From 40dc17254dc86699d0c4e9f9eea235c5a7f5f6b9 Mon Sep 17 00:00:00 2001 From: rowanbeentje Date: Tue, 21 Jul 2009 23:21:51 +0000 Subject: - Rename "TunnelPassphraseRequester" to "SequelProTunnelAssistant" for clarity (sorry nightly testers) - Improve assistant copy from being in a script to resources copy phase --- Source/KeyChain.m | 2 +- Source/SPSSHTunnel.m | 4 +- Source/SequelProTunnelAssistant.m | 169 +++++++++++++++++++++++++++++++++++++ Source/TunnelPassphraseRequester.m | 169 ------------------------------------- 4 files changed, 172 insertions(+), 172 deletions(-) create mode 100644 Source/SequelProTunnelAssistant.m delete mode 100644 Source/TunnelPassphraseRequester.m (limited to 'Source') diff --git a/Source/KeyChain.m b/Source/KeyChain.m index 58dc2451..483eeceb 100644 --- a/Source/KeyChain.m +++ b/Source/KeyChain.m @@ -53,7 +53,7 @@ if (![self passwordExistsForName:name account:account]) { // Create a trusted access list with two items - ourselves and the SSH pass app. - NSString *helperPath = [[[NSBundle mainBundle] resourcePath] stringByAppendingPathComponent:@"TunnelPassphraseRequester"]; + NSString *helperPath = [[[NSBundle mainBundle] resourcePath] stringByAppendingPathComponent:@"SequelProTunnelAssistant"]; if ((SecTrustedApplicationCreateFromPath(NULL, &sequelProRef) == noErr) && (SecTrustedApplicationCreateFromPath([helperPath UTF8String], &sequelProHelperRef) == noErr)) { diff --git a/Source/SPSSHTunnel.m b/Source/SPSSHTunnel.m index 5b765525..60260f8d 100644 --- a/Source/SPSSHTunnel.m +++ b/Source/SPSSHTunnel.m @@ -274,7 +274,7 @@ [task setArguments:taskArguments]; // Set up the environment for the task - authenticationAppPath = [[[NSBundle mainBundle] resourcePath] stringByAppendingPathComponent:@"TunnelPassphraseRequester"]; + authenticationAppPath = [[[NSBundle mainBundle] resourcePath] stringByAppendingPathComponent:@"SequelProTunnelAssistant"]; taskEnvironment = [[NSMutableDictionary alloc] initWithDictionary:[[NSProcessInfo processInfo] environment]]; [taskEnvironment removeObjectForKey: @"SSH_AGENT_PID"]; [taskEnvironment removeObjectForKey: @"SSH_AUTH_SOCK"]; @@ -433,7 +433,7 @@ } /* - * Method to request the password for the current connection, as used by TunnelPassphraseRequester; + * Method to request the password for the current connection, as used by SequelProTunnelAssistant; * called with a verification hash to check against the stored hash, to provide basic security. Note * that this is easily bypassed, but if bypassed the password can already easily be retrieved in the same way. */ diff --git a/Source/SequelProTunnelAssistant.m b/Source/SequelProTunnelAssistant.m new file mode 100644 index 00000000..7859eaf7 --- /dev/null +++ b/Source/SequelProTunnelAssistant.m @@ -0,0 +1,169 @@ +// +// SequelProTunnelAssistant.m +// sequel-pro +// +// Created by Rowan Beentje on May 4, 2009. +// +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; either version 2 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program; if not, write to the Free Software +// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +// +// More info at + +#import +#import "KeyChain.h" +#import "SPSSHTunnel.h" +#import "RegexKitLite.h" + +int main(int argc, const char *argv[]) +{ + NSAutoreleasePool *pool = [[NSAutoreleasePool alloc] init]; + NSDictionary *environment = [[NSProcessInfo processInfo] environment]; + NSString *argument = nil; + SPSSHTunnel *sequelProTunnel; + NSString *connectionName = [environment objectForKey:@"SP_CONNECTION_NAME"]; + NSString *verificationHash = [environment objectForKey:@"SP_CONNECTION_VERIFY_HASH"]; + + if (![environment objectForKey:@"SP_PASSWORD_METHOD"]) { + [pool release]; + return 1; + } + + if (argc > 1) { + argument = [[[NSString alloc] initWithCString:argv[1] encoding:NSUTF8StringEncoding] autorelease]; + } + + // Check if we're being asked a question and respond if so + if (argument && [argument rangeOfString:@" (yes/no)?"].location != NSNotFound) { + sequelProTunnel = (SPSSHTunnel *)[NSConnection rootProxyForConnectionWithRegisteredName:connectionName host:nil]; + if (!sequelProTunnel) { + NSLog(@"SSH Tunnel: unable to connect to Sequel Pro to show SSH question"); + [pool release]; + return 1; + } + BOOL response = [sequelProTunnel getResponseForQuestion:argument]; + if (response) { + printf("yes\n"); + } else { + printf("no\n"); + } + [pool release]; + return 0; + } + + // Check whether we're being asked for a standard SSH password - if so, use the app-entered value. + if (argument && [[argument lowercaseString] rangeOfString:@"password:"].location != NSNotFound ) { + + // If the password method is set to use the keychain, use the supplied keychain name to + // request the password + if ([[environment objectForKey:@"SP_PASSWORD_METHOD"] intValue] == SPSSH_PASSWORD_USES_KEYCHAIN) { + KeyChain *keychain; + NSString *keychainName = [environment objectForKey:@"SP_KEYCHAIN_ITEM_NAME"]; + NSString *keychainAccount = [environment objectForKey:@"SP_KEYCHAIN_ITEM_ACCOUNT"]; + + if (!keychainName || !keychainAccount) { + NSLog(@"SSH Tunnel: keychain authentication specified but insufficient internal details supplied"); + [pool release]; + return 1; + } + + keychain = [[KeyChain alloc] init]; + if (![keychain passwordExistsForName:keychainName account:keychainAccount]) { + NSLog(@"SSH Tunnel: specified keychain password not found"); + [keychain release]; + [pool release]; + return 1; + } + + printf("%s\n", [[keychain getPasswordForName:keychainName account:keychainAccount] UTF8String]); + [keychain release]; + [pool release]; + return 0; + } + + // If the password method is set to request the password from the tunnel instance, do so. + if ([[environment objectForKey:@"SP_PASSWORD_METHOD"] intValue] == SPSSH_PASSWORD_ASKS_UI) { + NSString *password; + + if (!connectionName || !verificationHash) { + NSLog(@"SSH Tunnel: internal authentication specified but insufficient details supplied"); + [pool release]; + return 1; + } + + sequelProTunnel = (SPSSHTunnel *)[NSConnection rootProxyForConnectionWithRegisteredName:connectionName host:nil]; + if (!sequelProTunnel) { + NSLog(@"SSH Tunnel: unable to connect to Sequel Pro for internal authentication"); + [pool release]; + return 1; + } + + password = [sequelProTunnel getPasswordWithVerificationHash:verificationHash]; + if (!password) { + NSLog(@"SSH Tunnel: unable to successfully request password from Sequel Pro for internal authentication"); + [pool release]; + return 1; + } + + printf("%s\n", [password UTF8String]); + [pool release]; + return 0; + } + } + + // Check whether we're being asked for a SSH key passphrase + if (argument && [[argument lowercaseString] rangeOfString:@"enter passphrase for"].location != NSNotFound ) { + NSString *passphrase; + NSString *keyName = [argument stringByMatching:@"^\\s*Enter passphrase for key \\'(.*)\\':\\s*$" capture:1L]; + + if (keyName) { + + // Check whether the passphrase is in the keychain, using standard OS X sshagent name and account + KeyChain *keychain = [[KeyChain alloc] init]; + if ([keychain passwordExistsForName:@"SSH" account:keyName]) { + printf("%s\n", [[keychain getPasswordForName:@"SSH" account:keyName] UTF8String]); + [keychain release]; + [pool release]; + return 0; + } + [keychain release]; + } + + // Not found in the keychain - we need to ask the GUI. + + if (!verificationHash) { + NSLog(@"SSH Tunnel: key passphrase authentication required but insufficient details supplied to connect to GUI"); + [pool release]; + return 1; + } + + sequelProTunnel = (SPSSHTunnel *)[NSConnection rootProxyForConnectionWithRegisteredName:connectionName host:nil]; + if (!sequelProTunnel) { + NSLog(@"SSH Tunnel: unable to connect to Sequel Pro to show SSH question"); + [pool release]; + return 1; + } + passphrase = [sequelProTunnel getPasswordForQuery:argument verificationHash:verificationHash]; + if (!passphrase) { + [pool release]; + return 1; + } + + printf("%s\n", [passphrase UTF8String]); + [pool release]; + return 0; + } + + [pool release]; + return 