aboutsummaryrefslogtreecommitdiff
path: root/app/src/main/java/com/zeapo
diff options
context:
space:
mode:
authorFabian Henneke <FabianHenneke@users.noreply.github.com>2020-06-26 08:47:47 +0200
committerGitHub <noreply@github.com>2020-06-26 08:47:47 +0200
commit889208b2644fd5676de8e05b81b4712dd11fa58b (patch)
treeb89b551ff32c850d163c28230151b68f344086c6 /app/src/main/java/com/zeapo
parent2f7c50136a0561fde89c678777bf4498cf573234 (diff)
Prevent cached passwords from being wiped (#884)
Diffstat (limited to 'app/src/main/java/com/zeapo')
-rw-r--r--app/src/main/java/com/zeapo/pwdstore/git/config/SshjSessionFactory.kt20
1 files changed, 12 insertions, 8 deletions
diff --git a/app/src/main/java/com/zeapo/pwdstore/git/config/SshjSessionFactory.kt b/app/src/main/java/com/zeapo/pwdstore/git/config/SshjSessionFactory.kt
index 61b7ec16..45e7fe3e 100644
--- a/app/src/main/java/com/zeapo/pwdstore/git/config/SshjSessionFactory.kt
+++ b/app/src/main/java/com/zeapo/pwdstore/git/config/SshjSessionFactory.kt
@@ -38,13 +38,13 @@ import kotlin.coroutines.suspendCoroutine
sealed class SshAuthData {
class Password(val passwordFinder: InteractivePasswordFinder) : SshAuthData() {
override fun clearCredentials() {
- passwordFinder.clearPassword()
+ passwordFinder.clearPasswords()
}
}
class PublicKeyFile(val keyFile: File, val passphraseFinder: InteractivePasswordFinder) : SshAuthData() {
override fun clearCredentials() {
- passphraseFinder.clearPassword()
+ passphraseFinder.clearPasswords()
}
}
@@ -57,13 +57,14 @@ abstract class InteractivePasswordFinder : PasswordFinder {
private var isRetry = false
private var lastPassword: CharArray? = null
+ private val rememberToWipe: MutableList<CharArray> = mutableListOf()
fun resetForReuse() {
isRetry = false
}
- fun clearPassword() {
- lastPassword?.clear()
+ fun clearPasswords() {
+ rememberToWipe.forEach { it.clear() }
lastPassword = null
}
@@ -73,17 +74,20 @@ abstract class InteractivePasswordFinder : PasswordFinder {
// now being reused for a new one. We try the previous password so that the user
// does not have to type it again.
isRetry = true
- return lastPassword!!
+ return lastPassword!!.clone().also { rememberToWipe.add(it) }
}
- clearPassword()
+ clearPasswords()
val password = runBlocking(Dispatchers.Main) {
suspendCoroutine<String?> { cont ->
askForPassword(cont, isRetry)
}
}
isRetry = true
- return password?.toCharArray()?.also { lastPassword = it }
- ?: throw SSHException(DisconnectReason.AUTH_CANCELLED_BY_USER)
+ if (password == null)
+ throw SSHException(DisconnectReason.AUTH_CANCELLED_BY_USER)
+ val passwordChars = password.toCharArray().also { rememberToWipe.add(it) }
+ lastPassword = passwordChars
+ return passwordChars.clone().also { rememberToWipe.add(it) }
}
final override fun shouldRetry(resource: Resource<*>?) = true