From nobody Sat May 30 15:28:31 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 38.145.34.151 as permitted sender) client-ip=38.145.34.151; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 38.145.34.151 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org ARC-Seal: i=1; a=rsa-sha256; t=1778843321; cv=none; d=zohomail.com; s=zohoarc; b=VCxQXcz25TM8U4TU+LTIA/tUkMrEEQiwzJGq7sWriDcCoEzccuOYEe0XY/47qww04WCGQxH5VS85bxDe7jcZJbznBNwuluGEwsbtgfnNxJGgG/nxQjOg7DDRHXNN0e+mbld0DUSTZs7ehQvcFmkJfAP2HBEfhFS+ZN251v8DiQI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1778843321; h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc; bh=qjt2wedUk88QWIthLaTnvGKZORy2K8eW3YRESd3RfWY=; b=ewHLwzjMWIiq388SpB0kXcPlL8wvzpbBrMp8b6P0+cI6oUlPvtLoDYiLART16X1XEaapOAYQnnC2Z7NcK4ZFP4M7ZahF2zUO1RtOgB4iFw6yGKwja6Z7fK/cq1cRo/G+364/nHJP/KxMhHNhKRxI6EGIqa5ljyrMABIp1ufV33U= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 38.145.34.151 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [38.145.34.151]) by mx.zohomail.com with SMTPS id 1778843321967662.373932454968; Fri, 15 May 2026 04:08:41 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 993) id D143641964; Fri, 15 May 2026 07:08:40 -0400 (EDT) Received: from [172.19.199.12] (unknown [10.16.107.18]) by lists.libvirt.org (Postfix) with ESMTP id 9B9BF41B02; Fri, 15 May 2026 07:06:09 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 993) id 426DE418E2; Fri, 15 May 2026 07:05:42 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 9D3D63F2F5 for ; Fri, 15 May 2026 07:05:41 -0400 (EDT) Received: from mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-543-3Dq-MTs0OXC62LMvKMww_g-1; Fri, 15 May 2026 07:05:38 -0400 Received: from mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.93]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 7B4C218005B3 for ; Fri, 15 May 2026 11:05:37 +0000 (UTC) Received: from moe (unknown [10.43.3.236]) by mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id D90CD18001E8 for ; Fri, 15 May 2026 11:05:36 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL,SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=4.0.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1778843141; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=qjt2wedUk88QWIthLaTnvGKZORy2K8eW3YRESd3RfWY=; b=PPf3a9Vhj5uCSTjW1nywj0msfK2TBikJdzloFfxSABr347axqTbjm7i+QEviNDx2ySno+S BbCmgAo5uSa7js+vyZQVxb8+5ELRNQuXpjyAzI37ZzzNv56r4l6HhzapVMQRlhLRcLBGwZ ds+gYLGb2F/0MU6ChdUx/dRUuH2QeQA= X-MC-Unique: 3Dq-MTs0OXC62LMvKMww_g-1 X-Mimecast-MFC-AGG-ID: 3Dq-MTs0OXC62LMvKMww_g_1778843137 To: devel@lists.libvirt.org Subject: [PATCH 1/3] virnetsshsession: Don't check for auth callbacks in virNetSSHAuthenticatePassword() Date: Fri, 15 May 2026 13:05:31 +0200 Message-ID: <4df7aa0ce674e7702c70adabd50b733464be9e97.1778842835.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.93 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: PAGaT0QG-0c6yEpC5vc4K-i6kKxQuAklBO_7DZrBInM_1778843137 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: EKVQDBY3EWZ7NYR37CTXMESON447EWA7 X-Message-ID-Hash: EKVQDBY3EWZ7NYR37CTXMESON447EWA7 X-MailFrom: mprivozn@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Michal Privoznik via Devel Reply-To: Michal Privoznik X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1778843323059158500 Content-Type: text/plain; charset="utf-8"; x-default="true" From: Michal Privoznik For the VIR_NET_SSH_AUTH_PASSWORD authentication mechanism the virNetSSHAuthenticatePassword() is called. Inside it, virAuthGetPasswordPath() is called to obtain password. Firstly reading from our auth.conf file is attempted and if that fails then corresponding callback from virConnectAuthCallbackPtr is called. But virAuthGetPasswordPath() checks whether the callback is NULL or not. There is no need for virNetSSHAuthenticatePassword() to check it too. Drop the duplicate check. