static CockpitCreds *
parse_ssh_spawn_results (CockpitAuth *self,
AuthData *ad,
GHashTable *headers,
JsonObject **prompt_data,
GError **error)
{
CockpitCreds *creds = NULL;
JsonObject *results = NULL;
JsonObject *auth_results = NULL;
const gchar *pw_result = NULL;
const gchar *user;
const gchar *error_str;
results = cockpit_auth_process_parse_result (ad->auth_process,
ad->response_data,
error);
if (results)
{
user = cockpit_auth_process_get_authenticated_user (ad->auth_process, results,
prompt_data, error);
if (user)
{
creds = create_creds_for_spawn_authenticated (self, user, ad,
results,
ad->response_data);
}
else if (cockpit_json_get_string (results, "error", NULL, &error_str))
{
if (g_strcmp0 (error_str, "authentication-failed") == 0)
{
cockpit_json_get_object (results, "auth-method-results", NULL, &auth_results);
if (auth_results)
cockpit_json_get_string (auth_results, "password", NULL, &pw_result);
if (!pw_result || g_strcmp0 (pw_result, "no-server-support") == 0)
{
g_clear_error (error);
g_set_error (error, COCKPIT_ERROR,
COCKPIT_ERROR_AUTHENTICATION_FAILED,
"Authentication failed: authentication-not-supported");
}
}
else if (g_strcmp0 (error_str, "terminated") == 0)
{
g_clear_error (error);
g_set_error (error, COCKPIT_ERROR,
COCKPIT_ERROR_AUTHENTICATION_FAILED,
"Authentication failed: terminated");
}
}
json_object_unref (results);
}
return creds;
}
static void
on_auth_process_message (CockpitAuthProcess *auth_process,
GBytes *bytes,
gpointer user_data)
{
CockpitSshTransport *self = COCKPIT_SSH_TRANSPORT (user_data);
JsonObject *json = NULL;
gchar *response = NULL;
GError *error = NULL;
gsize len;
gboolean prompt_claimed;
gboolean final = TRUE;
GBytes *blank = NULL;
const gchar *user;
const gchar *error_str;
const gchar *prompt;
const gchar *message;
const gchar *host_key = NULL;
const gchar *host_fp = NULL;
JsonObject *auth_result = NULL;
const gchar *problem = "internal-error";
len = g_bytes_get_size (bytes);
response = g_strndup (g_bytes_get_data (bytes, NULL), len);
json = cockpit_auth_process_parse_result (self->auth_process, response, &error);
if (json)
{
if (!cockpit_json_get_string (json, "error", NULL, &error_str) ||
!cockpit_json_get_string (json, "message", NULL, &message) ||
!cockpit_json_get_string (json, "prompt", NULL, &prompt) ||
!cockpit_json_get_string (json, "user", NULL, &user))
{
g_warning ("%s: got invalid authentication json", self->logname);
}
else if (error_str)
{
problem = error_str;
g_debug ("%s: got authentication error %s: %s", self->logname, error_str, message);
}
else if (prompt)
{
final = FALSE;
problem = NULL;
// Send the signal, if nothing handles it write a blank response.
g_signal_emit (self, signals[PROMPT], 0, json, &prompt_claimed);
if (!prompt_claimed)
{
blank = g_bytes_new_static ("", 0);
cockpit_auth_process_write_auth_bytes (self->auth_process, blank);
g_bytes_unref (blank);
}
}
else if (user)
static CockpitCreds *
parse_cockpit_spawn_results (CockpitAuth *self,
AuthData *ad,
GHashTable *headers,
JsonObject **prompt_data,
GError **error)
{
CockpitCreds *creds = NULL;
JsonObject *results = NULL;
const gchar *user;
const gchar *error_str;
results = cockpit_auth_process_parse_result (ad->auth_process,
ad->response_data,
error);
if (results)
{
user = cockpit_auth_process_get_authenticated_user (ad->auth_process, results,
prompt_data, error);
if (user)
{
creds = create_creds_for_spawn_authenticated (self, user, ad,
results,
ad->response_data);
}
else if (g_str_equal (ad->auth_type, "negotiate") &&
cockpit_json_get_string (results, "error", NULL, &error_str))
{
if (g_strcmp0 (error_str, "authentication-unavailable") == 0)
{
gssapi_not_avail = TRUE;
g_debug ("negotiate auth is not available, disabling");
g_clear_error (error);
g_set_error (error, COCKPIT_ERROR, COCKPIT_ERROR_AUTHENTICATION_FAILED,
"Negotiate authentication not available");
}
}
build_gssapi_output_header (headers, results);
json_object_unref (results);
}
return creds;
}
