (PST) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-412-cZw0_lynMMWOsQ9e0Hn6Kg-1; Tue, 17 Jan 2023 11:21:12 -0500 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B3D1629A9CB5; Tue, 17 Jan 2023 16:20:51 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9FFA27AE5; Tue, 17 Jan 2023 16:20:51 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 64DE11946A77; Tue, 17 Jan 2023 16:20:51 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id BA3DD19465A4 for ; Tue, 17 Jan 2023 16:20:49 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id B05201121319; Tue, 17 Jan 2023 16:20:49 +0000 (UTC) Received: from speedmetal.lan (ovpn-208-29.brq.redhat.com [10.40.208.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id 025551121315 for ; Tue, 17 Jan 2023 16:20:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673972475; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=lhCJIV+AowgfKjU3N4oB9EW9gRllL/41gF/ccMqrWu8=; b=JrR4ybzd7jR0hcKflaeuhBCfYahpyIm3Jaf6BZ1cHls2Qh8WvkTW9GSZwQGvRELYno1c/c JCzOZS5lYlPQOXGOb2K5WXBm/1f/9f3sCxceLcULvx/xvGv77QG4gouogsvf0FQ4K+mlPR 7ah7JnH7EWE3kNYJJw061tIKQ03HfKQ= X-MC-Unique: cZw0_lynMMWOsQ9e0Hn6Kg-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 07/15] virNetSSHAuthMethod: Remove unused 'password' field Date: Tue, 17 Jan 2023 17:20:32 +0100 Message-Id: <4939efed217e69dd181dc7c89c2523d5ac62d4e2.1673972406.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673972476693100001 Content-Type: text/plain; charset="utf-8" None of the callers actually set it. Remove the field and corresponding logic. Signed-off-by: Peter Krempa Reviewed-by: Jonathon Jongsma --- src/rpc/virnetsshsession.c | 57 +++++++++++++++----------------------- 1 file changed, 22 insertions(+), 35 deletions(-) diff --git a/src/rpc/virnetsshsession.c b/src/rpc/virnetsshsession.c index 9f2aa17131..0454deec16 100644 --- a/src/rpc/virnetsshsession.c +++ b/src/rpc/virnetsshsession.c @@ -71,7 +71,6 @@ typedef struct _virNetSSHAuthMethod virNetSSHAuthMethod; struct _virNetSSHAuthMethod { virNetSSHAuthMethods method; char *username; - char *password; char *filename; int tries; @@ -117,7 +116,6 @@ virNetSSHSessionAuthMethodsClear(virNetSSHSession *sess) for (i =3D 0; i < sess->nauths; i++) { VIR_FREE(sess->auths[i]->username); - VIR_FREE(sess->auths[i]->password); VIR_FREE(sess->auths[i]->filename); VIR_FREE(sess->auths[i]); } @@ -580,12 +578,11 @@ virNetSSHAuthenticatePrivkey(virNetSSHSession *sess, priv->username, NULL, priv->filename, - priv->password)) =3D=3D= 0) + NULL)) =3D=3D 0) return 0; /* success */ VIR_WARNINGS_NO_WLOGICALOP_EQUAL_EXPR - if (priv->password || - ret =3D=3D LIBSSH2_ERROR_PUBLICKEY_UNRECOGNIZED || + if (ret =3D=3D LIBSSH2_ERROR_PUBLICKEY_UNRECOGNIZED || ret =3D=3D LIBSSH2_ERROR_AUTHENTICATION_FAILED) { VIR_WARNINGS_RESET libssh2_session_last_error(sess->session, &errmsg, NULL, 0); @@ -681,44 +678,34 @@ virNetSSHAuthenticatePassword(virNetSSHSession *sess, VIR_DEBUG("sess=3D%p", sess); - if (priv->password) { + /* password authentication with interactive password request */ + if (!sess->cred || !sess->cred->cb) { + virReportError(VIR_ERR_SSH, "%s", + _("Can't perform authentication: " + "Authentication callback not provided")); + goto cleanup; + } + + /* Try the authenticating the set amount of times. The server breaks t= he + * connection if maximum number of bad auth tries is exceeded */ + while (true) { + if (!(password =3D virAuthGetPasswordPath(sess->authPath, sess->cr= ed, + "ssh", priv->username, + sess->hostname))) + goto cleanup; + /* tunnelled password authentication */ if ((rc =3D libssh2_userauth_password(sess->session, priv->username, - priv->password)) =3D=3D 0) { + password)) =3D=3D 0) { ret =3D 0; goto cleanup; } - } else { - /* password authentication with interactive password request */ - if (!sess->cred || !sess->cred->cb) { - virReportError(VIR_ERR_SSH, "%s", - _("Can't perform authentication: " - "Authentication callback not provided")); - goto cleanup; - } - /* Try the authenticating the set amount of times. The server brea= ks the - * connection if maximum number of bad auth tries is exceeded */ - while (true) { - if (!(password =3D virAuthGetPasswordPath(sess->authPath, sess= ->cred, - "ssh", priv->username, - sess->hostname))) - goto cleanup; - - /* tunnelled password authentication */ - if ((rc =3D libssh2_userauth_password(sess->session, - priv->username, - password)) =3D=3D 0) { - ret =3D 0; - goto cleanup; - } - - if (rc !=3D LIBSSH2_ERROR_AUTHENTICATION_FAILED) - break; + if (rc !=3D LIBSSH2_ERROR_AUTHENTICATION_FAILED) + break; - VIR_FREE(password); - } + VIR_FREE(password); } /* error path */ --=20 2.38.1 From nobody Sat May 18 22:54:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673972480; cv=none; d=zohomail.com; s=zohoarc; b=Pk30TAGcP/b4RpNpPRtSUEstsvH85VUomnj45YOEGPjT/X6SjpjH6oziinz5EI/YQsYp3SX5MDGrJ+5qBXxA74+dOmqealO2EGwlpvD3BbCkvZe8kK7iO0rz05mOxIlNfxEY/QHLqp3kg21YjwoBWCC5bYtT5Cwkiy71EOw9icw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673972480; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=CSobbf1bFaMeKCIETOgvZcmPhbiPmMsFCajXpG57wQU=; b=W5bBDeLsBJC1TKht+3dKYwXFDijk4FlJyk43KEwFE+n492VFY4CSWeXCMRxAPMQFCbvoskNRMpg0uGJHRoxaucGuO/2RtHXVpXlcIJmEPHqt7Z9GafU3KmGQlgRPcCl51i/9zCOcncwYv9EY6F+k5aV7pBX6RCrA2NYWgHMxD7o= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1673972480059775.3121694484723; Tue, 17 Jan 2023 08:21:20 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-548-oozkKq0eNTedcZSRp1__Fg-1; Tue, 17 Jan 2023 11:21:14 -0500 Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id D2F3085CCE6; Tue, 17 Jan 2023 16:20:52 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id BADD7492B00; Tue, 17 Jan 2023 16:20:52 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 99D2E19465B9; Tue, 17 Jan 2023 16:20:52 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id C0FF219465A3 for ; Tue, 17 Jan 2023 16:20:50 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id B29EA1121319; Tue, 17 Jan 2023 16:20:50 +0000 (UTC) Received: from speedmetal.lan (ovpn-208-29.brq.redhat.com [10.40.208.