Improve handling of HTTP 401 Unauthorized, add gating.yaml
Resolves: #2127416
This commit is contained in:
parent
5cd3e77ce6
commit
a3d2e647f4
6
gating.yaml
Normal file
6
gating.yaml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
--- !Policy
|
||||||
|
product_versions:
|
||||||
|
- rhel-9
|
||||||
|
decision_context: osci_compose_gate
|
||||||
|
rules:
|
||||||
|
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}
|
127
http-unauthorized-improve.patch
Normal file
127
http-unauthorized-improve.patch
Normal file
@ -0,0 +1,127 @@
|
|||||||
|
diff -up wsmancli-2.6.0/src/wsman.c.orig wsmancli-2.6.0/src/wsman.c
|
||||||
|
--- wsmancli-2.6.0/src/wsman.c.orig 2015-06-11 10:50:04.000000000 +0200
|
||||||
|
+++ wsmancli-2.6.0/src/wsman.c 2022-11-28 10:29:08.644509669 +0100
|
||||||
|
@@ -63,7 +63,11 @@ static char *cert = NULL;
|
||||||
|
static char *sslkey = NULL;
|
||||||
|
static char *endpoint = NULL;
|
||||||
|
static char *username = NULL;
|
||||||
|
+static char *username_given = NULL; /* copy of either the username from env or cmdline*/
|
||||||
|
+static char *username_prev = NULL; /* input username to request_usr_pwd() when called last time */
|
||||||
|
static char *password = NULL;
|
||||||
|
+static char *password_given = NULL; /* copy of either the password from env or cmdline */
|
||||||
|
+static char *password_prev = NULL; /* input password to request_usr_pwd() when called last time */
|
||||||
|
static char *server = "localhost";
|
||||||
|
static char *agent = NULL;
|
||||||
|
static char *url_path = NULL;
|
||||||
|
@@ -495,28 +499,79 @@ request_usr_pwd( WsManClient *client, ws
|
||||||
|
char user[21];
|
||||||
|
char *p;
|
||||||
|
|
||||||
|
- fprintf(stdout,"Authentication failed, please retry\n");
|
||||||
|
- /*
|
||||||
|
- fprintf(stdout, "%s authentication is used\n",
|
||||||
|
- wsmc_transport_get_auth_name( auth));
|
||||||
|
- */
|
||||||
|
- printf("User name: ");
|
||||||
|
- fflush(stdout);
|
||||||
|
- if ( (p = fgets(user, 20, stdin) ) != NULL )
|
||||||
|
- {
|
||||||
|
-
|
||||||
|
- if (strchr(user, '\n'))
|
||||||
|
- (*(strchr(user, '\n'))) = '\0';
|
||||||
|
- *username = u_strdup_printf ("%s", user);
|
||||||
|
- } else {
|
||||||
|
- *username = NULL;
|
||||||
|
+ /*
|
||||||
|
+ * fprintf(stdout,"Authentication failed, please retry\n");
|
||||||
|
+ *
|
||||||
|
+ * this message shall not be printed by this function as it cannot decide on the
|
||||||
|
+ * reason it was called for. It does not control the authentication process.
|
||||||
|
+ * wsmc_handler is better suited for such a decision making.
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+ if (username_given) {
|
||||||
|
+ if (password_given) {
|
||||||
|
+ /* Initially provided combination of password and username is not valid.
|
||||||
|
+ * Request user to type both. Here I assume, that wsmc_handler called back to
|
||||||
|
+ * this function after trying a first authentication using these credentials.
|
||||||
|
+ */
|
||||||
|
+ } else {
|
||||||
|
+ /* Initially no password was provided => no authentication tried during first
|
||||||
|
+ * iteration of while loop in wsmc_handler. Check previously typed credentials
|
||||||
|
+ */
|
||||||
|
+ if (username_prev) {
|
||||||
|
+ /* This is a second call of this function, assuming only wsmc_handler is using it
|
||||||
|
+ * as a callback function. Therefore, there must have been a previous attempt to
|
||||||
|
+ * authenticate, but this previous combination of username and password did not
|
||||||
|
+ * lead to a successful authentication. Request new credentials, username_prev will
|
||||||
|
+ * be set each time after user has provided a username.
|
||||||
|
+ */
|
||||||
|
+ } else {
|
||||||
|
+ /* First time wsmc_handler calls back to this function. No password given on the
|
||||||
|
+ * command line or via the environment variable. Therefore wsmc_handler cannot
|
||||||
|
+ * have tried http authentication. A username was given on the command line or
|
||||||
|
+ * via an environment variable. And the user wants us to try this name at least
|
||||||
|
+ * at first. So, let's do him a favour and use it. When we are called back again,
|
||||||
|
+ * we will ask the user to provide a new name or the same, but a different password.
