Matthias Bolte wrote:
diff --git a/src/phyp/phyp_driver.c b/src/phyp/phyp_driver.c index a92046a..f96d2d6 100644 --- a/src/phyp/phyp_driver.c +++ b/src/phyp/phyp_driver.c [...] @@ -282,10 +297,8 @@ openSSHSession(virConnectPtr conn, virConnectAuthPtr auth, /* Trying authentication by pubkey */ while ((rc = libssh2_userauth_publickey_fromfile(session, username,
You assign conn->uri->user to username and use it without checking for NULL. You should either check conn->uri->user for NULL in phypOpen(), as you do it for conn->uri->server and conn->uri->path, and return VIR_DRV_OPEN_ERROR if its NULL or request a username via the auth callback if conn->uri->user is NULL.
Ok.
- "/home/user/" - ".ssh/id_rsa.pub", - "/home/user/" - ".ssh/id_rsa", + pubkey, + pvtkey, password)) ==
The password (actually the passphrase) is NULL at this point. Is this really working?
Talking with libssh2 guys, this feature is not exactly working well, they said that it is possible to pass a random passphrase (or even NULL) that it will authenticate using pub and pvt keys. So, I assumed this as a hardcoded NULL just until they fix this function.
LIBSSH2_ERROR_EAGAIN) ; if (rc) {
So you fallback to username/password authentication if keyfile authentication failed (rc != 0). According to the libssh2_userauth_publickey_fromfile manpage it may return this error codes:
LIBSSH2_ERROR_ALLOC - An internal memory allocation call failed. LIBSSH2_ERROR_SOCKET_SEND - Unable to send data on socket. LIBSSH2_ERROR_SOCKET_TIMEOUT LIBSSH2_ERROR_PUBLICKEY_UNRECOGNIZED - The username/public key combination was invalid. LIBSSH2_ERROR_PUBLICKEY_UNVERIFIED - The username/public key combination was invalid, or the signature for the supplied public key was invalid.
Appearently, going further the man pages and tracing all the function return points, I figured out that this function may also return LIBSSH2_ERROR_SOCKET_NONE or LIBSSH2_ERROR_NONE for many reasons. As far as I understand, LIBSSH2_ERROR_NONE is for a succesful pubkey authentication, and LIBSSH2_ERROR_SOCKET_NONE is for a non succesful. Adjusted all values for this if construction.
IMHO its not useful to fallback to username/password authentication for the first three possible errors, only if a keyfile related error occurs like the last two.
In this case I explicit check for errors (LIBSSH2_ERROR_ALLOC, LIBSSH2_ERROR_SOCKET_SEND and LIBSSH2_ERROR_SOCKET_TIMEOUT) before fallback.
I wonder which error code will be returned if one or both keyfiles don't exist. Maybe you should check if both keyfiles exist before calling libssh2_userauth_publickey_fromfile() and fallback to username/password authentication if one or both are missing.
Ok. I am stating files now.
@@ -341,15 +354,22 @@ openSSHSession(virConnectPtr conn, virConnectAuthPtr auth, goto disconnect; } else goto exit; + } else { + goto exit; } disconnect: libssh2_session_disconnect(session, "Disconnecting..."); libssh2_session_free(session); err: + VIR_FREE(userhome); + VIR_FREE(pubkey); + VIR_FREE(pvtkey); VIR_FREE(password); return NULL;
exit: + VIR_FREE(userhome);
VIR_FREE(pubkey) is missing here, it's there in the first version of this patch.
Ok. Thanks again :) []'s -- Eduardo Otubo Software Engineer Linux Technology Center IBM Systems & Technology Group Mobile: +55 19 8135 0885 eotubo@linux.vnet.ibm.com