Fix several problems in algorithm of deriving key filename from a prompt message supplied by ssh-add

Review Request #127569 - Created April 4, 2016 and submitted

Information
Mikhail Yakshin
ksshaskpass
master
Reviewers
jriddell, lueck, mlaurent, whiting

Fix an algorithm of deriving key filename from a prompt message
supplied by ssh-add: should fix problems with spaces in key file
names, using -c option of ssh-add and fix extra space in KWallet
key name.

Obviously, it's a bad thing to do (especially given that nobody
guarantees that ssh-add won't use another set of messages someday or
it will be i18ned), but (1) there seem to be no workaround for it as
of now, (2) current version of ksshaskpass relies on it anyway, (3)
the algorithm is very broken.

Current algorithm relies on splitting a prompt string by spaces and
extracting certain nth fragment, counting from the end of
sequence. There are several major issues with it:

  • When using ssh-add -c, the message would be Enter passphrase for /home/user/path/to/key (will confirm each use):, thus current
    algorithm will extract use) as a key file name, which is
    obviously wrong. It's a hideous bug that goes unnoticed for the
    majority of the people who either (a) do not use -c option, or (b)
    do not use more than 1 ssh key.
  • Splitting by spaces obviously breaks on key filename that contain
    spaces. Again, it mostly goes unnoticed by vast majority of the
    users.
  • It generates extra space at the end of key filename, i.e. it
    generates /home/user/.ssh/id_rsa instead of
    /home/user/.ssh/id_rsa. Not critical, but undermines efforts to
    get key passphrase by filename in KWallet.

Proposed algorithm is clearly extracted in a distinct function and
clearly analyses 3 cases by rigid regexp patterns. In case if regexps
would fail, it issues a warning (seems like a good idea, so at least
it won't go completely unnoticed if it will break in future).

Tested it with all inputs that seem to be generated by ssh-add:

  • Enter passphrase for /home/user with space/.ssh/id_dsa (will confirm each use):
  • Bad passphrase, try again for /home/user with space/.ssh/id_dsa (will confirm each use):
  • Enter passphrase for /home/user with space/.ssh/id_dsa:
  • Bad passphrase, try again for /home/user with space/.ssh/id_dsa:

Files


Mikhail Yakshin
Jeremy Whiting
Burkhard Lück
Albert Astals Cid
Mikhail Yakshin
Review request changed

Status: Closed (submitted)

Change Summary:

Submitted with commit 9dbabcb38862c1590503169be3ae7806e6673dba by Albert Astals Cid on behalf of Mikhail Yakshin to branch Plasma/5.9.
Loading...