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1F21A1121318 for ; Tue, 17 Jan 2023 16:20:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673972478; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=CSobbf1bFaMeKCIETOgvZcmPhbiPmMsFCajXpG57wQU=; b=WMUYVm4cIwJkL5UgGHI/ikoRy4yFEr1eBhZ5KuULrO7RCvLyDgJ6sgivIgphTvWOQlAWwi d1G4b3iocgi7HyqVWSghXUyrFFZmNQE+WTWWAnO16qWNCYmBJElGdMnGdFRq72YwA4xfwi r6zwlGDyy++NRqM8TMT26oHDibmy0w8= X-MC-Unique: oozkKq0eNTedcZSRp1__Fg-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 08/15] virnetsshsession: Pass in username via virNetSSHSessionNew rather than auth functions Date: Tue, 17 Jan 2023 17:20:33 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.10 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673972480736100004 Content-Type: text/plain; charset="utf-8" We only ever allow one username so there's no point passing it to each authentication registration function. Additionally the only caller (virNetClientNewLibSSH2) always passes a username so all the checks were pointless. Signed-off-by: Peter Krempa Reviewed-by: Jonathon Jongsma --- src/rpc/virnetsocket.c | 14 +++---- src/rpc/virnetsshsession.c | 84 ++++++++++---------------------------- src/rpc/virnetsshsession.h | 10 ++--- 3 files changed, 29 insertions(+), 79 deletions(-) diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c index b9b7328f87..b248ce24dc 100644 --- a/src/rpc/virnetsocket.c +++ b/src/rpc/virnetsocket.c @@ -909,7 +909,7 @@ virNetSocketNewConnectLibSSH2(const char *host, } /* create ssh session context */ - if (!(sess =3D virNetSSHSessionNew())) + if (!(sess =3D virNetSSHSessionNew(username))) goto error; /* set ssh session parameters */ @@ -946,17 +946,13 @@ virNetSocketNewConnectLibSSH2(const char *host, const char *authMethod =3D *authMethodNext; if (STRCASEEQ(authMethod, "keyboard-interactive")) { - ret =3D virNetSSHSessionAuthAddKeyboardAuth(sess, username, -1= ); + ret =3D virNetSSHSessionAuthAddKeyboardAuth(sess, -1); } else if (STRCASEEQ(authMethod, "password")) { - ret =3D virNetSSHSessionAuthAddPasswordAuth(sess, - uri, - username); + ret =3D virNetSSHSessionAuthAddPasswordAuth(sess, uri); } else if (STRCASEEQ(authMethod, "privkey")) { - ret =3D virNetSSHSessionAuthAddPrivKeyAuth(sess, - username, - privkey); + ret =3D virNetSSHSessionAuthAddPrivKeyAuth(sess, privkey); } else if (STRCASEEQ(authMethod, "agent")) { - ret =3D virNetSSHSessionAuthAddAgentAuth(sess, username); + ret =3D virNetSSHSessionAuthAddAgentAuth(sess); } else { virReportError(VIR_ERR_INVALID_ARG, _("Invalid authentication method: '%s'"), diff --git a/src/rpc/virnetsshsession.c b/src/rpc/virnetsshsession.c index 0454deec16..8f59906b4a 100644 --- a/src/rpc/virnetsshsession.c +++ b/src/rpc/virnetsshsession.c @@ -70,7 +70,6 @@ typedef struct _virNetSSHAuthMethod virNetSSHAuthMethod; struct _virNetSSHAuthMethod { virNetSSHAuthMethods method; - char *username; char *filename; int tries; @@ -93,6 +92,7 @@ struct _virNetSSHSession { int port; /* authentication stuff */ + char *username; virConnectAuthPtr cred; char *authPath; virNetSSHAuthCallbackError authCbErr; @@ -115,7 +115,6 @@ virNetSSHSessionAuthMethodsClear(virNetSSHSession *sess) size_t i; for (i =3D 0; i < sess->nauths; i++) { - VIR_FREE(sess->auths[i]->username); VIR_FREE(sess->auths[i]->filename); VIR_FREE(sess->auths[i]); } @@ -151,6 +150,7 @@ virNetSSHSessionDispose(void *obj) g_free(sess->hostname); g_free(sess->knownHostsFile); g_free(sess->authPath); + g_free(sess->username); } static virClass *virNetSSHSessionClass; @@ -488,8 +488,7 @@ virNetSSHCheckHostKey(virNetSSHSession *sess) * -1 on error */ static int -virNetSSHAuthenticateAgent(virNetSSHSession *sess, - virNetSSHAuthMethod *priv) +virNetSSHAuthenticateAgent(virNetSSHSession *sess) { struct libssh2_agent_publickey *agent_identity =3D NULL; bool no_identity =3D true; @@ -515,7 +514,7 @@ virNetSSHAuthenticateAgent(virNetSSHSession *sess, agent_identity))) { no_identity =3D false; if (!(ret =3D libssh2_agent_userauth(sess->agent, - priv->username, + sess->username, agent_identity))) return 0; /* key accepted */ @@ -575,7 +574,7 @@ virNetSSHAuthenticatePrivkey(virNetSSHSession *sess, /* try open the key with no password */ if ((ret =3D libssh2_userauth_publickey_fromfile(sess->session, - priv->username, + sess->username, NULL, priv->filename, NULL)) =3D=3D 0) @@ -634,7 +633,7 @@ virNetSSHAuthenticatePrivkey(virNetSSHSession *sess, VIR_FREE(tmp); ret =3D libssh2_userauth_publickey_fromfile(sess->session, - priv->username, + sess->username, NULL, priv->filename, retr_passphrase.result); @@ -668,8 +667,7 @@ virNetSSHAuthenticatePrivkey(virNetSSHSession *sess, * -1 on error */ static int -virNetSSHAuthenticatePassword(virNetSSHSession *sess, - virNetSSHAuthMethod *priv) +virNetSSHAuthenticatePassword(virNetSSHSession *sess) { char *password =3D NULL; char *errmsg; @@ -690,13 +688,13 @@ virNetSSHAuthenticatePassword(virNetSSHSession *sess, * connection if maximum number of bad auth tries is exceeded */ while (true) { if (!(password =3D virAuthGetPasswordPath(sess->authPath, sess->cr= ed, - "ssh", priv->username, + "ssh", sess->username, sess->hostname))) goto cleanup; /* tunnelled password authentication */ if ((rc =3D libssh2_userauth_password(sess->session, - priv->username, + sess->username, password)) =3D=3D 0) { ret =3D 0; goto cleanup; @@ -751,7 +749,7 @@ virNetSSHAuthenticateKeyboardInteractive(virNetSSHSessi= on *sess, * connection if maximum number of bad auth tries is exceeded */ while (priv->tries < 0 || priv->tries-- > 0) { ret =3D libssh2_userauth_keyboard_interactive(sess->session, - priv->username, + sess->username, virNetSSHKbIntCb); /* check for errors while calling the callback */ @@ -817,9 +815,8 @@ virNetSSHAuthenticate(virNetSSHSession *sess) } /* obtain list of supported auth methods */ - auth_list =3D libssh2_userauth_list(sess->session, - sess->auths[0]->username, - strlen(sess->auths[0]->username)); + auth_list =3D libssh2_userauth_list(sess->session, sess->username, + strlen(sess->username)); if (!auth_list) { /* unlikely event, authentication succeeded with NONE as method */ if (libssh2_userauth_authenticated(sess->session) =3D=3D 1) @@ -845,7 +842,7 @@ virNetSSHAuthenticate(virNetSSHSession *sess) break; case VIR_NET_SSH_AUTH_AGENT: if (strstr(auth_list, "publickey")) - ret =3D virNetSSHAuthenticateAgent(sess, auth); + ret =3D virNetSSHAuthenticateAgent(sess); break; case VIR_NET_SSH_AUTH_PRIVKEY: if (strstr(auth_list, "publickey")) @@ -853,7 +850,7 @@ virNetSSHAuthenticate(virNetSSHSession *sess) break; case VIR_NET_SSH_AUTH_PASSWORD: if (strstr(auth_list, "password")) - ret =3D virNetSSHAuthenticatePassword(sess, auth); + ret =3D virNetSSHAuthenticatePassword(sess); break; } @@ -969,11 +966,9 @@ virNetSSHSessionAuthReset(virNetSSHSession *sess) int virNetSSHSessionAuthAddPasswordAuth(virNetSSHSession *sess, - virURI *uri, - const char *username) + virURI *uri) { virNetSSHAuthMethod *auth; - char *user =3D NULL; if (uri) { VIR_FREE(sess->authPath); @@ -982,75 +977,50 @@ virNetSSHSessionAuthAddPasswordAuth(virNetSSHSession = *sess, goto error; } - if (!username) { - if (!(user =3D virAuthGetUsernamePath(sess->authPath, sess->cred, - "ssh", NULL, sess->hostname))) - goto error; - } else { - user =3D g_strdup(username); - } - virObjectLock(sess); if (!(auth =3D virNetSSHSessionAuthMethodNew(sess))) goto error; - auth->username =3D user; auth->method =3D VIR_NET_SSH_AUTH_PASSWORD; virObjectUnlock(sess); return 0; error: - VIR_FREE(user); virObjectUnlock(sess); return -1; } int -virNetSSHSessionAuthAddAgentAuth(virNetSSHSession *sess, - const char *username) +virNetSSHSessionAuthAddAgentAuth(virNetSSHSession *sess) { virNetSSHAuthMethod *auth; - char *user =3D NULL; - - if (!username) { - virReportError(VIR_ERR_SSH, "%s", - _("Username must be provided " - "for ssh agent authentication")); - return -1; - } virObjectLock(sess); - user =3D g_strdup(username); - if (!(auth =3D virNetSSHSessionAuthMethodNew(sess))) goto error; - auth->username =3D user; auth->method =3D VIR_NET_SSH_AUTH_AGENT; virObjectUnlock(sess); return 0; error: - VIR_FREE(user); virObjectUnlock(sess); return -1; } int virNetSSHSessionAuthAddPrivKeyAuth(virNetSSHSession *sess, - const char *username, const char *keyfile) { virNetSSHAuthMethod *auth; - if (!username || !keyfile) { + if (!keyfile) { virReportError(VIR_ERR_SSH, "%s", - _("Username and key file path must be provided " - "for private key authentication")); + _("Key file path must be provided for private key a= uthentication")); return -1; } @@ -1059,7 +1029,6 @@ virNetSSHSessionAuthAddPrivKeyAuth(virNetSSHSession *= sess, if (!(auth =3D virNetSSHSessionAuthMethodNew(sess))) return -1; - auth->username =3D g_strdup(username); auth->filename =3D g_strdup(keyfile); auth->method =3D VIR_NET_SSH_AUTH_PRIVKEY; @@ -1069,27 +1038,15 @@ virNetSSHSessionAuthAddPrivKeyAuth(virNetSSHSession= *sess, int virNetSSHSessionAuthAddKeyboardAuth(virNetSSHSession *sess, - const char *username, int tries) { virNetSSHAuthMethod *auth; - char *user =3D NULL; - - if (!username) { - virReportError(VIR_ERR_SSH, "%s", - _("Username must be provided " - "for ssh agent authentication")); - return -1; - } virObjectLock(sess); - user =3D g_strdup(username); - if (!(auth =3D virNetSSHSessionAuthMethodNew(sess))) goto error; - auth->username =3D user; auth->tries =3D tries; auth->method =3D VIR_NET_SSH_AUTH_KEYBOARD_INTERACTIVE; @@ -1097,7 +1054,6 @@ virNetSSHSessionAuthAddKeyboardAuth(virNetSSHSession = *sess, return 0; error: - VIR_FREE(user); virObjectUnlock(sess); return -1; @@ -1170,7 +1126,7 @@ virNetSSHSessionSetHostKeyVerification(virNetSSHSessi= on *sess, } /* allocate and initialize a ssh session object */ -virNetSSHSession *virNetSSHSessionNew(void) +virNetSSHSession *virNetSSHSessionNew(const char *username) { virNetSSHSession *sess =3D NULL; @@ -1180,6 +1136,8 @@ virNetSSHSession *virNetSSHSessionNew(void) if (!(sess =3D virObjectLockableNew(virNetSSHSessionClass))) goto error; + sess->username =3D g_strdup(username); + /* initialize session data, use the internal data for callbacks * and stick to default memory management functions */ if (!(sess->session =3D libssh2_session_init_ex(NULL, diff --git a/src/rpc/virnetsshsession.h b/src/rpc/virnetsshsession.h index 8d6c99c547..8187346000 100644 --- a/src/rpc/virnetsshsession.h +++ b/src/rpc/virnetsshsession.h @@ -25,7 +25,7 @@ typedef struct _virNetSSHSession virNetSSHSession; -virNetSSHSession *virNetSSHSessionNew(void); +virNetSSHSession *virNetSSHSessionNew(const char *username); void virNetSSHSessionFree(virNetSSHSession *sess); typedef enum { @@ -48,18 +48,14 @@ int virNetSSHSessionAuthSetCallback(virNetSSHSession *s= ess, virConnectAuthPtr auth); int virNetSSHSessionAuthAddPasswordAuth(virNetSSHSession *sess, - virURI *uri, - const char *username); + virURI *uri); -int virNetSSHSessionAuthAddAgentAuth(virNetSSHSession *sess, - const char *username); +int virNetSSHSessionAuthAddAgentAuth(virNetSSHSession *sess); int virNetSSHSessionAuthAddPrivKeyAuth(virNetSSHSession *sess, - const char *username, const char *keyfile); int virNetSSHSessionAuthAddKeyboardAuth(virNetSSHSession *sess, - const char *username, int tries); int virNetSSHSessionSetHostKeyVerification(virNetSSHSession *sess, --=20 2.38.1 From nobody Sat May 18 22:54:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673972655; cv=none; d=zohomail.com; s=zohoarc; b=VVbNIh8vo4+NIgwD2GLsJ9zGjmo0FTe+WEOSxDW/b1/G37scksB25qm35uSOOGkCylnyv++8oi9QIM5cl3KVxjXkv9wJXZ+bHxLZuv1Cpz1egzpHv7UGZpmy8DV7CSEPVAz4zLdF48xXbOPP+60ckyxBhyUj9Ta+28E29qeFxF4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673972655; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=z516GjIeFigHteUPL+0LxorriieBngOMu4rBjyPrcZc=; b=Of+OgvbyN407jJe6jKf+OQ9VRXxnSLfPe4Z5rs+g+uXSdL1d74Q2c56O+vAdxRXSsM6edM9Wft1FzXsSpJCXeDfE0jiJACnBt/6KPCxL/xyJCFav4S5DEB22LdxHSU7dNVg3tRifohVFsuvVM8ixPBO8pPQ0751Y1vvddPfUui8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1673972655692450.8173504955738; Tue, 17 Jan 2023 08:24:15 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-661-IU7lTaZNOPaSQtYYXnf_6A-1; Tue, 17 Jan 2023 11:21:43 -0500 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C05DF8065D5; Tue, 17 Jan 2023 16:20:52 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id ABFC0492B10; Tue, 17 Jan 2023 16:20:52 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 9124B19465A4; Tue, 17 Jan 2023 16:20:52 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id CC1BB19465A3 for ; Tue, 17 Jan 2023 16:20:51 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id B1AE11121319; Tue, 17 Jan 2023 16:20:51 +0000 (UTC) Received: from speedmetal.lan (ovpn-208-29.brq.redhat.com [10.40.208.