static CockpitCreds * parse_ssh_spawn_results (CockpitAuth *self, AuthData *ad, GHashTable *headers, JsonObject **prompt_data, GError **error) { CockpitCreds *creds = NULL; JsonObject *results = NULL; JsonObject *auth_results = NULL; const gchar *pw_result = NULL; const gchar *user; const gchar *error_str; results = cockpit_auth_process_parse_result (ad->auth_process, ad->response_data, error); if (results) { user = cockpit_auth_process_get_authenticated_user (ad->auth_process, results, prompt_data, error); if (user) { creds = create_creds_for_spawn_authenticated (self, user, ad, results, ad->response_data); } else if (cockpit_json_get_string (results, "error", NULL, &error_str)) { if (g_strcmp0 (error_str, "authentication-failed") == 0) { cockpit_json_get_object (results, "auth-method-results", NULL, &auth_results); if (auth_results) cockpit_json_get_string (auth_results, "password", NULL, &pw_result); if (!pw_result || g_strcmp0 (pw_result, "no-server-support") == 0) { g_clear_error (error); g_set_error (error, COCKPIT_ERROR, COCKPIT_ERROR_AUTHENTICATION_FAILED, "Authentication failed: authentication-not-supported"); } } else if (g_strcmp0 (error_str, "terminated") == 0) { g_clear_error (error); g_set_error (error, COCKPIT_ERROR, COCKPIT_ERROR_AUTHENTICATION_FAILED, "Authentication failed: terminated"); } } json_object_unref (results); } return creds; }
static void on_auth_process_message (CockpitAuthProcess *auth_process, GBytes *bytes, gpointer user_data) { CockpitSshTransport *self = COCKPIT_SSH_TRANSPORT (user_data); JsonObject *json = NULL; gchar *response = NULL; GError *error = NULL; gsize len; gboolean prompt_claimed; gboolean final = TRUE; GBytes *blank = NULL; const gchar *user; const gchar *error_str; const gchar *prompt; const gchar *message; const gchar *host_key = NULL; const gchar *host_fp = NULL; JsonObject *auth_result = NULL; const gchar *problem = "internal-error"; len = g_bytes_get_size (bytes); response = g_strndup (g_bytes_get_data (bytes, NULL), len); json = cockpit_auth_process_parse_result (self->auth_process, response, &error); if (json) { if (!cockpit_json_get_string (json, "error", NULL, &error_str) || !cockpit_json_get_string (json, "message", NULL, &message) || !cockpit_json_get_string (json, "prompt", NULL, &prompt) || !cockpit_json_get_string (json, "user", NULL, &user)) { g_warning ("%s: got invalid authentication json", self->logname); } else if (error_str) { problem = error_str; g_debug ("%s: got authentication error %s: %s", self->logname, error_str, message); } else if (prompt) { final = FALSE; problem = NULL; // Send the signal, if nothing handles it write a blank response. g_signal_emit (self, signals[PROMPT], 0, json, &prompt_claimed); if (!prompt_claimed) { blank = g_bytes_new_static ("", 0); cockpit_auth_process_write_auth_bytes (self->auth_process, blank); g_bytes_unref (blank); } } else if (user)
static CockpitCreds * parse_cockpit_spawn_results (CockpitAuth *self, AuthData *ad, GHashTable *headers, JsonObject **prompt_data, GError **error) { CockpitCreds *creds = NULL; JsonObject *results = NULL; const gchar *user; const gchar *error_str; results = cockpit_auth_process_parse_result (ad->auth_process, ad->response_data, error); if (results) { user = cockpit_auth_process_get_authenticated_user (ad->auth_process, results, prompt_data, error); if (user) { creds = create_creds_for_spawn_authenticated (self, user, ad, results, ad->response_data); } else if (g_str_equal (ad->auth_type, "negotiate") && cockpit_json_get_string (results, "error", NULL, &error_str)) { if (g_strcmp0 (error_str, "authentication-unavailable") == 0) { gssapi_not_avail = TRUE; g_debug ("negotiate auth is not available, disabling"); g_clear_error (error); g_set_error (error, COCKPIT_ERROR, COCKPIT_ERROR_AUTHENTICATION_FAILED, "Negotiate authentication not available"); } } build_gssapi_output_header (headers, results); json_object_unref (results); } return creds; }