summaryrefslogtreecommitdiffstats
path: root/tdeioslave/sftp/tdeio_sftp.cpp
Commit message (Collapse)AuthorAgeFilesLines
* tdeioslave/sftp: make source c++11-compatibleAlexander Golubev2024-03-041-6/+9
| | | | | Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit 0e615e5c9090c5a0477865db0e687849a04aa5a2)
* tdeioslave/sftp: get rid of goto in openConnection()Alexander Golubev2024-03-041-118/+119
| | | | | Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit 3a4538b4c3da7432407ccab20a9336663f3a1ed8)
* tdeioslave/sftp: use unsigned to store auth method flags/bitsetsAlexander Golubev2024-03-041-8/+8
| | | | | | | | The libssh defines those flags as unsigned. Technically ssh_auth_list() still returns int, but its guranteed to be bitset of those flags. Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit 5b9585e42977f46639dc3784352e9c4be4cd9cac)
* tdeioslave/sftp: better erros for unsupported auth methodsAlexander Golubev2024-03-041-20/+37
| | | | | | | | | | | Also: - do not translate auth methods names as the names appear in config files verbatim - libssh actually doesn't supports hostbased auth, so exclude it from bitset of supported Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit 1597d5f3848cdb39b7d458f0c6c33ecdfc3125d5)
* tdeioslave/sftp: better cancelation handling in case of several publickeysAlexander Golubev2024-03-041-6/+12
| | | | | | | | Consider publickey auth canceled only if user canceled it for each of the prompted keys. Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit 4b4b72db8f880027a85cb95a1510cefd5522d245)
* tdeioslave/sftp: save/restore seqNr for multi-factor authAlexander Golubev2024-03-041-6/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In case the server is set up for multi-factor authentication we could be have to query several things from the user like password, a key passphrase, their mother's maiden name etc. It doesn't make a big difference during an initial connection, but it butchers the reconnection process: it can retrieve the answer of the user to the first question (e.g. their password), but it fails to retrieve the second one (e.g. the key passphrase). So the user would be forced to reenter the answer for the second question upon each reconnection. The reason for this is the passwdserver's desig (see DESIGN [1]): Each query for AuthInfo with the openPassDlg() has an secNr number associated with it. If it's smaller than the one of the one stored for the privious request, than the one from the cache will be returned automagically, if it's bigger the dialog will be prompted to the user. Each call to openPassDlg() advances s_seqNr to the last value reported by the passwdserver. So the first call will return the cached value and subsequent calls will actually display the dialog to the user (assuming authentication with the cached data failed). But in case of multi-factor auth we have to query user for several independent values. And we want to try to retrieve each one of those from the cache. So we have to get a bit hacky and manually manipulate the SlaveBase::s_seqNr value. [1]: https://mirror.git.trinitydesktop.org/gitea/TDE/tdelibs/src/branch/master/tdeio/kpasswdserver/DESIGN Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit 95b18e63382c4f0013c4eb2473d04f6020a84b7a)
* tdeioslave/sftp: imbue error messages with errors from libsshAlexander Golubev2024-03-041-15/+25
| | | | | Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit 4d88b3edddc46ab56e773c4c73cd29b3292b3181)
* tdeioslave/sftp: cache passwords in case they were passed to setHost()Alexander Golubev2024-03-041-7/+23
| | | | | Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit ee73349644fdf2a3a2ac122d7f930f84b00bcdba)
* tdeioslave/sftp: prevent infinite looping in kb-interactive authAlexander Golubev2024-03-041-0/+12
| | | | | Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit f8f0b8815ca821ad6764149a915122f8b2f0bf8b)
* tdeioslave/sftp: purge password in the destructorAlexander Golubev2024-03-041-0/+2
| | | | | | | | This could be useful in case the destructor will be called before openConnection() Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit 21ce69f338efb0636e9eef0e7405825b5dd7c0b0)
* tdeioslave/sftp: enable changing user during kb-interactive authAlexander Golubev2024-03-041-3/+15
| | | | | Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit 009382772da4cb5a56749ea67ed29c09658a4f69)
* tdeioslave/sftp: pass correct username to openPassDlg()Alexander Golubev2024-03-041-11/+25