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id 304CA1121315 for ; Tue, 17 Jan 2023 16:20:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673972651; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=z516GjIeFigHteUPL+0LxorriieBngOMu4rBjyPrcZc=; b=ctqsGQ39y6dYAyJNK32HY6y4ZsT4EF1deNuKQTYXbB4lG99yjvdwD7WzlIxTJRYNSdqp4k z6a0j2mpwTz6LbB9fy0SVS5Yji9mJaKBmFmeFm9k7s28FH+8VpJO/2toUz5a92u3TRrAw2 Pn3jYWfSSGnS+8c+wKqcGIFgW1QEGr8= X-MC-Unique: IU7lTaZNOPaSQtYYXnf_6A-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 09/15] util: auth: Introduce virAuthAskCredential Date: Tue, 17 Jan 2023 17:20:34 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673972657388100001 Content-Type: text/plain; charset="utf-8" The helper uses the user-provided auth callbacks to ask the user. The helper encapsulates the steps we do to query the user in few places into a common helper which can be then used further. Signed-off-by: Peter Krempa Reviewed-by: Jonathon Jongsma --- src/libvirt_private.syms | 2 ++ src/util/virauth.c | 66 ++++++++++++++++++++++++++++++++++++++++ src/util/virauth.h | 7 +++++ 3 files changed, 75 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 576ec8f95f..5616c0d44c 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1850,6 +1850,8 @@ virAuditSend; # util/virauth.h +virAuthAskCredential; +virAuthConnectCredentialFree; virAuthGetConfigFilePath; virAuthGetConfigFilePathURI; virAuthGetPassword; diff --git a/src/util/virauth.c b/src/util/virauth.c index b9c2ae3ed1..aa1da80266 100644 --- a/src/util/virauth.c +++ b/src/util/virauth.c @@ -31,6 +31,7 @@ #include "virerror.h" #include "configmake.h" #include "virauthconfig.h" +#include "virsecureerase.h" #define VIR_FROM_THIS VIR_FROM_AUTH @@ -283,3 +284,68 @@ virAuthGetPassword(virConnectPtr conn, return virAuthGetPasswordPath(path, auth, servicename, username, hostn= ame); } + + +void +virAuthConnectCredentialFree(virConnectCredential *cred) +{ + if (cred->result) { + virSecureErase(cred->result, cred->resultlen); + g_free(cred->result); + } + g_free(cred); +} + + +/** + * virAuthAskCredential: + * @auth: authentication callback data + * @prompt: question string to ask the user + * @echo: true if user's reply should be considered sensitive and not echo= ed + * + * Invoke the authentication callback for the connection @auth and ask the= user + * the question in @prompt. If @echo is true user's reply should be collec= ted + * as sensitive (user's input not printed on screen). + */ +virConnectCredential * +virAuthAskCredential(virConnectAuthPtr auth, + const char *prompt, + bool echo) +{ + g_autoptr(virConnectCredential) ret =3D g_new0(virConnectCredential, 1= ); + size_t i; + + ret->type =3D -1; + + for (i =3D 0; i < auth->ncredtype; ++i) { + int type =3D auth->credtype[i]; + if (echo) { + if (type =3D=3D VIR_CRED_ECHOPROMPT) { + ret->type =3D type; + break; + } + } else { + if (type =3D=3D VIR_CRED_PASSPHRASE || + type =3D=3D VIR_CRED_NOECHOPROMPT) { + ret->type =3D type; + break; + } + } + } + + if (ret->type =3D=3D -1) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", + _("no suitable callback authentication callback was= found")); + return NULL; + } + + ret->prompt =3D prompt; + + if (auth->cb(ret, 1, auth->cbdata)) { + virReportError(VIR_ERR_OPERATION_FAILED, "%s", + _("failed to retrieve user response for authenticat= ion callback")); + return NULL; + } + + return g_steal_pointer(&ret); +} diff --git a/src/util/virauth.h b/src/util/virauth.h index a0fd84962b..3eaf40c626 100644 --- a/src/util/virauth.h +++ b/src/util/virauth.h @@ -52,3 +52,10 @@ char * virAuthGetPasswordPath(const char *path, const char *servicename, const char *username, const char *hostname); + +virConnectCredential *virAuthAskCredential(virConnectAuthPtr auth, + const char *prompt, + bool echo); + +void virAuthConnectCredentialFree(virConnectCredential *cred); +G_DEFINE_AUTOPTR_CLEANUP_FUNC(virConnectCredential, virAuthConnectCredenti= alFree); --=20 2.38.1 From nobody Sat May 18 22:54:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673972735; cv=none; d=zohomail.com; s=zohoarc; b=bro1C3M2k/rPF22p6UR/FQo1s2ueQgigHv2IHJpImC1dcCfAQvL0Uu6a7in8nkE9gxV/KfexUywU9sgq33SKnr7ZdQ1FdAf5IbRXSb3kIv0+aXC2O6yS13Wrxb/nU0mV2iqNRIUJvRL9esRGl0//cGubMo5K0wfd2YFoErRg3qs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673972735; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=AKbfXym6QxZa7Ww55C9vm9N0WoRQ8lCngyBATChM8kw=; b=LbsjZ7oh6V40w3Xm5uLgkcN+TE8zr234vQz8UYMfGFIZ9F779mITzE0wpmd9O5dAvBTLZNeyzzGyHi7J6MaGH5TErG44VcuA/JGxvFYpEqlcaBWKLJHq9RHQ7UuM+/xmVJQJOjf4ZvOp/AJFrutwc78qg7eLzjrPMzJIuM0c0y4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1673972735003141.45705640972426; Tue, 17 Jan 2023 08:25:35 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-441-BTtAKYnOMuu81xSk6ieoGA-1; Tue, 17 Jan 2023 11:24:05 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C6B3081DBE1; Tue, 17 Jan 2023 16:20:59 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id B14CD1121315; Tue, 17 Jan 2023 16:20:59 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id A2EC119465A4; Tue, 17 Jan 2023 16:20:59 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id C813D1947041 for ; Tue, 17 Jan 2023 16:20:52 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 9A46D1121315; Tue, 17 Jan 2023 16:20:52 +0000 (UTC) Received: from speedmetal.lan (ovpn-208-29.brq.redhat.com [10.40.208.