archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fine tuned password handling as we were getting false positives, probably caused by other changes up the stack that now call these functions in more cases.

Browse Source
pull/11900/head
Brian Coca 9 years ago
parent 6fcfebd21d
commit dbab703265
2 changed files with 28 additions and 10 deletions
Show Stats Download Patch File Download Diff File

20
lib/ansible/plugins/connections/paramiko_ssh.py
Unescape Escape View File

@ -230,23 +230,29 @@ class Connection(ConnectionBase):
chan.exec_command(cmd) chan.exec_command(cmd)
if self._play_context.prompt: if self._play_context.prompt:
if self._play_context.become and self._play_context.become_pass: if self._play_context.become and self._play_context.become_pass:
passprompt = False
while True: while True:
self._display.debug('Waiting for Privilege Escalation input') self._display.debug('Waiting for Privilege Escalation input')
if self.check_become_success(become_output) or self.check_password_prompt(become_output): if self.check_become_success(become_output):
break break
elif self.check_password_prompt(become_output):
passprompt = True
break
chunk = chan.recv(bufsize) chunk = chan.recv(bufsize)
self._display.debug("chunk is: %s" % chunk) self._display.debug("chunk is: %s" % chunk)
if not chunk: if not chunk:
if 'unknown user' in become_output: if 'unknown user' in become_output:
raise AnsibleError( raise AnsibleError( 'user %s does not exist' % become_user)
'user %s does not exist' % become_user)
else: else:
raise AnsibleError('ssh connection ' + break
'closed waiting for password prompt') #raise AnsibleError('ssh connection closed waiting for password prompt')
become_output += chunk become_output += chunk
if not self.check_become_success(become_output): if passprompt:
if self._play_context.become: if self._play_context.become and self._play_context.become_pass:
chan.sendall(self._play_context.become_pass + '\n') chan.sendall(self._play_context.become_pass + '\n')
else:
raise AnsibleError("A password is reqired but none was supplied")
else: else:
no_prompt_out += become_output no_prompt_out += become_output
no_prompt_err += become_output no_prompt_err += become_output

18
lib/ansible/plugins/connections/ssh.py
Unescape Escape View File

@ -371,11 +371,19 @@ class Connection(ConnectionBase):
become_output = '' become_output = ''
become_errput = '' become_errput = ''
passprompt = False
while True: while True:
self._display.debug('Waiting for Privilege Escalation input') self._display.debug('Waiting for Privilege Escalation input')
if self.check_become_success(become_output + become_errput) or self.check_password_prompt(become_output + become_errput):
if self.check_become_success(become_output + become_errput):
self._display.debug('Succeded!')
break
elif self.check_password_prompt(become_output) or self.check_password_prompt(become_errput):
self._display.debug('Password prompt!')
passprompt = True
break break
self._display.debug('Read next chunks')
rfd, wfd, efd = select.select([p.stdout, p.stderr], [], [p.stdout], self._play_context.timeout) rfd, wfd, efd = select.select([p.stdout, p.stderr], [], [p.stdout], self._play_context.timeout)
if not rfd: if not rfd:
# timeout. wrap up process communication # timeout. wrap up process communication
@ -385,16 +393,20 @@ class Connection(ConnectionBase):
elif p.stderr in rfd: elif p.stderr in rfd:
chunk = p.stderr.read() chunk = p.stderr.read()
become_errput += chunk become_errput += chunk
self._display.debug('stderr chunk is: %s' % chunk)
self.check_incorrect_password(become_errput) self.check_incorrect_password(become_errput)
elif p.stdout in rfd: elif p.stdout in rfd:
chunk = p.stdout.read() chunk = p.stdout.read()
become_output += chunk become_output += chunk
self._display.debug('stdout chunk is: %s' % chunk)
if not chunk: if not chunk:
raise AnsibleError('Connection closed waiting for privilege escalation password prompt: %s ' % become_output) break
#raise AnsibleError('Connection closed waiting for privilege escalation password prompt: %s ' % become_output)
if not self.check_become_success(become_output + become_errput): if passprompt:
self._display.debug("Sending privilege escalation password.") self._display.debug("Sending privilege escalation password.")
stdin.write(self._play_context.become_pass + '\n') stdin.write(self._play_context.become_pass + '\n')
else: else:

Write Preview
Loading…
Cancel
Save