summaryrefslogtreecommitdiffstats
path: root/applnk/tde-settings-security.directory
diff options
context:
space:
mode:
authorAlexander Golubev <fatzer2@gmail.com>2024-01-29 20:56:34 +0300
committerTDE Gitea <gitea@mirror.git.trinitydesktop.org>2024-03-04 11:04:11 +0000
commit95b18e63382c4f0013c4eb2473d04f6020a84b7a (patch)
treeb6426555411ce748d357fd60603148820fad7e95 /applnk/tde-settings-security.directory
parent4d88b3edddc46ab56e773c4c73cd29b3292b3181 (diff)
downloadtdebase-95b18e63382c4f0013c4eb2473d04f6020a84b7a.tar.gz
tdebase-95b18e63382c4f0013c4eb2473d04f6020a84b7a.zip
tdeioslave/sftp: save/restore seqNr for multi-factor auth
In case the server is set up for multi-factor authentication we could be have to query several things from the user like password, a key passphrase, their mother's maiden name etc. It doesn't make a big difference during an initial connection, but it butchers the reconnection process: it can retrieve the answer of the user to the first question (e.g. their password), but it fails to retrieve the second one (e.g. the key passphrase). So the user would be forced to reenter the answer for the second question upon each reconnection. The reason for this is the passwdserver's desig (see DESIGN [1]): Each query for AuthInfo with the openPassDlg() has an secNr number associated with it. If it's smaller than the one of the one stored for the privious request, than the one from the cache will be returned automagically, if it's bigger the dialog will be prompted to the user. Each call to openPassDlg() advances s_seqNr to the last value reported by the passwdserver. So the first call will return the cached value and subsequent calls will actually display the dialog to the user (assuming authentication with the cached data failed). But in case of multi-factor auth we have to query user for several independent values. And we want to try to retrieve each one of those from the cache. So we have to get a bit hacky and manually manipulate the SlaveBase::s_seqNr value. [1]: https://mirror.git.trinitydesktop.org/gitea/TDE/tdelibs/src/branch/master/tdeio/kpasswdserver/DESIGN Signed-off-by: Alexander Golubev <fatzer2@gmail.com>
Diffstat (limited to 'applnk/tde-settings-security.directory')
0 files changed, 0 insertions, 0 deletions