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1D61B112131E for ; Tue, 17 Jan 2023 16:20:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673972732; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=AKbfXym6QxZa7Ww55C9vm9N0WoRQ8lCngyBATChM8kw=; b=dxDCyn/sqGQ2TIXfn1LrXLHty7/FK+FoyvId/MhEg5KytdUmh1tt2kYBz6UU8TmKZfDo1G TuX9RReyJMvdra41EJNnNV0cVM0AFuKtIdzwyyOznKY2yAz5tFYERZdD8xpocuklU30Wox h1W3nVjuva+P5LcrpBNiUAPIiuQ8h0U= X-MC-Unique: BTtAKYnOMuu81xSk6ieoGA-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 10/15] virNetLibsshAuthenticateKeyboardInteractive: Use virAuthAskCredential Date: Tue, 17 Jan 2023 17:20:35 +0100 Message-Id: <1d00f556dc7dbd75bf7dfdc69ec02527a37d9c50.1673972406.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673972735945100001 Content-Type: text/plain; charset="utf-8" Rework the code to use the new helper instead of open coding the auth callback interaction. Signed-off-by: Peter Krempa Reviewed-by: Jonathon Jongsma --- src/rpc/virnetlibsshsession.c | 47 ++++++----------------------------- 1 file changed, 7 insertions(+), 40 deletions(-) diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c index 084224b3f8..942f8526c2 100644 --- a/src/rpc/virnetlibsshsession.c +++ b/src/rpc/virnetlibsshsession.c @@ -647,26 +647,17 @@ virNetLibsshAuthenticateKeyboardInteractive(virNetLib= sshSession *sess, virBufferAddChar(&buff, '\n'); for (iprompt =3D 0; iprompt < nprompts; ++iprompt) { - virConnectCredential retr_passphrase; const char *promptStr; int promptStrLen; char echo; - char *prompt =3D NULL; - int cred_type; + g_autofree char *prompt =3D NULL; + g_autoptr(virConnectCredential) cred =3D NULL; /* get the prompt */ promptStr =3D ssh_userauth_kbdint_getprompt(sess->session, ipr= ompt, &echo); promptStrLen =3D virLengthForPromptString(promptStr); - cred_type =3D virCredTypeForPrompt(sess->cred, echo); - if (cred_type =3D=3D -1) { - virReportError(VIR_ERR_LIBSSH, "%s", - _("no suitable callback for input of keyboa= rd " - "response")); - goto prompt_error; - } - /* create the prompt for the user, using the instruction * buffer if specified */ @@ -681,42 +672,18 @@ virNetLibsshAuthenticateKeyboardInteractive(virNetLib= sshSession *sess, prompt =3D g_strndup(promptStr, promptStrLen); } - memset(&retr_passphrase, 0, sizeof(virConnectCredential)); - retr_passphrase.type =3D cred_type; - retr_passphrase.prompt =3D prompt; - - if (retr_passphrase.type =3D=3D -1) { - virReportError(VIR_ERR_LIBSSH, "%s", - _("no suitable callback for input of key " - "passphrase")); - goto prompt_error; - } - - if (sess->cred->cb(&retr_passphrase, 1, sess->cred->cbdata)) { - virReportError(VIR_ERR_LIBSSH, "%s", - _("failed to retrieve keyboard interactive " - "result: callback has failed")); - goto prompt_error; - } + if (!(cred =3D virAuthAskCredential(sess->cred, prompt, echo))) + return SSH_AUTH_ERROR; - VIR_FREE(prompt); - - ret =3D ssh_userauth_kbdint_setanswer(sess->session, iprompt, - retr_passphrase.result); - virSecureEraseString(retr_passphrase.result); - g_free(retr_passphrase.result); - if (ret < 0) { + if (ssh_userauth_kbdint_setanswer(sess->session, iprompt, + cred->result) < 0) { errmsg =3D ssh_get_error(sess->session); virReportError(VIR_ERR_AUTH_FAILED, _("authentication failed: %s"), errmsg); - goto prompt_error; + return SSH_AUTH_ERROR; } continue; - - prompt_error: - VIR_FREE(prompt); - return SSH_AUTH_ERROR; } ret =3D ssh_userauth_kbdint(sess->session, NULL, NULL); --=20 2.38.1 From nobody Sat May 18 22:54:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673972546; cv=none; d=zohomail.com; s=zohoarc; b=JYZgO7ZYjyf7P/UMcxB2EY+UigTo7w4AqEF02q+XgmLeGO7SWfX7PUBxRee8hj7uEYtspMigV21iQyxMBwAFxp1E959Llo/UKPDO+E/xUeJTdP9tZg1TCfPdZ69jggt6+OkmFlsRHzYO9X3NDyYFHwehGIMgSvfV3oMLNThPvDA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673972546; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=o0vK1Gf8e1K6B4gCcJWTEmNV1z+nmF/3mKcRi+AV8vA=; b=aNxPpY/uzGk5kfB880XEuBm57Qvv7Onlqfxm1UlfS6BnM2lRNacX736vbC6wBoS1fcnrAL3VbJPcidN2k4x6jOFcUehqQcqgs+88NJ+iNiRDBzG736V4+fm/QZQP8/2uCQaAIBzivqVywI2WHr0kExrz1AI3BNbUmRxcVwuI0sY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1673972546048879.8400894182101; Tue, 17 Jan 2023 08:22:26 -0800 (PST) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-427-zs6Fdz6SPdeeqnc3S4nsXA-1; Tue, 17 Jan 2023 11:22:10 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 29C3838288A6; Tue, 17 Jan 2023 16:20:56 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 15555140EBF5; Tue, 17 Jan 2023 16:20:56 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id EC2C919465A4; Tue, 17 Jan 2023 16:20:55 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id A802719465A3 for ; Tue, 17 Jan 2023 16:20:53 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 9B2AB1121315; Tue, 17 Jan 2023 16:20:53 +0000 (UTC) Received: from speedmetal.lan (ovpn-208-29.brq.redhat.com [10.40.208.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0CACC1121318 for ; Tue, 17 Jan 2023 16:20:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673972544; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=o0vK1Gf8e1K6B4gCcJWTEmNV1z+nmF/3mKcRi+AV8vA=; b=A8lJwVEg2J6DjxSMx8Ta3d8H1k6oIqX7fcKVxF+A8v3PF2QMKc0sLv2+Yi4SHdVFgzyyIN thbxbSirGjr+m8MpXDedrU4YvWiqZcSGeiZATM75gzsKVTzoO9+OOePBez3KvL1n+eYSij 3AXCqKpzJmsRgiWrz1J7Qm2XuF8kdRU= X-MC-Unique: zs6Fdz6SPdeeqnc3S4nsXA-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 11/15] virNetLibsshAuthenticatePrivkeyCb: Use virAuthAskCredential Date: Tue, 17 Jan 2023 17:20:36 +0100 Message-Id: <307f4ad471e331495aed74481e6086b479521e75.1673972406.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673972547073100001 Content-Type: text/plain; charset="utf-8" Signed-off-by: Peter Krempa Reviewed-by: Jonathon Jongsma --- src/rpc/virnetlibsshsession.c | 26 +++----------------------- 1 file changed, 3 insertions(+), 23 deletions(-) diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c index 942f8526c2..748c1ed569 100644 --- a/src/rpc/virnetlibsshsession.c +++ b/src/rpc/virnetlibsshsession.c @@ -394,10 +394,8 @@ virNetLibsshAuthenticatePrivkeyCb(const char *prompt, void *userdata) { virNetLibsshSession *sess =3D userdata; - virConnectCredential retr_passphrase; - int cred_type; g_autofree char *actual_prompt =3D NULL; - int p; + g_autoptr(virConnectCredential) cred =3D NULL; /* request user's key password */ if (!sess->cred || !sess->cred->cb) { @@ -407,30 +405,12 @@ virNetLibsshAuthenticatePrivkeyCb(const char *prompt, return -1; } - cred_type =3D virCredTypeForPrompt(sess->cred, echo); - if (cred_type =3D=3D -1) { - virReportError(VIR_ERR_LIBSSH, "%s", - _("no suitable callback for input of key passphrase= ")); - return -1; - } - actual_prompt =3D g_strndup(prompt, virLengthForPromptString(prompt)); - memset(&retr_passphrase, 0, sizeof(virConnectCredential)); - retr_passphrase.type =3D cred_type; - retr_passphrase.prompt =3D actual_prompt; - - if (sess->cred->cb(&retr_passphrase, 1, sess->cred->cbdata)) { - virReportError(VIR_ERR_LIBSSH, "%s", - _("failed to retrieve private key passphrase: " - "callback has failed")); + if (!