static void
on_auth_process_message (CockpitAuthProcess *auth_process,
GBytes *bytes,
gpointer user_data)
{
CockpitSshTransport *self = COCKPIT_SSH_TRANSPORT (user_data);
JsonObject *json = NULL;
gchar *response = NULL;
GError *error = NULL;
gsize len;
gboolean prompt_claimed;
gboolean final = TRUE;
GBytes *blank = NULL;
const gchar *user;
const gchar *error_str;
const gchar *prompt;
const gchar *message;
const gchar *host_key = NULL;
const gchar *host_fp = NULL;
JsonObject *auth_result = NULL;
const gchar *problem = "internal-error";
len = g_bytes_get_size (bytes);
response = g_strndup (g_bytes_get_data (bytes, NULL), len);
json = cockpit_auth_process_parse_result (self->auth_process, response, &error);
if (json)
{
if (!cockpit_json_get_string (json, "error", NULL, &error_str) ||
!cockpit_json_get_string (json, "message", NULL, &message) ||
!cockpit_json_get_string (json, "prompt", NULL, &prompt) ||
!cockpit_json_get_string (json, "user", NULL, &user))
{
g_warning ("%s: got invalid authentication json", self->logname);
}
else if (error_str)
{
problem = error_str;
g_debug ("%s: got authentication error %s: %s", self->logname, error_str, message);
}
else if (prompt)
{
final = FALSE;
problem = NULL;
// Send the signal, if nothing handles it write a blank response.
g_signal_emit (self, signals[PROMPT], 0, json, &prompt_claimed);
if (!prompt_claimed)
{
blank = g_bytes_new_static ("", 0);
cockpit_auth_process_write_auth_bytes (self->auth_process, blank);
g_bytes_unref (blank);
}
}
else if (user)
static void
start_auth_process (CockpitAuth *self,
AuthData *ad,
GBytes *input,
GSimpleAsyncResult *result,
gpointer tag,
const gchar **argv)
{
GError *error = NULL;
g_simple_async_result_set_op_res_gpointer (result,
auth_data_ref (ad), auth_data_unref);
if (cockpit_auth_process_start (ad->auth_process, argv, -1, FALSE, &error))
{
auth_data_add_pending_result (ad, result);
g_signal_connect (ad->auth_process, "message",
G_CALLBACK (on_auth_process_message),
ad);
g_signal_connect (ad->auth_process, "close",
G_CALLBACK (on_auth_process_close),
ad);
g_signal_connect (ad->auth_process, "close",
G_CALLBACK (purge_auth_id),
self);
cockpit_auth_process_write_auth_bytes (ad->auth_process, input);
}
else
{
g_warning ("failed to start %s: %s", argv[0], error->message);
g_error_free (error);
g_simple_async_result_set_error (result, COCKPIT_ERROR, COCKPIT_ERROR_FAILED,
"Internal error starting %s", argv[0]);
g_simple_async_result_complete_in_idle (result);
}
}
static void
cockpit_auth_resume_async (CockpitAuth *self,
const gchar *application,
const gchar *type,
GHashTable *headers,
const gchar *remote_peer,
GAsyncReadyCallback callback,
gpointer user_data)
{
AuthData *ad = NULL;
GSimpleAsyncResult *task;
GBytes *input = NULL;
gchar **parts = NULL;
gchar *header = NULL;
gsize length;
header = g_hash_table_lookup (headers, "Authorization");
if (header)
parts = g_strsplit (header, " ", 3);
if (parts && g_strv_length (parts) == 3)
ad = g_hash_table_lookup (self->authentication_pending, parts[1]);
if (!ad)
{
task = g_simple_async_result_new (G_OBJECT (self), callback, user_data,
cockpit_auth_none_login_async);
g_simple_async_result_set_error (task, COCKPIT_ERROR,
COCKPIT_ERROR_AUTHENTICATION_FAILED,
"Invalid resume token");
g_simple_async_result_complete_in_idle (task);
}
else
{
task = g_simple_async_result_new (G_OBJECT (self), callback, user_data,
ad->tag);
g_simple_async_result_set_op_res_gpointer (task, auth_data_ref (ad), auth_data_unref);
g_hash_table_remove (self->authentication_pending, parts[1]);
if (!g_base64_decode_inplace (parts[2], &length) || length < 1)
{
g_simple_async_result_set_error (task, COCKPIT_ERROR,
COCKPIT_ERROR_AUTHENTICATION_FAILED,
"Invalid resume token");
g_simple_async_result_complete_in_idle (task);
}
else
{
input = g_bytes_new (parts[2], length);
auth_data_add_pending_result (ad, task);
cockpit_auth_process_write_auth_bytes (ad->auth_process, input);
g_bytes_unref (input);
}
}
if (parts)
g_strfreev (parts);
g_object_unref (task);
}
