GUACAMOLE-221: Fix up SSH terminal prompt fallback.

This commit is contained in:
Nick Couchman 2020-07-01 17:33:22 -04:00
parent e8feeabfef
commit 98dbf15d0b
3 changed files with 38 additions and 22 deletions

View File

@ -34,8 +34,13 @@
* *
* @param cred_name * @param cred_name
* The connection parameter that is being requested from the client. * The connection parameter that is being requested from the client.
*
* @return
* A newly-allocated string containing the credentials request from the
* client, or NULL if the credentials will be updated via the required
* instruction.
*/ */
typedef void guac_ssh_credential_handler(guac_client* client, char* cred_name); typedef char* guac_ssh_credential_handler(guac_client* client, char* cred_name);
/** /**
* An SSH session, backed by libssh2 and associated with a particular * An SSH session, backed by libssh2 and associated with a particular

View File

@ -360,8 +360,13 @@ static int guac_common_ssh_authenticate(guac_common_ssh_session* common_session)
} }
/* Attempt authentication with username + password. */ /* Attempt authentication with username + password. */
if (user->password == NULL && common_session->credential_handler) if (user->password == NULL && common_session->credential_handler) {
common_session->credential_handler(client, GUAC_SSH_PARAMETER_NAME_PASSWORD);
char* password = common_session->credential_handler(client, GUAC_SSH_PARAMETER_NAME_PASSWORD);
if (password != NULL)
user->password = password;
}
/* Authenticate with password, if provided */ /* Authenticate with password, if provided */
if (user->password != NULL) { if (user->password != NULL) {

View File

@ -99,10 +99,26 @@ guac_ssh_credential_prompt_map ssh_credential_prompt_map[] = {
* @param cred_name * @param cred_name
* The name of the parameter to prompt for in the client. * The name of the parameter to prompt for in the client.
*/ */
static void guac_ssh_get_credential(guac_client *client, char* cred_name) { static char* guac_ssh_get_credential(guac_client *client, char* cred_name) {
guac_ssh_client* ssh_client = (guac_ssh_client*) client->data; guac_ssh_client* ssh_client = (guac_ssh_client*) client->data;
/* If client owner does not support required, use terminal prompt. */
if (!guac_client_owner_supports_required(client)) {
/* Loop to find correct prompt for credential name. */
guac_ssh_credential_prompt_map* current = ssh_credential_prompt_map;
while (current->name != NULL) {
if (strcmp(current->name, cred_name) == 0)
return guac_terminal_prompt(ssh_client->term,
current->prompt, true);
current++;
}
/* No matching credential was found, so return NULL. */
return NULL;
}
/* Lock the terminal thread while prompting for the credential. */ /* Lock the terminal thread while prompting for the credential. */
pthread_mutex_lock(&(ssh_client->ssh_credential_lock)); pthread_mutex_lock(&(ssh_client->ssh_credential_lock));
@ -113,6 +129,8 @@ static void guac_ssh_get_credential(guac_client *client, char* cred_name) {
pthread_cond_wait(&(ssh_client->ssh_credential_cond), &(ssh_client->ssh_credential_lock)); pthread_cond_wait(&(ssh_client->ssh_credential_cond), &(ssh_client->ssh_credential_lock));
pthread_mutex_unlock(&(ssh_client->ssh_credential_lock)); pthread_mutex_unlock(&(ssh_client->ssh_credential_lock));
return NULL;
} }
/** /**
@ -137,16 +155,9 @@ static guac_common_ssh_user* guac_ssh_get_user(guac_client* client) {
/* Get username */ /* Get username */
while (settings->username == NULL) { while (settings->username == NULL) {
/* Client owner supports required instruction, so send prompt(s) that way. */ char* username = guac_ssh_get_credential(client, GUAC_SSH_PARAMETER_NAME_USERNAME);
if (guac_client_owner_supports_required(client)) { if (username != NULL)
guac_ssh_get_credential(client, GUAC_SSH_PARAMETER_NAME_USERNAME); settings->username = username;
}
/* Fall back to terminal prompting. */
else {
settings->username = guac_terminal_prompt(ssh_client->term,
"Login as: ", true);
}
} }
@ -174,14 +185,9 @@ static guac_common_ssh_user* guac_ssh_get_user(guac_client* client) {
/* Prompt for passphrase if missing */ /* Prompt for passphrase if missing */
while (settings->key_passphrase == NULL) { while (settings->key_passphrase == NULL) {
/* Send prompt via required instruction, if supported */ char* passphrase = guac_ssh_get_credential(client, GUAC_SSH_PARAMETER_NAME_PASSPHRASE);
if (guac_client_owner_supports_required(client)) if (passphrase != NULL)
guac_ssh_get_credential(client, GUAC_SSH_PARAMETER_NAME_PASSPHRASE); settings->key_passphrase = passphrase;
/* Fall back to terminal prompt */
else
settings->key_passphrase = guac_terminal_prompt(ssh_client->term,
"Key passphrase: ", true);
} }