Review Request: More kio_sftp login related fixes

Sat Apr 21 13:03:34 BST 2012

> On April 21, 2012, 9:05 a.m., Andreas Schneider wrote:
> > Did you also test if keyboard-interactive still works correctly?

No, because I do not even know how to enable that functionality in my ssh config and was lazy to search and find out. Just looking at the code though I immediately see a problem where it sets the error message in the first dialog box which will cause the retry dialog to be shown. I dunno if that was intentional, but it is wrong. The user will not only see the message sent from the ioslave, but also gets the question "Do you want to retry?".

BTW, I take back what I stated in the description of problem #1. It is not my last patch that caused the bug. It is there prior to my patch as well since I checked out and tested v4.8.0 to see if that was the case. Anyhow, I can try to see if I can figure out how to enable keyboard interactive mode and test that too. 

For the record I did not actually set out to fix these issues in kio_sftp. It resulted from my work on fixing problems in kpasswdserver. I needed someway to test those changes and the ssh server happens to be something that is already up and running on my system. Lucky kio_sftp. ;)

- Dawit

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://git.reviewboard.kde.org/r/104642/#review12748
-----------------------------------------------------------

On April 17, 2012, 7:16 a.m., Dawit Alemayehu wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://git.reviewboard.kde.org/r/104642/
> -----------------------------------------------------------
> 
> (Updated April 17, 2012, 7:16 a.m.)
> 
> 
> Review request for KDE Runtime and Andreas Schneider.
> 
> 
> Description
> -------
> 
> This is the last one of the sftp login fixes series and addresses the following problems:    
> 
> #1. Correctly handle login failure that results from a different username being used when setting the 
> SSH_OPTIONS_USER option and calling ssh_userauth_password. I think this might have been due to
> a regression caused by my previous patch. Nonetheless, this patch addresses it.
> 
> #2. Changed public key authentication so that incorrect public key passwords generate a retry dialog
> instead of simply continuing to the next available authentication method.
> 
> 
> Diffs
> -----
> 
>   kioslave/sftp/kio_sftp.h f497c0b 
>   kioslave/sftp/kio_sftp.cpp e38c629 
> 
> Diff: http://git.reviewboard.kde.org/r/104642/diff/
> 
> 
> Testing
> -------
> 
> Testing for #1:
> ===========
> 1.) Make sure a ssh server is running on your system.
> 2.) Attempt to login into your system: sftp://127.0.0.1.
> 3.) When prompted for credentials, enter a user name other than the currently logged in user.
> 
> Current Behavior:
> Login attempt will simply fail eventually and and error page is displayed.
> 
> New (Fixed) Behavior:
> Successfully log into the server with the specified user name.
> 
> 
> Testing for #2:
> ===========
> 1.) Create a ssh key with password protection and add it to the authorized_keys file.
> 2.) Make sure the ssh public key is in your .ssh directory.
> 3.) Attempt to login into your system: sftp://127.0.0.1
> 4.) When prompted for the passpharse for the key, enter a bogus password. 
> 
> Current behavior:
> No retry dialog is ever shown for an invalid or improper ssh key passphrase and the process simply moves on to the next authentication method.
> 
> New(Fixed) behavior:
> Show a retry dialog if the failure is due to invalid password. If the user then presses cancel on the retry dialog, simply behave the same way as if the cancel button is pressed on the password dialog. That is continue onto the next authentication method.
> 
> 
> Thanks,
> 
> Dawit Alemayehu
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20120421/feb19fff/attachment.htm>