fine tuned password handling as we were getting false positives, probably caused by other changes up the stack that now call these functions in more cases.
This commit is contained in:
Brian Coca
parent
6fcfebd21d
commit
dbab703265
2 changed files with 28 additions and 10 deletions
|
|
@ -230,23 +230,29 @@ class Connection(ConnectionBase):
|
|||
chan.exec_command(cmd)
|
||||
if self._play_context.prompt:
|
||||
if self._play_context.become and self._play_context.become_pass:
|
||||
passprompt = False
|
||||
while True:
|
||||
self._display.debug('Waiting for Privilege Escalation input')
|
||||
if self.check_become_success(become_output) or self.check_password_prompt(become_output):
|
||||
if self.check_become_success(become_output):
|
||||
break
|
||||
elif self.check_password_prompt(become_output):
|
||||
passprompt = True
|
||||
break
|
||||
|
||||
chunk = chan.recv(bufsize)
|
||||
self._display.debug("chunk is: %s" % chunk)
|
||||
if not chunk:
|
||||
if 'unknown user' in become_output:
|
||||
raise AnsibleError(
|
||||
'user %s does not exist' % become_user)
|
||||
raise AnsibleError( 'user %s does not exist' % become_user)
|
||||
else:
|
||||
raise AnsibleError('ssh connection ' +
|
||||
'closed waiting for password prompt')
|
||||
break
|
||||
#raise AnsibleError('ssh connection closed waiting for password prompt')
|
||||
become_output += chunk
|
||||
if not self.check_become_success(become_output):
|
||||
if self._play_context.become:
|
||||
if passprompt:
|
||||
if self._play_context.become and self._play_context.become_pass:
|
||||
chan.sendall(self._play_context.become_pass + '\n')
|
||||
else:
|
||||
raise AnsibleError("A password is reqired but none was supplied")
|
||||
else:
|
||||
no_prompt_out += become_output
|
||||
no_prompt_err += become_output
|
||||
|
|
|
|||
|
|
@ -371,11 +371,19 @@ class Connection(ConnectionBase):
|
|||
|
||||
become_output = ''
|
||||
become_errput = ''
|
||||
passprompt = False
|
||||
while True:
|
||||
self._display.debug('Waiting for Privilege Escalation input')
|
||||
if self.check_become_success(become_output + become_errput) or self.check_password_prompt(become_output + become_errput):
|
||||
|
||||
if self.check_become_success(become_output + become_errput):
|
||||
self._display.debug('Succeded!')
|
||||
break
|
||||
elif self.check_password_prompt(become_output) or self.check_password_prompt(become_errput):
|
||||
self._display.debug('Password prompt!')
|
||||
passprompt = True
|
||||
break
|
||||
|
||||
self._display.debug('Read next chunks')
|
||||
rfd, wfd, efd = select.select([p.stdout, p.stderr], [], [p.stdout], self._play_context.timeout)
|
||||
if not rfd:
|
||||
# timeout. wrap up process communication
|
||||
|
|
@ -385,16 +393,20 @@ class Connection(ConnectionBase):
|
|||
elif p.stderr in rfd:
|
||||
chunk = p.stderr.read()
|
||||
become_errput += chunk
|
||||
self._display.debug('stderr chunk is: %s' % chunk)
|
||||
self.check_incorrect_password(become_errput)
|
||||
|
||||
elif p.stdout in rfd:
|
||||
chunk = p.stdout.read()
|
||||
become_output += chunk
|
||||
self._display.debug('stdout chunk is: %s' % chunk)
|
||||
|
||||
|
||||
if not chunk:
|
||||
raise AnsibleError('Connection closed waiting for privilege escalation password prompt: %s ' % become_output)
|
||||
break
|
||||
#raise AnsibleError('Connection closed waiting for privilege escalation password prompt: %s ' % become_output)
|
||||
|
||||
if not self.check_become_success(become_output + become_errput):
|
||||
if passprompt:
|
||||
self._display.debug("Sending privilege escalation password.")
|
||||
stdin.write(self._play_context.become_pass + '\n')
|
||||
else:
|
||||
|
|
|
|||
Loading…
Reference in a new issue