(cred =3D virAuthAskCredential(sess->cred, actual_prompt, echo))) return -1; - } - p =3D virStrcpy(buf, retr_passphrase.result, len); - virSecureEraseString(retr_passphrase.result); - g_free(retr_passphrase.result); - if (p < 0) { + if (virStrcpy(buf, cred->result, len) < 0) { virReportError(VIR_ERR_LIBSSH, "%s", _("passphrase is too long for the buffer")); return -1; --=20 2.38.1 From nobody Sat May 18 22:54:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673973270; cv=none; d=zohomail.com; s=zohoarc; b=BWYyh945/YPedu1jgYArojmkBEl869Rw8iwCUVj74frQTAYsjkP5W4lFoyWIucSI2mafx781LaQzVWwzyBvcvA6FIf+IIeSrFExJl1gOlKITWNOoSqJTPXHnz4AMKo+yDKb7xZUEdmYJUnZQJgVkoyvJpSIVan50n0JOf2BGV8M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673973270; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=E/RNoPl7s85wrAwpf1jGamIdesg9i5/+HAbV3ihiB7M=; b=Mi5aCqZOSZergt8uzOlIpx/V8RQGbcabMhesDNZ7WQK/i7HKXZN3kdnkjUvDnbmv7ZRqPd854l1z2OnoJRWjiPT2ERgMFokaMvz332mwemasXbj/bW4mqkztyyHiQvQED1y494DZN0/ZLJnClplsCnZ3rBdUghVWrjcoxp5oAKE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1673973270226835.8431701035693; Tue, 17 Jan 2023 08:34:30 -0800 (PST) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-121-ZGTvG9gCMHC9NtuWUrWHaA-1; Tue, 17 Jan 2023 11:21:13 -0500 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 8ED7F1C00409; Tue, 17 Jan 2023 16:20:56 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 710B12166B2F; Tue, 17 Jan 2023 16:20:56 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 2F5901946A77; Tue, 17 Jan 2023 16:20:56 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id B555919465A3 for ; Tue, 17 Jan 2023 16:20:54 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 9B92F1121315; Tue, 17 Jan 2023 16:20:54 +0000 (UTC) Received: from speedmetal.lan (ovpn-208-29.brq.redhat.com [10.40.208.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0FD051121318 for ; Tue, 17 Jan 2023 16:20:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673973268; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=E/RNoPl7s85wrAwpf1jGamIdesg9i5/+HAbV3ihiB7M=; b=cwBOFWNrW8GrhMjax0YyFzOmwXAStFBAGpoosZop54v/WzdVOIvYcv1e7vBsaXyBDNqhLz gzj4oRsPfVJ9hG6cLr746V6N7SxF9cTSBcfVbuDgOBdAPx8dd564ImKhlchfGSVGfEXl+m udRG6quSGmHj0vkhgXaEudmi5ApTo+8= X-MC-Unique: ZGTvG9gCMHC9NtuWUrWHaA-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 12/15] util: virauth: Export virAuthGetCredential Date: Tue, 17 Jan 2023 17:20:37 +0100 Message-Id: <30c587ccd43233ca3f22f2c949c6c04e4bcbb818.1673972406.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673973270715100001 Content-Type: text/plain; charset="utf-8" Signed-off-by: Peter Krempa Reviewed-by: Jonathon Jongsma --- src/libvirt_private.syms | 1 + src/util/virauth.c | 2 +- src/util/virauth.h | 5 +++++ 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 5616c0d44c..59ae5c2720 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1854,6 +1854,7 @@ virAuthAskCredential; virAuthConnectCredentialFree; virAuthGetConfigFilePath; virAuthGetConfigFilePathURI; +virAuthGetCredential; virAuthGetPassword; virAuthGetPasswordPath; virAuthGetUsername; diff --git a/src/util/virauth.c b/src/util/virauth.c index aa1da80266..e33658d356 100644 --- a/src/util/virauth.c +++ b/src/util/virauth.c @@ -99,7 +99,7 @@ virAuthGetConfigFilePath(virConnectPtr conn, } -static int +int virAuthGetCredential(const char *servicename, const char *hostname, const char *credname, diff --git a/src/util/virauth.h b/src/util/virauth.h index 3eaf40c626..589f3df6b7 100644 --- a/src/util/virauth.h +++ b/src/util/virauth.h @@ -42,6 +42,11 @@ char *virAuthGetPassword(virConnectPtr conn, const char *servicename, const char *username, const char *hostname); +int virAuthGetCredential(const char *servicename, + const char *hostname, + const char *credname, + const char *path, + char **value); char * virAuthGetUsernamePath(const char *path, virConnectAuthPtr auth, const char *servicename, --=20 2.38.1 From nobody Sat May 18 22:54:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673972478; cv=none; d=zohomail.com; s=zohoarc; b=DuvFJMFI9g4nV9SJDhny6SDTZJ1+KdEi+s0murUO8gZdWaGD1oTCkPvbQawp4Gl+XjKGoSiv3/YagKDOtwlCCHikWHWFJoqZr86g7WOQ4ARDhSXfzLXxbHefLziEjJ+QVqJzzh0odsLlZga3YnDGXELq2OZe6i4BHs7NZomE4tk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673972478; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ZC42vDRbtQGM2tW2cn7FFMUe173T7FpBTsRIOh8YsyU=; b=l9fMG2FhGzSLA1k+I9I1uCZdlJU1ZTp/riZ+/zoAm5uMOK72tIr7x3e/qO6IX1FSSPI3ObG1wrhvrwlRyEQJk6jpB8cRkxq4C3demIaRMGgcfKOrmx8SXxdqzGn4fjthCwW1wayAvp58T7yRK0kV+SHXZMv5j0mO0sQ4vQ0GN9I= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1673972478783191.20275680501038; Tue, 17 Jan 2023 08:21:18 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-311-kd2xWkQqOzmYmVkoVRIqlQ-1; Tue, 17 Jan 2023 11:21:14 -0500 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C15B1810BD5; Tue, 17 Jan 2023 16:20:56 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id A616F39D6D; Tue, 17 Jan 2023 16:20:56 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 68DE51947044; Tue, 17 Jan 2023 16:20:56 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id B416419465A3 for ; Tue, 17 Jan 2023 16:20:55 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 973311121318; Tue, 17 Jan 2023 16:20:55 +0000 (UTC) Received: from speedmetal.lan (ovpn-208-29.brq.redhat.com [10.40.208.