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko Tested-by: Richrad W.M. Jones --- src/rpc/virnetsshsession.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/src/rpc/virnetsshsession.c b/src/rpc/virnetsshsession.c index 83c8630480..3f60315822 100644 --- a/src/rpc/virnetsshsession.c +++ b/src/rpc/virnetsshsession.c @@ -661,13 +661,6 @@ virNetSSHAuthenticatePassword(virNetSSHSession *sess) =20 VIR_DEBUG("sess=3D%p", sess); =20 - /* password authentication with interactive password request */ - if (!sess->cred || !sess->cred->cb) { - virReportError(VIR_ERR_SSH, "%s", - _("Can't perform authentication: Authentication cal= lback not provided")); - goto cleanup; - } - /* Try the authenticating the set amount of times. The server breaks t= he * connection if maximum number of bad auth tries is exceeded */ while (true) { --=20 2.53.0 From nobody Sat May 30 15:28:31 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 38.145.34.151 as permitted sender) client-ip=38.145.34.151; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 38.145.34.151 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org ARC-Seal: i=1; a=rsa-sha256; t=1778843265; cv=none; d=zohomail.com; s=zohoarc; b=R4eSUYsl+aLo2N8JRhqrme+qHhKvU+oV91sOnUOAlgYuqEBuDw4/6qfr0lcxKFuVJg7FDnWXu3OfHvWSqgL1xf1mhI/o5UwdFAVtSZ5152DyoEp5Ek2VLNx6eqQbR4h+JxDycH/M2sgoN0qQF4eaXLvYESB/9kGYcO3tmLH5BBg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1778843265; h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc; bh=/caaQV0c6bVEPLBkSLYqEEkjk1jdElqe1KKeW9bcNJY=; b=XBHryjdz8gf91sqdyw2Tx9u4StXCyvRbLQF4NEq8UlsUtvR/ISe1cAr6ENpc/9BSgY45EtZLIG1har+PeOYNGKuhp2Pnosnx6abKnbuBlKm+2D6VOujVU6XEh197XAn74ZE56nUTx1IaheYhbzkUkBqAaHBb1buc1TkaKh6gsYc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 38.145.34.151 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [38.145.34.151]) by mx.zohomail.com with SMTPS id 1778843265818313.0527676530155; Fri, 15 May 2026 04:07:45 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 993) id 97455418EA; Fri, 15 May 2026 07:07:44 -0400 (EDT) Received: from [172.19.199.12] (unknown [10.16.107.18]) by lists.libvirt.org (Postfix) with ESMTP id 1E98F41AC8; Fri, 15 May 2026 07:06:01 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 993) id CF2A03F8AE; Fri, 15 May 2026 07:05:41 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 237514184D for ; Fri, 15 May 2026 07:05:41 -0400 (EDT) Received: from mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-539-jzI7G53rNP2eTnnllkwepA-1; Fri, 15 May 2026 07:05:39 -0400 Received: from mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.93]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 81B26180034C for ; Fri, 15 May 2026 11:05:38 +0000 (UTC) Received: from moe (unknown [10.43.3.236]) by mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id E14B91800349 for ; Fri, 15 May 2026 11:05:37 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL,SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=4.0.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1778843140; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=/caaQV0c6bVEPLBkSLYqEEkjk1jdElqe1KKeW9bcNJY=; b=PvLm1ERXW2AGK40laL5SBbZKa1bZFQrl1wiYAMvftW1jsFTzdOQpfZqrhrpQ8nBZbUnchL NP8Lx/eUcZTej1oooVHqJpVe4TpanE4qmHkuFLZBaoz8T/gsfUSasIMyDiqntLP1v6QFKf 3Z3+ntTVV2LIXHD2KL4b7xUWHRR/tIA= X-MC-Unique: jzI7G53rNP2eTnnllkwepA-1 X-Mimecast-MFC-AGG-ID: jzI7G53rNP2eTnnllkwepA_1778843138 To: devel@lists.libvirt.org Subject: [PATCH 2/3] virnetlibsshsession: Check later for auth callback in virNetLibsshAuthenticatePassword() Date: Fri, 15 May 2026 13:05:32 +0200 Message-ID: <387000a077b7487355e9103139f89aa2d6678872.1778842835.