|
||||||
|
+ */
|
||||||
|
+ *username = u_strdup(username_given);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (*username == NULL) {
|
||||||
|
+ printf("User name: ");
|
||||||
|
+ fflush(stdout);
|
||||||
|
+ if ( (p = fgets(user, 20, stdin) ) != NULL )
|
||||||
|
+ {
|
||||||
|
+ if (strchr(user, '\n'))
|
||||||
|
+ (*(strchr(user, '\n'))) = '\0';
|
||||||
|
+ *username = u_strdup_printf ("%s", user);
|
||||||
|
+ } else {
|
||||||
|
+ *username = NULL;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ /* after successfull receipt of a new username, store a copy at username_prev */
|
||||||
|
+ if (*username) {
|
||||||
|
+ if ( username_prev ) {
|
||||||
|
+ u_free(username_prev);
|
||||||
|
+ username_prev = NULL;
|
||||||
|
+ }
|
||||||
|
+ username_prev = u_strdup(*username);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ /* but always ask for the password !? */
|
||||||
|
pw = (char *)getpass("Password: ");
|
||||||
|
*password = u_strdup_printf ("%s", pw);
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
|
||||||
|
+ /* make backup, *password will become free'd when next try of http-auth fails */
|
||||||
|
+ if (*password) {
|
||||||
|
+ if (password_prev) {
|
||||||
|
+ u_free(password_prev);
|
||||||
|
+ password_prev = NULL;
|
||||||
|
+ }
|
||||||
|
+ password_prev = u_strdup(*password);
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
|
||||||
|
static void
|
||||||
|
wsman_options_set_properties(client_opt_t *options)
|
||||||
|
@@ -647,6 +702,14 @@ int main(int argc, char **argv)
|
||||||
|
exit(EXIT_FAILURE);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ /* save copies of username or password when given on the command line or via environment variables */
|
||||||
|
+ if ( username != NULL ) {
|
||||||
|
+ username_given = u_strdup(username);
|
||||||
|
+ }
|
||||||
|
+ if ( password != NULL ) {
|
||||||
|
+ password_given = u_strdup(password);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
filename = (char *) config_file;
|
||||||
|
|
||||||
|
if (filename) {
|
@ -1,6 +1,6 @@
|
|||||||
Name: wsmancli
|
Name: wsmancli
|
||||||
Version: 2.6.0
|
Version: 2.6.0
|
||||||
Release: 15%{?dist}
|
Release: 16%{?dist}
|
||||||
License: BSD
|
License: BSD
|
||||||
Url: http://www.openwsman.org/
|
Url: http://www.openwsman.org/
|
||||||
# You can get this tarball here:
|
# You can get this tarball here:
|
||||||
@ -14,6 +14,7 @@ BuildRequires: openwsman-devel >= 2.1.0 pkgconfig curl-devel
|
|||||||
BuildRequires: autoconf automake libtool
|
BuildRequires: autoconf automake libtool
|
||||||
Requires: openwsman curl
|
Requires: openwsman curl
|
||||||
Patch0: missing-pthread-symbols.patch
|
Patch0: missing-pthread-symbols.patch
|
||||||
|
Patch1: http-unauthorized-improve.patch
|
||||||
Summary: WS-Management-Command line Interface
|
Summary: WS-Management-Command line Interface
|
||||||
|
|
||||||
%description
|
%description
|
||||||
@ -23,6 +24,7 @@ systems using Web Services Management protocol.
|
|||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
%patch0 -p1
|
%patch0 -p1
|
||||||
|
%patch1 -p1 -b .http-unauthorized-improve
|
||||||
cp -fp %SOURCE1 %SOURCE2 %SOURCE3 .;
|
cp -fp %SOURCE1 %SOURCE2 %SOURCE3 .;
|
||||||
|
|
||||||
%build
|
%build
|
||||||
@ -41,6 +43,10 @@ make DESTDIR=%{buildroot} install
|
|||||||
%doc COPYING README AUTHORS
|
%doc COPYING README AUTHORS
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Nov 28 2022 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.6.0-16
|
||||||
|
- Improve handling of HTTP 401 Unauthorized
|
||||||
|
Resolves: #2127416
|
||||||
|
|
||||||
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 2.6.0-15
|
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 2.6.0-15
|
||||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||||
Related: rhbz#1991688
|
Related: rhbz#1991688
|
||||||
|
Loading…
Reference in New Issue
Block a user