| | | | | | | | | | | | | We should always pass to the openPassDlg() exactly the same username otherwise it may result in incorrect caching of passwords especially in case if the username is changed by the user. Also don't allow username change in case it was passed to setHost() (i.e. it was specified in the URL like e.g. sftp://username@host/). In such a case after changing it'd be impossible to properly cache it. Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit 581d266ae6f085317b4247b2d1ddbc12c8fa09fb)
* tdeioslave/sftp: even bigger authentication overhaulAlexander Golubev2024-03-041-153/+286
| | | | | | | | | | - Move authentication methods into separate functions so it would be easier to correctly handle error after those and select which should be called in which order. - A lot of minor improvements along the way Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit 2756ae762fefc3fe86463174866674a987856d89)
* tdeioslave/sftp: use realmValue to distinguish different promptsAlexander Golubev2024-03-041-23/+19
| | | | | | | | | | | This will help kpasswdserver not to confuse different user's answers to different questions. Also avoid passing/returning TDE::AuthInfo for kb-interactive auth as it isn't really necessary when we don't manually caching passwords anymore. Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit d316ff14bdcc6c7e402276cba2a15c1ac8bb5278)
* tdeioslave/sftp: avoid explicit password cachingAlexander Golubev2024-03-041-15/+3
| | | | | | | | All password caching we need actually already autmagically done by openPassDlg(). Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit a19610bb735faf89fcd27c6885bf81e53c9b2d7a)
* tdeioslave/sftp: use a scope guards to close connectionAlexander Golubev2024-03-041-17/+14
| | | | | | | | | There were a couple of missing closeConnection() calls after connection errors. The probably haven't caused any major bugs, but use scope guards to be on the safe side. Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit 9c0a0ce976549c1849eecb497be2d8bdf49d7aa5)
* tdeioslave/sftp: split off connection init to a dedicated functionAlexander Golubev2024-03-041-61/+72
| | | | | Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit 75349be43e1b4ced52502f98316148a7b55c1352)
* tdeioslave/sftp: use free to destroy mCallbacksAlexander Golubev2024-03-041-1/+1
| | | | | | | As it allocated via malloc() rather than new. Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit 688544193fb40241435b07f83135d91ad708c6df)
* tdeioslave/sftp: overhaul publickey authAlexander Golubev2024-03-041-75/+180
| | | | | | | | | | | | | | | | | Several enhancements to public key authentication and some other stuff: - Fix passphrase entry for encrypted keys (was either hanging up or segfaulting) - Use scope guard idiom for cleanup calls for more reliable cleanup in case of errors - Add normal prompt for public key's passphrase entry dialog - Correctly differentiate passphrase to password when cached (yes they are getting cached regardless of keepPassword, at least for some duration of time) - Centrilize AuthInfo initialization and some rejig of it kbd-interactive authentification Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit b91e2203891ce7ef627a241ea05c3f11180fcfc1)
* tdeioslave/sftp: fix keyboard-interactive authenticationAlexander Golubev2024-03-041-43/+85
| | | | | | | | | This is a partial fix to the sftp ioslave. Subsequent commits will fix other issues. Closes: https://mirror.git.trinitydesktop.org/gitea/TDE/tdebase/issues/443 Signed-off-by: Alexander Golubev <fatzer2@gmail.com> (cherry picked from commit a1fa8a79bbd7f6385d312cce709768944506d960)
* Replace Q_WS_* defines with TQ_WS_* equivalentsMichele Calgaro2024-02-141-2/+2
| | | | | Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it> (cherry picked from commit 2d7d2122cf33aa713cebef95981305039c798003)
* SFTP: compatibility with older libssh versionsMavridis Philippe2022-07-151-6/+22
| | | | | Signed-off-by: Mavridis Philippe <mavridisf@gmail.com> Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
* SFTP: Various fixes and improvementsMavridis Philippe2022-07-151-87/+142
| | | | | | | | | | | For details see PR #279. Portions of code borrowed from KDE5 SFTP ioslave: Source: https://invent.kde.org/network/kio-extras/-/blob/master/sftp/kio_sftp.cpp Licence: LGPLv2 or later Signed-off-by: Mavridis Philippe <mavridisf@gmail.com>
* Replaced old sftp ioslave with backported versionMavridis Philippe2022-07-151-1923/+1414
| | | | | | | | | Source: https://github.com/sandsmark/kde2-kio-sftp-kde4 Licence: GPLv2 or later This resolves issue #276. Signed-off-by: Mavridis Philippe <mavridisf@gmail.com>
* Additional k => tde renaming and fixesSlávek Banko2013-09-031-132/+132
|
* Rename additional header files to avoid conflicts with KDE4Timothy Pearson2013-02-151-3/+3
|
* Rename common header files for consistency with class renamingTimothy Pearson2013-02-141-1/+1
|
* Rename kioslavesTimothy Pearson2013-01-271-0/+2282