[X2Go-Commits] [x2goclient] 01/18: src/sshmasterconnection.cpp: stop libssh/OpenSSL from querying for a passphrase if started with a controlling terminal.
git-admin at x2go.org
git-admin at x2go.org
Wed Mar 14 03:48:08 CET 2018
This is an automated email from the git hooks/post-receive script.
x2go pushed a commit to branch master
in repository x2goclient.
commit c92b679443668ef8b913d3113eb786d77a603b0d
Author: Mihai Moldovan <ionic at ionic.de>
Date: Wed Mar 14 00:41:57 2018 +0100
src/sshmasterconnection.cpp: stop libssh/OpenSSL from querying for a passphrase if started with a controlling terminal.
---
debian/changelog | 2 ++
src/sshmasterconnection.cpp | 13 ++++++++++++-
2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/debian/changelog b/debian/changelog
index 9ce7036..2e0f54c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -28,6 +28,8 @@ x2goclient (4.1.2.0-0x2go1) UNRELEASED; urgency=medium
- res/qresources.qrc: add new lxqt files.
- src/{onmainwindow.cpp,session{button,widget}.{cpp,h}}: add support for
LXQt. Fixes: #1263.
+ - src/sshmasterconnection.cpp: stop libssh/OpenSSL from querying for a
+ passphrase if started with a controlling terminal.
-- X2Go Release Manager <git-admin at x2go.org> Thu, 15 Feb 2018 22:01:32 +0100
diff --git a/src/sshmasterconnection.cpp b/src/sshmasterconnection.cpp
index 0772f3f..7c2f91b 100644
--- a/src/sshmasterconnection.cpp
+++ b/src/sshmasterconnection.cpp
@@ -1407,7 +1407,18 @@ bool SshMasterConnection::userAuthWithKey()
#if LIBSSH_VERSION_INT >= SSH_VERSION_INT (0, 6, 0)
ssh_key priv_key = { 0 };
- int rc = ssh_pki_import_privkey_file (tmp_ba.data (), NULL, NULL, NULL, &priv_key);
+ /*
+ * Passing an empty string as a passphrase parameter is a workaround for inconsistent
+ * behavior in libssh:
+ * - compiled with OpenSSL, libssh lets OpenSSL query the passphrase if the
+ * application has a controlling terminal connected
+ * - compiled with libgcrypt, this never happens
+ *
+ * We do not want to break user experience by having libssh/OpenSSL query for the
+ * passphrase on a terminal (and the client not reacting to any input while this
+ * happens), so work around this inconsistency by providing an empty passphrase.
+ */
+ int rc = ssh_pki_import_privkey_file (tmp_ba.data (), "", NULL, NULL, &priv_key);
if (SSH_EOF == rc) {
x2goDebug << "Failed to get private key from " << keyName << "; file does not exist.";
--
Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2goclient.git
More information about the x2go-commits
mailing list