fine tuned password handling as we were getting false positives, probably caused by other changes up the stack that now call these functions in more cases.

pull/11900/head
Brian Coca 9 years ago
parent 6fcfebd21d
commit dbab703265

@ -230,23 +230,29 @@ class Connection(ConnectionBase):
chan.exec_command(cmd) chan.exec_command(cmd)
if self._play_context.prompt: if self._play_context.prompt:
if self._play_context.become and self._play_context.become_pass: if self._play_context.become and self._play_context.become_pass:
passprompt = False
while True: while True:
self._display.debug('Waiting for Privilege Escalation input') self._display.debug('Waiting for Privilege Escalation input')
if self.check_become_success(become_output) or self.check_password_prompt(become_output): if self.check_become_success(become_output):
break break
elif self.check_password_prompt(become_output):
passprompt = True
break
chunk = chan.recv(bufsize) chunk = chan.recv(bufsize)
self._display.debug("chunk is: %s" % chunk) self._display.debug("chunk is: %s" % chunk)
if not chunk: if not chunk:
if 'unknown user' in become_output: if 'unknown user' in become_output:
raise AnsibleError( raise AnsibleError( 'user %s does not exist' % become_user)
'user %s does not exist' % become_user)
else: else:
raise AnsibleError('ssh connection ' + break
'closed waiting for password prompt') #raise AnsibleError('ssh connection closed waiting for password prompt')
become_output += chunk become_output += chunk
if not self.check_become_success(become_output): if passprompt:
if self._play_context.become: if self._play_context.become and self._play_context.become_pass:
chan.sendall(self._play_context.become_pass + '\n') chan.sendall(self._play_context.become_pass + '\n')
else:
raise AnsibleError("A password is reqired but none was supplied")
else: else:
no_prompt_out += become_output no_prompt_out += become_output
no_prompt_err += become_output no_prompt_err += become_output

@ -371,11 +371,19 @@ class Connection(ConnectionBase):
become_output = '' become_output = ''
become_errput = '' become_errput = ''
passprompt = False
while True: while True:
self._display.debug('Waiting for Privilege Escalation input') self._display.debug('Waiting for Privilege Escalation input')
if self.check_become_success(become_output + become_errput) or self.check_password_prompt(become_output + become_errput):
if self.check_become_success(become_output + become_errput):
self._display.debug('Succeded!')
break
elif self.check_password_prompt(become_output) or self.check_password_prompt(become_errput):
self._display.debug('Password prompt!')
passprompt = True
break break
self._display.debug('Read next chunks')
rfd, wfd, efd = select.select([p.stdout, p.stderr], [], [p.stdout], self._play_context.timeout) rfd, wfd, efd = select.select([p.stdout, p.stderr], [], [p.stdout], self._play_context.timeout)
if not rfd: if not rfd:
# timeout. wrap up process communication # timeout. wrap up process communication
@ -385,16 +393,20 @@ class Connection(ConnectionBase):
elif p.stderr in rfd: elif p.stderr in rfd:
chunk = p.stderr.read() chunk = p.stderr.read()
become_errput += chunk become_errput += chunk
self._display.debug('stderr chunk is: %s' % chunk)
self.check_incorrect_password(become_errput) self.check_incorrect_password(become_errput)
elif p.stdout in rfd: elif p.stdout in rfd:
chunk = p.stdout.read() chunk = p.stdout.read()
become_output += chunk become_output += chunk
self._display.debug('stdout chunk is: %s' % chunk)
if not chunk: if not chunk:
raise AnsibleError('Connection closed waiting for privilege escalation password prompt: %s ' % become_output) break
#raise AnsibleError('Connection closed waiting for privilege escalation password prompt: %s ' % become_output)
if not self.check_become_success(become_output + become_errput): if passprompt:
self._display.debug("Sending privilege escalation password.") self._display.debug("Sending privilege escalation password.")
stdin.write(self._play_context.become_pass + '\n') stdin.write(self._play_context.become_pass + '\n')
else: else:

Loading…
Cancel
Save