We should always pass to the openPassDlg() exactly the same username
otherwise it may result in incorrect caching of passwords especially in
case if the username is changed by the user.
Also don't allow username change in case it was passed to setHost()
(i.e. it was specified in the URL like e.g. sftp://username@host/).
In such a case after changing it'd be impossible to properly cache it.
Signed-off-by: Alexander Golubev <fatzer2@gmail.com>
(cherry picked from commit 581d266ae6)
- Move authentication methods into separate functions so it would be
easier to correctly handle error after those and select which should
be called in which order.
- A lot of minor improvements along the way
Signed-off-by: Alexander Golubev <fatzer2@gmail.com>
(cherry picked from commit 2756ae762f)
This will help kpasswdserver not to confuse different user's answers to
different questions.
Also avoid passing/returning TDE::AuthInfo for kb-interactive auth as it
isn't really necessary when we don't manually caching passwords anymore.
Signed-off-by: Alexander Golubev <fatzer2@gmail.com>
(cherry picked from commit d316ff14bd)
All password caching we need actually already autmagically
done by openPassDlg().
Signed-off-by: Alexander Golubev <fatzer2@gmail.com>
(cherry picked from commit a19610bb73)
There were a couple of missing closeConnection() calls after connection
errors. The probably haven't caused any major bugs, but use scope guards
to be on the safe side.
Signed-off-by: Alexander Golubev <fatzer2@gmail.com>
(cherry picked from commit 9c0a0ce976)
Several enhancements to public key authentication and some other stuff:
- Fix passphrase entry for encrypted keys (was either hanging up or
segfaulting)
- Use scope guard idiom for cleanup calls for more reliable cleanup in
case of errors
- Add normal prompt for public key's passphrase entry dialog
- Correctly differentiate passphrase to password when cached (yes they
are getting cached regardless of keepPassword, at least for some
duration of time)
- Centrilize AuthInfo initialization and some rejig of it
kbd-interactive authentification
Signed-off-by: Alexander Golubev <fatzer2@gmail.com>
(cherry picked from commit b91e220389)
Alexander Golubev
Mavridis Philippe
Slávek Banko
Timothy Pearson