| Message ID | 20170611174747.8328-1-jamrial@gmail.com |
|---|---|
| State | Accepted |
| Commit | 8ddb6820bd52df6ed616abc3d8be200b126aa8c1 |
| Headers | show |
On 6/11/2017 2:47 PM, James Almer wrote: > Fixes ticket #6413 > > Signed-off-by: James Almer <jamrial@gmail.com> > --- > The public key authentication also tries to use the password variable. I > don't know if NULL is valid in that case or not. > Perhaps for that one it would be better to replace the current usage of > legacy API instead. Ping. > > libavformat/libssh.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/libavformat/libssh.c b/libavformat/libssh.c > index 49e92e7516..9e3d4da45e 100644 > --- a/libavformat/libssh.c > +++ b/libavformat/libssh.c > @@ -103,7 +103,7 @@ static av_cold int libssh_authentication(LIBSSHContext *libssh, const char *user > } > } > > - if (!authorized && (auth_methods & SSH_AUTH_METHOD_PASSWORD)) { > + if (!authorized && password && (auth_methods & SSH_AUTH_METHOD_PASSWORD)) { > if (ssh_userauth_password(libssh->session, NULL, password) == SSH_AUTH_SUCCESS) { > av_log(libssh, AV_LOG_DEBUG, "Authentication successful with password.\n"); > authorized = 1; >
On Fri, Jun 16, 2017 at 06:30:45PM -0300, James Almer wrote: > On 6/11/2017 2:47 PM, James Almer wrote: > > Fixes ticket #6413 > > > > Signed-off-by: James Almer <jamrial@gmail.com> > > --- > > The public key authentication also tries to use the password variable. I > > don't know if NULL is valid in that case or not. > > Perhaps for that one it would be better to replace the current usage of > > legacy API instead. > > Ping. for someone like me who doesnt know the API of libssh, it does look reasonable [...]
On 6/17/2017 4:57 PM, Michael Niedermayer wrote: > On Fri, Jun 16, 2017 at 06:30:45PM -0300, James Almer wrote: >> On 6/11/2017 2:47 PM, James Almer wrote: >>> Fixes ticket #6413 >>> >>> Signed-off-by: James Almer <jamrial@gmail.com> >>> --- >>> The public key authentication also tries to use the password variable. I >>> don't know if NULL is valid in that case or not. >>> Perhaps for that one it would be better to replace the current usage of >>> legacy API instead. >> >> Ping. > > for someone like me who doesnt know the API of libssh, it does look > reasonable Pushed then, thanks.
Hi, On 11/06/17 18:47, jamrial at gmail.com (James Almer) wrote: > Fixes ticket #6413 > > Signed-off-by: James Almer <jamrial at gmail.com> > --- > The public key authentication also tries to use the password variable. I > don't know if NULL is valid in that case or not. > Perhaps for that one it would be better to replace the current usage of > legacy API instead. > > libavformat/libssh.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > Please can this patch be applied to the stable branches. Someone using Debian stable (3.2.9) reported it: https://bugs.debian.org/886912 Commit 8ddb6820bd52df6ed616abc3d8be200b126aa8c1 applied to 3.4. Thanks, James > diff --git a/libavformat/libssh.c b/libavformat/libssh.c > index 49e92e7516..9e3d4da45e 100644 > --- a/libavformat/libssh.c > +++ b/libavformat/libssh.c > @@ -103,7 +103,7 @@ static av_cold int libssh_authentication(LIBSSHContext *libssh, const char *user > } > } > > - if (!authorized && (auth_methods & SSH_AUTH_METHOD_PASSWORD)) { > + if (!authorized && password && (auth_methods & SSH_AUTH_METHOD_PASSWORD)) { > if (ssh_userauth_password(libssh->session, NULL, password) == SSH_AUTH_SUCCESS) { > av_log(libssh, AV_LOG_DEBUG, "Authentication successful with password.\n"); > authorized = 1; >
On 1/11/2018 8:05 AM, James Cowgill wrote: > Hi, > > On 11/06/17 18:47, jamrial at gmail.com (James Almer) wrote: >> Fixes ticket #6413 >> >> Signed-off-by: James Almer <jamrial at gmail.com> >> --- >> The public key authentication also tries to use the password variable. I >> don't know if NULL is valid in that case or not. >> Perhaps for that one it would be better to replace the current usage of >> legacy API instead. >> >> libavformat/libssh.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> > > Please can this patch be applied to the stable branches. Someone using > Debian stable (3.2.9) reported it: > https://bugs.debian.org/886912 > > Commit 8ddb6820bd52df6ed616abc3d8be200b126aa8c1 applied to 3.4. > > Thanks, > James Pushed to the most recent branches. It should be part of 3.2.10 > >> diff --git a/libavformat/libssh.c b/libavformat/libssh.c >> index 49e92e7516..9e3d4da45e 100644 >> --- a/libavformat/libssh.c >> +++ b/libavformat/libssh.c >> @@ -103,7 +103,7 @@ static av_cold int libssh_authentication(LIBSSHContext *libssh, const char *user >> } >> } >> >> - if (!authorized && (auth_methods & SSH_AUTH_METHOD_PASSWORD)) { >> + if (!authorized && password && (auth_methods & SSH_AUTH_METHOD_PASSWORD)) { >> if (ssh_userauth_password(libssh->session, NULL, password) == SSH_AUTH_SUCCESS) { >> av_log(libssh, AV_LOG_DEBUG, "Authentication successful with password.\n"); >> authorized = 1; >> > >
diff --git a/libavformat/libssh.c b/libavformat/libssh.c index 49e92e7516..9e3d4da45e 100644 --- a/libavformat/libssh.c +++ b/libavformat/libssh.c @@ -103,7 +103,7 @@ static av_cold int libssh_authentication(LIBSSHContext *libssh, const char *user } } - if (!authorized && (auth_methods & SSH_AUTH_METHOD_PASSWORD)) { + if (!authorized && password && (auth_methods & SSH_AUTH_METHOD_PASSWORD)) { if (ssh_userauth_password(libssh->session, NULL, password) == SSH_AUTH_SUCCESS) { av_log(libssh, AV_LOG_DEBUG, "Authentication successful with password.\n"); authorized = 1;
Fixes ticket #6413 Signed-off-by: James Almer <jamrial@gmail.com> --- The public key authentication also tries to use the password variable. I don't know if NULL is valid in that case or not. Perhaps for that one it would be better to replace the current usage of legacy API instead. libavformat/libssh.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)