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0E0881121315 for ; Tue, 17 Jan 2023 16:20:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673972477; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=ZC42vDRbtQGM2tW2cn7FFMUe173T7FpBTsRIOh8YsyU=; b=PYsSkgebaZ67hV6ygnV9MnSIvEbKfjvGDYcBg7/0cG1+sqVlXVltb1ODsDYGKCU6cnov6r 0tR4wSnqMOyKKCLzzDAi98ZIpDk8r336K3KV8dFxW0lhUe8BHnlFQOZp4Ncw6USNMwmhXO QBUfq8yil3KbjCne1SBfIizwG3OuEQ4= X-MC-Unique: kd2xWkQqOzmYmVkoVRIqlQ-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 13/15] virNetLibsshCheckHostKey: Use virAuthAskCredential Date: Tue, 17 Jan 2023 17:20:38 +0100 Message-Id: <7f7e81e972ec68c426831f60d74e5737827345e7.1673972406.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673972480674100001 Content-Type: text/plain; charset="utf-8" Signed-off-by: Peter Krempa Reviewed-by: Jonathon Jongsma --- src/rpc/virnetlibsshsession.c | 57 +++++------------------------------ 1 file changed, 7 insertions(+), 50 deletions(-) diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c index 748c1ed569..ecee30e5df 100644 --- a/src/rpc/virnetlibsshsession.c +++ b/src/rpc/virnetlibsshsession.c @@ -218,27 +218,6 @@ virLibsshServerKeyAsString(virNetLibsshSession *sess) return str; } -static int -virCredTypeForPrompt(virConnectAuthPtr cred, char echo) -{ - size_t i; - - for (i =3D 0; i < cred->ncredtype; ++i) { - int type =3D cred->credtype[i]; - if (echo) { - if (type =3D=3D VIR_CRED_ECHOPROMPT) - return type; - } else { - if (type =3D=3D VIR_CRED_PASSPHRASE || - type =3D=3D VIR_CRED_NOECHOPROMPT) { - return type; - } - } - } - - return -1; -} - static int virLengthForPromptString(const char *str) { @@ -296,9 +275,8 @@ virNetLibsshCheckHostKey(virNetLibsshSession *sess) case SSH_SERVER_NOT_KNOWN: /* key was not found, query to add it to database */ if (sess->hostKeyVerify =3D=3D VIR_NET_LIBSSH_HOSTKEY_VERIFY_NORMA= L) { - virConnectCredential askKey; - int cred_type; - char *tmp; + g_autoptr(virConnectCredential) cred =3D NULL; + g_autofree char *prompt =3D NULL; /* ask to add the key */ if (!sess->cred || !sess->cred->cb) { @@ -308,48 +286,27 @@ virNetLibsshCheckHostKey(virNetLibsshSession *sess) return -1; } - cred_type =3D virCredTypeForPrompt(sess->cred, 1 /* echo */); - if (cred_type =3D=3D -1) { - virReportError(VIR_ERR_LIBSSH, "%s", - _("no suitable callback for host key " - "verification")); - return -1; - } - - /* prepare data for the callback */ - memset(&askKey, 0, sizeof(virConnectCredential)); - askKey.type =3D cred_type; - keyhashstr =3D virLibsshServerKeyAsString(sess); if (!keyhashstr) return -1; - tmp =3D g_strdup_printf(_("Accept SSH host key with hash '%s' = for " "host '%s:%d' (%s/%s)?"), - keyhashstr, sess->hostname, sess->port, = "y", "n"); - askKey.prompt =3D tmp; + prompt =3D g_strdup_printf(_("Accept SSH host key with hash '%= s' for " "host '%s:%d' (%s/%s)?"), + keyhashstr, sess->hostname, sess->por= t, "y", "n"); - if (sess->cred->cb(&askKey, 1, sess->cred->cbdata)) { - virReportError(VIR_ERR_LIBSSH, "%s", - _("failed to retrieve decision to accept " - "host key")); - VIR_FREE(tmp); + if (!(cred =3D virAuthAskCredential(sess->cred, prompt, false)= )) { ssh_string_free_char(keyhashstr); return -1; } - VIR_FREE(tmp); - - if (!askKey.result || - STRCASENEQ(askKey.result, "y")) { + if (!cred->result || + STRCASENEQ(cred->result, "y")) { virReportError(VIR_ERR_LIBSSH, _("SSH host key for '%s' (%s) was not accep= ted"), sess->hostname, keyhashstr); ssh_string_free_char(keyhashstr); - VIR_FREE(askKey.result); return -1; } ssh_string_free_char(keyhashstr); - VIR_FREE(askKey.result); } /* write the host key file, if specified */ --=20 2.38.1 From nobody Sat May 18 22:54:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673972483; cv=none; d=zohomail.com; s=zohoarc; b=CO5X4IsoUGgQpBHhGeb+AnxXXFvy9HlH53L7Qdb/eaalNcPBqL0hvwXn7edYmYWROaUx80CbInOgJOBqy3wb7KmV4LsGGe5h4vIoA7021JtBb2RjdFFz+z35LY2isHTBgNufeAxbOlcetkgIW57uG/5B+VRed0T9vkfG/uV4/oA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673972483; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=hbEG1DJP97/mp3N9e0FQEESiKD/sUev9dEEYtD7/+9I=; b=G1j+9EPyWI18jdcHx0p9vPz23V2R6BsKJDb4nKxOCXLaOuyQyZ7a++m+P3zP0AYEOUMvbESSLp/jcEtg/So68YAxv6HVv2FlIM+68qfrgMPn6Sblch2wvpuHpTUFEJlL1CjU/wobbr3Tu2n2OR0vAefUKiVeE1ECmalcfm/ZZ+E= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1673972483368482.9880400012129; Tue, 17 Jan 2023 08:21:23 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-483-KsKvHespNd-eNjoiaUWCjQ-1; Tue, 17 Jan 2023 11:21:17 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 15DE610395C7; Tue, 17 Jan 2023 16:20:58 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0148940C2064; Tue, 17 Jan 2023 16:20:58 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id D6B4019465A4; Tue, 17 Jan 2023 16:20:57 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id AB88D1946A6C for ; Tue, 17 Jan 2023 16:20:56 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 914DD112131E; Tue, 17 Jan 2023 16:20:56 +0000 (UTC) Received: from speedmetal.lan (ovpn-208-29.brq.redhat.com [10.40.208.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id 115C61121315 for ; Tue, 17 Jan 2023 16:20:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673972482; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=hbEG1DJP97/mp3N9e0FQEESiKD/sUev9dEEYtD7/+9I=; b=Z24xtBQ5lTdzkqetDC/B49AfENa78pOaMzN3O/fDC6r/+QUvire1WP4nGtUp1+oqAXjQCm raRJjLWkz50gtgf+kyl20m97vrSq1v48GFiH4BR5eYneLRrVP6AU4WxFpfONHAUoJVKTVF 8Y8ljRSDVQ+lvLztZYpTvsE9F10hRVA= X-MC-Unique: KsKvHespNd-eNjoiaUWCjQ-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 14/15] virNetLibsshAuthenticatePassword: Use virAuthAskPassword instead of virAuthGetPasswordPath Date: Tue, 17 Jan 2023 17:20:39 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673972484703100001 Content-Type: text/plain; charset="utf-8" virAuthGetPasswordPath can return the same password over and over if it's configured in the config. We rather want to try that only the first time and then ask the user instead. Signed-off-by: Peter Krempa Reviewed-by: Jonathon Jongsma --- src/rpc/virnetlibsshsession.c | 32 ++++++++++++++++++++++++-------- 1 file changed, 24 insertions(+), 8 deletions(-) diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c index ecee30e5df..7da7a90985 100644 --- a/src/rpc/virnetlibsshsession.c +++ b/src/rpc/virnetlibsshsession.c @@ -500,6 +500,7 @@ virNetLibsshAuthenticatePrivkey(virNetLibsshSession *se= ss, static int virNetLibsshAuthenticatePassword(virNetLibsshSession *sess) { + g_autofree char *password =3D NULL; const char *errmsg; int rc =3D SSH_AUTH_ERROR; @@ -513,19 +514,34 @@ virNetLibsshAuthenticatePassword(virNetLibsshSession = *sess) return SSH_AUTH_ERROR; } + /* first try to get password from config */ + if (virAuthGetCredential("ssh", sess->hostname, "password", sess->auth= Path, + &password) < 0) + return SSH_AUTH_ERROR; + + if (password) { + rc =3D ssh_userauth_password(sess->session, NULL, password); + virSecureEraseString(password); + + if (rc =3D=3D 0) + return SSH_AUTH_SUCCESS; + else if (rc !=3D SSH_AUTH_DENIED) + goto error; + } + /* Try the authenticating the set amount of times. The server breaks t= he * connection if maximum number of bad auth tries is exceeded */ while (true) { - g_autofree char *password =3D NULL; + g_autoptr(virConnectCredential) cred =3D NULL; + g_autofree char *prompt =3D NULL; + + prompt =3D g_strdup_printf(_("Enter %s's password for %s"), + sess->username, sess->hostname); - if (!(password =3D virAuthGetPasswordPath(sess->authPath, sess->cr= ed, - "ssh", sess->username, - sess->hostname))) + if (!(cred =3D virAuthAskCredential(sess->cred, prompt, false))) return SSH_AUTH_ERROR; - /* tunnelled password authentication */ - rc =3D ssh_userauth_password(sess->session, NULL, password); - virSecureEraseString(password); + rc =3D ssh_userauth_password(sess->session, NULL, cred->result); if (rc =3D=3D 0) return SSH_AUTH_SUCCESS; @@ -533,7 +549,7 @@ virNetLibsshAuthenticatePassword(virNetLibsshSession *s= ess) break; } - /* error path */ + error: errmsg =3D ssh_get_error(sess->session); virReportError(VIR_ERR_AUTH_FAILED, _("authentication failed: %s"), errmsg); --=20 2.38.1 From nobody Sat May 18 22:54:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1673972484; cv=none; d=zohomail.com; s=zohoarc; b=M6hwf0cNfOBUc88gYM6t46KHuDkW9x+cDkKrLNCw6MAfMjjPRHKQFQpDnRedjeuEKwVAYJRtc2mHDykmuZ0nY2bqZZgm137jYgNQMp6vlj89zP5+0+E6IIQqLJ++k708JLNOourrmhcfE0zYxKH7oxRjIhcwc6FRekd+QID6EaE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1673972484; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Ysclke6659dK61QvPv/z5vRgDlUaV2cBaRd3weWw+VI=; b=lObXey/FRxe+KkQx2UkaTy0KQQOdOi7laqKbXegzWeiuHbdcQaQ6vbD9YJ/P6F/fOrLoR+bczUVEcAJ4t9ar/Z9t1iWqYih48OCuKydS+aGkzVZmKELA8dbI+pyGfNsgn5iJUfpSbSCKT7QChpYx7OG20p+0VF6AXOHjayjCBVo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 167397248463612.714991512252027; Tue, 17 Jan 2023 08:21:24 -0800 (PST) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-135-aC_8G0DLNESb33gmszvW_A-1; Tue, 17 Jan 2023 11:21:20 -0500 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5F7632999B4E; Tue, 17 Jan 2023 16:20:58 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 49C662026D4B; Tue, 17 Jan 2023 16:20:58 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 1A2FA1946A77; Tue, 17 Jan 2023 16:20:58 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 9D45A19465A3 for ; Tue, 17 Jan 2023 16:20:57 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 90BA51121315; Tue, 17 Jan 2023 16:20:57 +0000 (UTC) Received: from speedmetal.lan (ovpn-208-29.brq.redhat.com [10.40.208.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id 01E17112131E for ; Tue, 17 Jan 2023 16:20:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1673972483; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=Ysclke6659dK61QvPv/z5vRgDlUaV2cBaRd3weWw+VI=; b=ZZCvAKdORYe1Rz+GP/fyp8fF6RADSUkh4U+SI7PtihOyxsu+RU4eknOD6zUAxQ1r7MYFCJ BnxfIFem9YTHEkVzvAcBFZl8CwpE4kIHPXyNoBb3J8h3Q9aL7xk302WnE4wTZ21OzPXfyV vcA3v+amnUi9fCZidghkCa70t3pTM4c= X-MC-Unique: aC_8G0DLNESb33gmszvW_A-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 15/15] virAuthGetPasswordPath: Use virAuthAskCredential for callback interaction Date: Tue, 17 Jan 2023 17:20:40 +0100 Message-Id: <19b166b7718870a27b186862e4159a85b463e69d.1673972406.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1673972486725100003 Content-Type: text/plain; charset="utf-8" Replace the open-coded variant by the new helper. Signed-off-by: Peter Krempa Reviewed-by: Jonathon Jongsma --- src/util/virauth.c | 39 ++++----------------------------------- 1 file changed, 4 insertions(+), 35 deletions(-) diff --git a/src/util/virauth.c b/src/util/virauth.c index e33658d356..14c48f7e25 100644 --- a/src/util/virauth.c +++ b/src/util/virauth.c @@ -215,8 +215,7 @@ virAuthGetPasswordPath(const char *path, const char *username, const char *hostname) { - unsigned int ncred; - virConnectCredential cred; + g_autoptr(virConnectCredential) cred =3D NULL; g_autofree char *prompt =3D NULL; char *ret =3D NULL; @@ -231,42 +230,12 @@ virAuthGetPasswordPath(const char *path, return NULL; } - memset(&cred, 0, sizeof(virConnectCredential)); - prompt =3D g_strdup_printf(_("Enter %s's password for %s"), username, = hostname); - for (ncred =3D 0; ncred < auth->ncredtype; ncred++) { - if (auth->credtype[ncred] !=3D VIR_CRED_PASSPHRASE && - auth->credtype[ncred] !=3D VIR_CRED_NOECHOPROMPT) { - continue; - } - - if (!auth->cb) { - virReportError(VIR_ERR_INVALID_ARG, "%s", - _("Missing authentication callback")); - return NULL; - } - - cred.type =3D auth->credtype[ncred]; - cred.prompt =3D prompt; - cred.challenge =3D hostname; - cred.defresult =3D NULL; - cred.result =3D NULL; - cred.resultlen =3D 0; - - if ((*(auth->cb))(&cred, 1, auth->cbdata) < 0) { - virReportError(VIR_ERR_AUTH_FAILED, "%s", - _("Password request failed")); - VIR_FREE(cred.result); - } - - return cred.result; - } + if (!(cred =3D virAuthAskCredential(auth, prompt, false))) + return NULL; - virReportError(VIR_ERR_AUTH_FAILED, "%s", - _("Missing VIR_CRED_PASSPHRASE or VIR_CRED_NOECHOPROMPT= " - "credential type")); - return NULL; + return g_steal_pointer(&cred->result); } --=20 2.38.1