github
/
teleport
mirror of https://github.com/tp4a/teleport
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

修正:数据库升级时,sqlite未能正确判断。

pull/32/head
Apex Liu 2017-06-06 20:57:03 +08:00
parent 53889c4592
commit 833ac9deb6
3 changed files with 63 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
server/tp_core/protocol/ssh/ssh_session.cpp
View File

@ -309,59 +309,72 @@ int SshSession::_on_auth_password_request(ssh_session session, const char *user,
return SSH_AUTH_ERROR;
}
// 检查服务端支持的认证协议
ssh_userauth_none(_this->m_srv_session, NULL);
// int auth_methods = ssh_userauth_list(_this->m_srv_session, NULL);
// // 检查服务端支持的认证协议
// rc = ssh_userauth_none(_this->m_srv_session, NULL);
// if (rc == SSH_AUTH_ERROR) {
// EXLOGE("[ssh] invalid password for password mode to login to real SSH server %s:%d.\n", _this->m_server_ip.c_str(), _this->m_server_port);
// _this->m_have_error = true;
// _this->m_retcode = SESS_STAT_ERR_AUTH_DENIED;
// return SSH_AUTH_ERROR;
// }
// // int auth_methods = ssh_userauth_list(_this->m_srv_session, NULL);
// const char* banner = ssh_get_issue_banner(_this->m_srv_session);
// if (NULL != banner) {
// EXLOGE("[ssh] issue banner: %s\n", banner);
// }
if (_this->m_auth_mode == TS_AUTH_MODE_PASSWORD) {
rc = ssh_userauth_password(_this->m_srv_session, NULL, _this->m_user_auth.c_str());
// //rc = ssh_userauth_password(_this->m_srv_session, NULL, _this->m_user_auth.c_str());
// rc = SSH_AUTH_DENIED;
// if (rc == SSH_AUTH_SUCCESS) {
// _this->m_is_logon = true;
// return SSH_AUTH_SUCCESS;
// }
// else if (rc == SSH_AUTH_ERROR) {
// EXLOGE("[ssh] invalid password for password mode to login to real SSH server %s:%d.\n", _this->m_server_ip.c_str(), _this->m_server_port);
// _this->m_have_error = true;
// _this->m_retcode = SESS_STAT_ERR_AUTH_DENIED;
// return SSH_AUTH_ERROR;
// }
// 优先尝试交互式登录SSHv2推荐
rc = ssh_userauth_kbdint(_this->m_srv_session, NULL, NULL);
while(rc == SSH_AUTH_INFO) {
int nprompts = ssh_userauth_kbdint_getnprompts(_this->m_srv_session);
for (int iprompt = 0; iprompt < nprompts; ++iprompt) {
char echo = 0;
const char* prompt = ssh_userauth_kbdint_getprompt(session, iprompt, &echo);
EXLOGV("[ssh] interactive login prompt: %s\n", prompt);
rc = ssh_userauth_kbdint_setanswer(_this->m_srv_session, 0, _this->m_user_auth.c_str());
if (rc < 0) {
EXLOGE("[ssh] invalid password for interactive mode to login to real SSH server %s:%d.\n", _this->m_server_ip.c_str(), _this->m_server_port);
_this->m_have_error = true;
_this->m_retcode = SESS_STAT_ERR_AUTH_DENIED;
return SSH_AUTH_ERROR;
}
}
}
if (rc == SSH_AUTH_SUCCESS) {
EXLOGW("[ssh] logon with keyboard interactive mode.\n");
_this->m_is_logon = true;
return SSH_AUTH_SUCCESS;
}
else if (rc == SSH_AUTH_ERROR) {
EXLOGE("[ssh] invalid password for password mode to login to real SSH server %s:%d.\n", _this->m_server_ip.c_str(), _this->m_server_port);
_this->m_have_error = true;
_this->m_retcode = SESS_STAT_ERR_AUTH_DENIED;
return SSH_AUTH_ERROR;
else {
EXLOGD("[ssh] failed to login with keyboard interactive mode, got %d, try password mode.\n", rc);
}
// 可能远程主机不允许用密码登录,试试交互式登录
for (;;) {
rc = ssh_userauth_kbdint(_this->m_srv_session, NULL, NULL);
if (rc != SSH_AUTH_INFO) {
EXLOGE("[ssh] try ssh interactive login failed at init, errcode=%d.\n", rc);
break;
}
if (ssh_userauth_kbdint_getnprompts(_this->m_srv_session) != 1) {
EXLOGE("[ssh] ssh interactive login, prompt count not 1.\n");
break;
}
rc = ssh_userauth_kbdint_setanswer(_this->m_srv_session, 0, _this->m_user_auth.c_str());
if (rc != SSH_AUTH_SUCCESS) {
EXLOGE("[ssh] invalid password for interactive mode to login to real SSH server %s:%d.\n", _this->m_server_ip.c_str(), _this->m_server_port);
_this->m_have_error = true;
_this->m_retcode = SESS_STAT_ERR_AUTH_DENIED;
return SSH_AUTH_ERROR;
}
// 有时候服务端会再发一个空的提示来完成交互
rc = ssh_userauth_kbdint(_this->m_srv_session, NULL, NULL);
if (rc == SSH_AUTH_INFO) {
if (ssh_userauth_kbdint_getnprompts(_this->m_srv_session) != 0)
break;
rc = ssh_userauth_kbdint(_this->m_srv_session, NULL, NULL);
if (rc < 0)
break;
}
if (rc == SSH_AUTH_SUCCESS) {
_this->m_is_logon = true;
return SSH_AUTH_SUCCESS;
}
break;
// 不支持交互式登录,则尝试密码方式
rc = ssh_userauth_password(_this->m_srv_session, NULL, _this->m_user_auth.c_str());
if (rc == SSH_AUTH_SUCCESS) {
EXLOGW("[ssh] logon with password mode.\n");
_this->m_is_logon = true;
return SSH_AUTH_SUCCESS;
}
else {
EXLOGD("[ssh] failed to login with password mode, got %d.\n", rc);
}
EXLOGE("[ssh] can not use password mode or interactive mode ot login to real SSH server %s:%d.\n", _this->m_server_ip.c_str(), _this->m_server_port);
@ -382,6 +395,7 @@ int SshSession::_on_auth_password_request(ssh_session session, const char *user,
ssh_key_free(key);
if (rc == SSH_AUTH_SUCCESS) {
EXLOGW("[ssh] logon with public-key mode.\n");
_this->m_is_logon = true;
return SSH_AUTH_SUCCESS;
}

6
server/www/teleport/app/eom_app/app/db.py
View File

@ -179,13 +179,15 @@ class TPDatabase:
def is_field_exists(self, table_name, field_name):
if self.db_type == self.DB_TYPE_SQLITE:
ret = self.query('PRAGMA table_info(`{}`);'.format(table_name))
print(ret)
if ret is None:
return None
if len(ret) == 0:
return False
else:
return True
for f in ret:
if f[1] == field_name:
return True
return False
elif self.db_type == self.DB_TYPE_MYSQL:
ret = self.query('DESC `{}` `{}`;'.format(table_name, field_name))
print(ret)

1
server/www/teleport/app/eom_app/controller/auth.py
View File

@ -193,7 +193,6 @@ class OathVerifyHandler(TPBaseUserAuthJsonHandler):
class OathSecretQrCodeHandler(TPBaseUserAuthJsonHandler):
def get(self):
secret = self.get_session('tmp_oath_secret', None)
print('tmp-oath-secret:', secret)
user_info = self.get_current_user()
img_data = gen_oath_qrcode(user_info['name'], secret)