[libvirt] [PATCH 0/2] libssh2 connection fixes
Hi guys, Here are 2 trivial patches to fixes issues connecting using libssh2. The first one fixes a -1 use with a size_t, and the second one discards callbacks with no prompt called by the SSH server. Cédric Bosdonnat (2): Fix test wanting a negative size_t Fix handling keyboard-interactive callbacks for libssh2 src/rpc/virnetsshsession.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) -- 1.8.4.5
--- src/rpc/virnetsshsession.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/rpc/virnetsshsession.c b/src/rpc/virnetsshsession.c index 7f47b29..57119f9 100644 --- a/src/rpc/virnetsshsession.c +++ b/src/rpc/virnetsshsession.c @@ -303,6 +303,7 @@ virNetSSHCheckHostKey(virNetSSHSessionPtr sess) virConnectCredential askKey; struct libssh2_knownhost *knownHostEntry = NULL; size_t i; + bool hasEchoPrompt = false; char *hostnameStr = NULL; if (sess->hostKeyVerify == VIR_NET_SSH_HOSTKEY_VERIFY_IGNORE) @@ -345,12 +346,12 @@ virNetSSHCheckHostKey(virNetSSHSessionPtr sess) for (i = 0; i < sess->cred->ncredtype; i++) { if (sess->cred->credtype[i] == VIR_CRED_ECHOPROMPT) { - i = -1; + hasEchoPrompt = true; break; } } - if (i > 0) { + if (!hasEchoPrompt) { virReportError(VIR_ERR_SSH, "%s", _("no suitable method to retrieve " "authentication credentials")); -- 1.8.4.5
On 24.10.2014 07:15, Cédric Bosdonnat wrote:
--- src/rpc/virnetsshsession.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/rpc/virnetsshsession.c b/src/rpc/virnetsshsession.c index 7f47b29..57119f9 100644 --- a/src/rpc/virnetsshsession.c +++ b/src/rpc/virnetsshsession.c @@ -303,6 +303,7 @@ virNetSSHCheckHostKey(virNetSSHSessionPtr sess) virConnectCredential askKey; struct libssh2_knownhost *knownHostEntry = NULL; size_t i; + bool hasEchoPrompt = false; char *hostnameStr = NULL;
if (sess->hostKeyVerify == VIR_NET_SSH_HOSTKEY_VERIFY_IGNORE) @@ -345,12 +346,12 @@ virNetSSHCheckHostKey(virNetSSHSessionPtr sess)
for (i = 0; i < sess->cred->ncredtype; i++) { if (sess->cred->credtype[i] == VIR_CRED_ECHOPROMPT) { - i = -1; + hasEchoPrompt = true; break; } }
- if (i > 0) { + if (!hasEchoPrompt) { virReportError(VIR_ERR_SSH, "%s", _("no suitable method to retrieve " "authentication credentials"));
The commit message is rather sparse. Extend it with a function name and short description at least, please. ACK Michal
SSHD calls the KI callback with no prompt after all prompts have been issued. Just ignore those callbacks to avoid libvirt-java (and possibly others) to crash while accessing invalid pointers. --- src/rpc/virnetsshsession.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/rpc/virnetsshsession.c b/src/rpc/virnetsshsession.c index 57119f9..e9516b8 100644 --- a/src/rpc/virnetsshsession.c +++ b/src/rpc/virnetsshsession.c @@ -217,6 +217,10 @@ virNetSSHKbIntCb(const char *name ATTRIBUTE_UNUSED, priv->authCbErr = VIR_NET_SSH_AUTHCB_OK; + /* After all prompts, sshd calls us with 0 prompts: just ignore it */ + if (num_prompts == 0) + return; + /* find credential type for asking passwords */ for (i = 0; i < priv->cred->ncredtype; i++) { if (priv->cred->credtype[i] == VIR_CRED_PASSPHRASE || -- 1.8.4.5
On 24.10.2014 07:15, Cédric Bosdonnat wrote:
SSHD calls the KI callback with no prompt after all prompts have been issued. Just ignore those callbacks to avoid libvirt-java (and possibly others) to crash while accessing invalid pointers. --- src/rpc/virnetsshsession.c | 4 ++++ 1 file changed, 4 insertions(+)
diff --git a/src/rpc/virnetsshsession.c b/src/rpc/virnetsshsession.c index 57119f9..e9516b8 100644 --- a/src/rpc/virnetsshsession.c +++ b/src/rpc/virnetsshsession.c @@ -217,6 +217,10 @@ virNetSSHKbIntCb(const char *name ATTRIBUTE_UNUSED,
priv->authCbErr = VIR_NET_SSH_AUTHCB_OK;
+ /* After all prompts, sshd calls us with 0 prompts: just ignore it */ + if (num_prompts == 0) + return; + /* find credential type for asking passwords */ for (i = 0; i < priv->cred->ncredtype; i++) { if (priv->cred->credtype[i] == VIR_CRED_PASSPHRASE ||
ACK Michal
Sorry guys, I just resent those as I got emails saying they weren't sent. Just discard the second ones... -- Cedric On Thu, 2014-10-23 at 22:15 -0700, Cédric Bosdonnat wrote:
Hi guys,
Here are 2 trivial patches to fixes issues connecting using libssh2. The first one fixes a -1 use with a size_t, and the second one discards callbacks with no prompt called by the SSH server.
Cédric Bosdonnat (2): Fix test wanting a negative size_t Fix handling keyboard-interactive callbacks for libssh2
src/rpc/virnetsshsession.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-)
participants (3)
-
Cedric Bosdonnat -
Cédric Bosdonnat
-
Michal Privoznik