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.93 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: 6VZ-By8fSxDjeE0l27XDDZ69uuGCJGePGdYKmK05ods_1778843138 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: 557LHWHWXWGTPIJ7Z3FXYXANXRZFCUCD X-Message-ID-Hash: 557LHWHWXWGTPIJ7Z3FXYXANXRZFCUCD X-MailFrom: mprivozn@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Michal Privoznik via Devel Reply-To: Michal Privoznik X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1778843266233158500 Content-Type: text/plain; charset="utf-8"; x-default="true" From: Michal Privoznik The first thing that virNetLibsshAuthenticatePassword() does is read password from config file. For this it does not need auth callback. If that password fails to authenticate then corresponding callback from the auth callback is called. This is actual place where auth callback should be checked for. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko Tested-by: Richrad W.M. Jones --- src/rpc/virnetlibsshsession.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c index 2f590ec1c4..bbcfb19e5c 100644 --- a/src/rpc/virnetlibsshsession.c +++ b/src/rpc/virnetlibsshsession.c @@ -517,13 +517,6 @@ virNetLibsshAuthenticatePassword(virNetLibsshSession *= sess) =20 VIR_DEBUG("sess=3D%p", sess); =20 - /* password authentication with interactive password request */ - if (!sess->cred || !sess->cred->cb) { - virReportError(VIR_ERR_LIBSSH, "%s", - _("Can't perform authentication: Authentication cal= lback not provided")); - return SSH_AUTH_ERROR; - } - /* first try to get password from config */ if (virAuthGetCredential("ssh", sess->hostname, "password", sess->auth= Path, &password) < 0) @@ -539,6 +532,13 @@ virNetLibsshAuthenticatePassword(virNetLibsshSession *= sess) goto error; } =20 + /* password authentication with interactive password request */ + if (!sess->cred || !sess->cred->cb) { + virReportError(VIR_ERR_LIBSSH, "%s", + _("Can't perform authentication: Authentication cal= lback not provided")); + return SSH_AUTH_ERROR; + } + /* Try the authenticating the set amount of times. The server breaks t= he * connection if maximum number of bad auth tries is exceeded */ while (true) { --=20 2.53.0 From nobody Sat May 30 15:28:31 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 38.145.34.151 as permitted sender) client-ip=38.145.34.151; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 38.145.34.151 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org ARC-Seal: i=1; a=rsa-sha256; t=1778843380; cv=none; d=zohomail.com; s=zohoarc; b=QAI5RVbP5Hm2oHPOBN/uF1I1RRewo+QO3ftf6wYMSdfQNWbyT6UfFPYYmWnZDEqaDvjrPzAGHzNMZMy+vHFloaOanah6CnbXKlPolsk/l0XQWGRGhliR7fTmK8Wav3JFHOGD1OzHZe6ibJnXwuCZTgLq8qg2vsoUFfP049dk+Mg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1778843380; h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc; bh=YQFY6YzF/HgjWXdWpHRXh+ziuHGe3G3pi5mmmUHaRcI=; b=cO87V9B9jo4vTqF0GZH0CUbDskjnL/DKsSHXT1wczq8N4fueV1Fbimnp2UbjbFcCJl848UwmmpgXdBl69B6/Q93z3+LUzlUIhSFTsOhj7KlGFldilsY7LFQ2fvQKXqz3lwtKivokj7vb24N2JPj3rAGeeZmu/Wmu7vP0kf7W5sc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 38.145.34.151 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [38.145.34.151]) by mx.zohomail.com with SMTPS id 1778843380468174.6730618187795; Fri, 15 May 2026 04:09:40 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 993) id 3A7CA418F6; Fri, 15 May 2026 07:09:39 -0400 (EDT) Received: from [172.19.199.12] (unknown [10.16.107.18]) by lists.libvirt.org (Postfix) with ESMTP id CFD774193C; Fri, 15 May 2026 07:06:18 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 993) id D65EF3F2F5; Fri, 15 May 2026 07:05:42 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id E44FB3F8AE