archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fine tuned password handling as we were getting false positives, probably caused by other changes up the stack that now call these functions in more cases.

Browse Source
pull/11900/head
Brian Coca 9 years ago
parent 6fcfebd21d
commit dbab703265
2 changed files with 28 additions and 10 deletions
Show Stats Download Patch File Download Diff File

20
lib/ansible/plugins/connections/paramiko_ssh.py
Unescape Escape View File

@ -230,23 +230,29 @@ class Connection(ConnectionBase):
chan.exec_command(cmd)
if self._play_context.prompt:
if self._play_context.become and self._play_context.become_pass:
passprompt = False
while True:
self._display.debug('Waiting for Privilege Escalation input')
if self.check_become_success(become_output) or self.check_password_prompt(become_output):
if self.check_become_success(become_output):
break
elif self.check_password_prompt(become_output):
passprompt = True
break
chunk = chan.recv(bufsize)
self._display.debug("chunk is: %s" % chunk)
if not chunk:
if 'unknown user' in become_output:
raise AnsibleError(
'user %s does not exist' % become_user)
raise AnsibleError( 'user %s does not exist' % become_user)
else:
raise AnsibleError('ssh connection ' +
'closed waiting for password prompt')
break
#raise AnsibleError('ssh connection closed waiting for password prompt')
become_output += chunk
if not self.check_become_success(become_output):
if self._play_context.become:
if passprompt:
if self._play_context.become and self._play_context.become_pass:
chan.sendall(self._play_context.become_pass + '\n')
else:
raise AnsibleError("A password is reqired but none was supplied")
else:
no_prompt_out += become_output
no_prompt_err += become_output

18
lib/ansible/plugins/connections/ssh.py
Unescape Escape View File

@ -371,11 +371,19 @@ class Connection(ConnectionBase):
become_output = ''
become_errput = ''
passprompt = False
while True:
self._display.debug('Waiting for Privilege Escalation input')
if self.check_become_success(become_output + become_errput) or self.check_password_prompt(become_output + become_errput):
if self.check_become_success(become_output + become_errput):
self._display.debug('Succeded!')
break
elif self.check_password_prompt(become_output) or self.check_password_prompt(become_errput):
self._display.debug('Password prompt!')
passprompt = True
break
self._display.debug('Read next chunks')
rfd, wfd, efd = select.select([p.stdout, p.stderr], [], [p.stdout], self._play_context.timeout)
if not rfd:
# timeout. wrap up process communication
@ -385,16 +393,20 @@ class Connection(ConnectionBase):
elif p.stderr in rfd:
chunk = p.stderr.read()
become_errput += chunk
self._display.debug('stderr chunk is: %s' % chunk)
self.check_incorrect_password(become_errput)
elif p.stdout in rfd:
chunk = p.stdout.read()
become_output += chunk
self._display.debug('stdout chunk is: %s' % chunk)
if not chunk:
raise AnsibleError('Connection closed waiting for privilege escalation password prompt: %s ' % become_output)
break
#raise AnsibleError('Connection closed waiting for privilege escalation password prompt: %s ' % become_output)
if not self.check_become_success(become_output + become_errput):
if passprompt:
self._display.debug("Sending privilege escalation password.")
stdin.write(self._play_context.become_pass + '\n')
else:

Write Preview
Loading…
Cancel
Save