From cc2bb763980a15cf32fa068adcccbb6e3b8f2b1b Mon Sep 17 00:00:00 2001 From: Fabian Henneke Date: Fri, 26 Jun 2020 08:47:47 +0200 Subject: Prevent cached passwords from being wiped (#884) (cherry picked from commit 889208b2644fd5676de8e05b81b4712dd11fa58b) Signed-off-by: Harsh Shandilya --- .../zeapo/pwdstore/git/config/SshjSessionFactory.kt | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'app/src/main') diff --git a/app/src/main/java/com/zeapo/pwdstore/git/config/SshjSessionFactory.kt b/app/src/main/java/com/zeapo/pwdstore/git/config/SshjSessionFactory.kt index f643c714..f900e959 100644 --- a/app/src/main/java/com/zeapo/pwdstore/git/config/SshjSessionFactory.kt +++ b/app/src/main/java/com/zeapo/pwdstore/git/config/SshjSessionFactory.kt @@ -38,13 +38,13 @@ import kotlin.coroutines.suspendCoroutine sealed class SshAuthData { class Password(val passwordFinder: InteractivePasswordFinder) : SshAuthData() { override fun clearCredentials() { - passwordFinder.clearPassword() + passwordFinder.clearPasswords() } } class PublicKeyFile(val keyFile: File, val passphraseFinder: InteractivePasswordFinder) : SshAuthData() { override fun clearCredentials() { - passphraseFinder.clearPassword() + passphraseFinder.clearPasswords() } } @@ -57,13 +57,14 @@ abstract class InteractivePasswordFinder : PasswordFinder { private var isRetry = false private var lastPassword: CharArray? = null + private val rememberToWipe: MutableList = mutableListOf() fun resetForReuse() { isRetry = false } - fun clearPassword() { - lastPassword?.clear() + fun clearPasswords() { + rememberToWipe.forEach { it.clear() } lastPassword = null } @@ -73,17 +74,20 @@ abstract class InteractivePasswordFinder : PasswordFinder { // now being reused for a new one. We try the previous password so that the user // does not have to type it again. isRetry = true - return lastPassword!! + return lastPassword!!.clone().also { rememberToWipe.add(it) } } - clearPassword() + clearPasswords() val password = runBlocking(Dispatchers.Main) { suspendCoroutine { cont -> askForPassword(cont, isRetry) } } isRetry = true - return password?.toCharArray()?.also { lastPassword = it } - ?: throw SSHException(DisconnectReason.AUTH_CANCELLED_BY_USER) + if (password == null) + throw SSHException(DisconnectReason.AUTH_CANCELLED_BY_USER) + val passwordChars = password.toCharArray().also { rememberToWipe.add(it) } + lastPassword = passwordChars + return passwordChars.clone().also { rememberToWipe.add(it) } } final override fun shouldRetry(resource: Resource<*>?) = true -- cgit v1.2.3