for ; Fri, 15 May 2026 07:05:41 -0400 (EDT) Received: from mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-528-vOVaV-wSNW6syImukVhW_Q-1; Fri, 15 May 2026 07:05:40 -0400 Received: from mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.93]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 80DDD180060D for ; Fri, 15 May 2026 11:05:39 +0000 (UTC) Received: from moe (unknown [10.43.3.236]) by mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id DE86018001E8 for ; Fri, 15 May 2026 11:05:38 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H5, RCVD_IN_MSPIKE_WL,SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=4.0.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1778843141; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YQFY6YzF/HgjWXdWpHRXh+ziuHGe3G3pi5mmmUHaRcI=; b=OR00XDBl92chXl0anMaU0cGTSlzd2eoCBHrSNE3N9gULMEY4VcNkRhhAED4P+Kh06DxkEd bTrHq9nTccS0rhEVFxsT6SDH78YY6abHnwY4grfxUdHkeW1Z52GDd5NBhIwmY61qDnlajx HyVGCgGx+l6H+XNOHpjGowVUS8r9qSU= X-MC-Unique: vOVaV-wSNW6syImukVhW_Q-1 X-Mimecast-MFC-AGG-ID: vOVaV-wSNW6syImukVhW_Q_1778843139 To: devel@lists.libvirt.org Subject: [PATCH 3/3] virsh: Provide no auth callbacks for bash completer Date: Fri, 15 May 2026 13:05:33 +0200 Message-ID: <4de2a9b56e94d6c201e8e4fbe522ff59165062f3.1778842835.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.93 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: KTmdg6HeDc_O-vsx3UsesZfQSGjFk52NwrUPfD1F5DI_1778843139 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: TAWZ7XW7EIAODTJY55JW4ZURNJ6EH2YJ X-Message-ID-Hash: TAWZ7XW7EIAODTJY55JW4ZURNJ6EH2YJ X-MailFrom: mprivozn@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Michal Privoznik via Devel Reply-To: Michal Privoznik X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1778843381611158500 Content-Type: text/plain; charset="utf-8"; x-default="true" From: Michal Privoznik Our bash completion script parses (partially incomplete) command line and looks for two arguments: --readonly and --connect because in the next step it executes virsh with those two arguments like this: virsh --readonly --connect $URI complete -- "text to complete" Now, whenever virsh sees connection URI specified on its cmd line it connects to it right away (before executing any command). This happens inside virshConnect(). Here, virConnectOpenAuth() is called with the default auth callback (virConnectAuthPtrDefault). In majority of the cases this is desirable, as it might ask user for credentials (password for example). But in case of bash completion this is not desired because bash completion script must not expect users to input anything (that's why we even close stdin in cmdComplete()). Therefore, when connecting from virsh that's executed by the bash completion script provide no auth callbacks to prevent virsh from asking for credentials. Resolves: https://gitlab.com/libvirt/libvirt/-/work_items/879 Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko Tested-by: Richrad W.M. Jones --- tools/virsh.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/tools/virsh.c b/tools/virsh.c index fdce3220b3..72d233f98d 100644 --- a/tools/virsh.c +++ b/tools/virsh.c @@ -124,8 +124,16 @@ virshConnect(vshControl *ctl, const char *uri, bool re= adonly) =20 do { virErrorPtr err; + virConnectAuthPtr auth =3D virConnectAuthPtrDefault; =20 - if ((c =3D virConnectOpenAuth(uri, virConnectAuthPtrDefault, + if (ctl->cmd->def->handler =3D=3D cmdComplete) { + /* When running from a bash completer we need to avoid any kin= d of + * keyboard input (e.g. ssh asking for a password). To achieve + * this, provide no authentication callbacks. */ + auth =3D NULL; + } + + if ((c =3D virConnectOpenAuth(uri, auth, readonly ? VIR_CONNECT_RO : 0))) break; =20 --=20 2.53.0