ddb7e05223
- sftp_interactive_password.patch: Fixes logins to remote SSH sessions where only Keyboard-Interactive password is available and tunneled password is disabled (bsc#1098235) - mc-rpmlintrc: removed OBS-URL: https://build.opensuse.org/request/show/619175 OBS-URL: https://build.opensuse.org/package/show/Base:System/mc?expand=0&rev=122
107 lines
3.6 KiB
Diff
107 lines
3.6 KiB
Diff
Upstream: https://midnight-commander.org/ticket/3921
|
|
Bugzilla: 1098235
|
|
|
|
commit 83e7624292232562639d13f76d84126e6779e54b
|
|
Author: Adam Majer <amajer@suse.de>
|
|
Date: Mon Jun 25 15:06:38 2018 +0200
|
|
|
|
Ticket #3921: Enable keyboard interactive authentication
|
|
|
|
If SSH server does not support cleartext tunneled password
|
|
authentication and only 'keyboard interactive' authentication
|
|
instead, then we need to use different authentication
|
|
function along with a interactive callback.
|
|
|
|
Signed-off-by: Adam Majer <amajer@suse.de>
|
|
|
|
diff --git a/src/vfs/sftpfs/connection.c b/src/vfs/sftpfs/connection.c
|
|
index 537159129..19a49874f 100644
|
|
--- a/src/vfs/sftpfs/connection.c
|
|
+++ b/src/vfs/sftpfs/connection.c
|
|
@@ -292,6 +292,50 @@ sftpfs_open_connection_ssh_key (struct vfs_s_super *super, GError ** mcerror)
|
|
return ret_value;
|
|
}
|
|
|
|
+
|
|
+/**
|
|
+ * Keyboard-interactive password helper for opening connection to host by
|
|
+ * sftpfs_open_connection_ssh_password
|
|
+ *
|
|
+ * Uses global kbi_super (data with existing connection) and kbi_passwd (password)
|
|
+ *
|
|
+ * @param name username
|
|
+ * @param name_len length of @name
|
|
+ * @param instruction unused
|
|
+ * @param instruction_len unused
|
|
+ * @param num_prompts number of possible problems to process
|
|
+ * @param prompts array of prompts to process
|
|
+ * @param responses array of responses, one per prompt
|
|
+ * @param abstract unused
|
|
+ */
|
|
+
|
|
+static const char *kbi_passwd;
|
|
+static const struct vfs_s_super *kbi_super;
|
|
+static LIBSSH2_USERAUTH_KBDINT_RESPONSE_FUNC(keyboard_interactive_helper)
|
|
+{
|
|
+ int i;
|
|
+ int len;
|
|
+
|
|
+ (void) instruction;
|
|
+ (void) instruction_len;
|
|
+ (void) abstract;
|
|
+
|
|
+ if (!kbi_super || !kbi_passwd)
|
|
+ return;
|
|
+
|
|
+ if (strncmp(name, kbi_super->path_element->user, name_len) != 0)
|
|
+ return;
|
|
+
|
|
+ // assume these are password prompts
|
|
+ len = strlen(kbi_passwd);
|
|
+ for (i=0; i<num_prompts; ++i) {
|
|
+ if (strncmp(prompts[i].text, "Password: ", prompts[i].length) == 0) {
|
|
+ responses[i].text = strdup(kbi_passwd);
|
|
+ responses[i].length = len;
|
|
+ }
|
|
+ }
|
|
+}
|
|
+
|
|
/* --------------------------------------------------------------------------------------------- */
|
|
/**
|
|
* Open connection to host using password.
|
|
@@ -323,6 +367,16 @@ sftpfs_open_connection_ssh_password (struct vfs_s_super *super, GError ** mcerro
|
|
LIBSSH2_ERROR_EAGAIN);
|
|
if (rc == 0)
|
|
return TRUE;
|
|
+
|
|
+ kbi_super = super;
|
|
+ kbi_passwd = super->path_element->password;
|
|
+ while ((rc = libssh2_userauth_keyboard_interactive (super_data->session, super->path_element->user,
|
|
+ keyboard_interactive_helper)) ==
|
|
+ LIBSSH2_ERROR_EAGAIN);
|
|
+ kbi_super = NULL;
|
|
+ kbi_passwd = NULL;
|
|
+ if (rc == 0)
|
|
+ return TRUE;
|
|
}
|
|
|
|
p = g_strdup_printf (_("sftp: Enter password for %s "), super->path_element->user);
|
|
@@ -337,6 +391,17 @@ sftpfs_open_connection_ssh_password (struct vfs_s_super *super, GError ** mcerro
|
|
passwd)) == LIBSSH2_ERROR_EAGAIN)
|
|
;
|
|
|
|
+ if (rc != 0)
|
|
+ {
|
|
+ kbi_super = super;
|
|
+ kbi_passwd = passwd;
|
|
+ while ((rc = libssh2_userauth_keyboard_interactive (super_data->session, super->path_element->user,
|
|
+ keyboard_interactive_helper))
|
|
+ == LIBSSH2_ERROR_EAGAIN);
|
|
+ kbi_super = NULL;
|
|
+ kbi_passwd = NULL;
|
|
+ }
|
|
+
|
|
if (rc == 0)
|
|
{
|
|
ret_value = TRUE;
|