1; +} diff --git a/Source/TunnelPassphraseRequester.m b/Source/TunnelPassphraseRequester.m deleted file mode 100644 index 11665449..00000000 --- a/Source/TunnelPassphraseRequester.m +++ /dev/null @@ -1,169 +0,0 @@ -// -// TunnelPassphraseRequester.m -// sequel-pro -// -// Created by Rowan Beentje on May 4, 2009. -// -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; either version 2 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -// -// More info at - -#import -#import "KeyChain.h" -#import "SPSSHTunnel.h" -#import "RegexKitLite.h" - -int main(int argc, const char *argv[]) -{ - NSAutoreleasePool *pool = [[NSAutoreleasePool alloc] init]; - NSDictionary *environment = [[NSProcessInfo processInfo] environment]; - NSString *argument = nil; - SPSSHTunnel *sequelProTunnel; - NSString *connectionName = [environment objectForKey:@"SP_CONNECTION_NAME"]; - NSString *verificationHash = [environment objectForKey:@"SP_CONNECTION_VERIFY_HASH"]; - - if (![environment objectForKey:@"SP_PASSWORD_METHOD"]) { - [pool release]; - return 1; - } - - if (argc > 1) { - argument = [[[NSString alloc] initWithCString:argv[1] encoding:NSUTF8StringEncoding] autorelease]; - } - - // Check if we're being asked a question and respond if so - if (argument && [argument rangeOfString:@" (yes/no)?"].location != NSNotFound) { - sequelProTunnel = (SPSSHTunnel *)[NSConnection rootProxyForConnectionWithRegisteredName:connectionName host:nil]; - if (!sequelProTunnel) { - NSLog(@"SSH Tunnel: unable to connect to Sequel Pro to show SSH question"); - [pool release]; - return 1; - } - BOOL response = [sequelProTunnel getResponseForQuestion:argument]; - if (response) { - printf("yes\n"); - } else { - printf("no\n"); - } - [pool release]; - return 0; - } - - // Check whether we're being asked for a standard SSH password - if so, use the app-entered value. - if (argument && [[argument lowercaseString] rangeOfString:@"password:"].location != NSNotFound ) { - - // If the password method is set to use the keychain, use the supplied keychain name to - // request the password - if ([[environment objectForKey:@"SP_PASSWORD_METHOD"] intValue] == SPSSH_PASSWORD_USES_KEYCHAIN) { - KeyChain *keychain; - NSString *keychainName = [environment objectForKey:@"SP_KEYCHAIN_ITEM_NAME"]; - NSString *keychainAccount = [environment objectForKey:@"SP_KEYCHAIN_ITEM_ACCOUNT"]; - - if (!keychainName || !keychainAccount) { - NSLog(@"SSH Tunnel: keychain authentication specified but insufficient internal details supplied"); - [pool release]; - return 1; - } - - keychain = [[KeyChain alloc] init]; - if (![keychain passwordExistsForName:keychainName account:keychainAccount]) { - NSLog(@"SSH Tunnel: specified keychain password not found"); - [keychain release]; - [pool release]; - return 1; - } - - printf("%s\n", [[keychain getPasswordForName:keychainName account:keychainAccount] UTF8String]); - [keychain release]; - [pool release]; - return 0; - } - - // If the password method is set to request the password from the tunnel instance, do so. - if ([[environment objectForKey:@"SP_PASSWORD_METHOD"] intValue] == SPSSH_PASSWORD_ASKS_UI) { - NSString *password; - - if (!connectionName || !verificationHash) { - NSLog(@"SSH Tunnel: internal authentication specified but insufficient details supplied"); - [pool release]; - return 1; - } - - sequelProTunnel = (SPSSHTunnel *)[NSConnection rootProxyForConnectionWithRegisteredName:connectionName host:nil]; - if (!sequelProTunnel) { - NSLog(@"SSH Tunnel: unable to connect to Sequel Pro for internal authentication"); - [pool release]; - return 1; - } - - password = [sequelProTunnel getPasswordWithVerificationHash:verificationHash]; - if (!password) { - NSLog(@"SSH Tunnel: unable to successfully request password from Sequel Pro for internal authentication"); - [pool release]; - return 1; - } - - printf("%s\n", [password UTF8String]); - [pool release]; - return 0; - } - } - - // Check whether we're being asked for a SSH key passphrase - if (argument && [[argument lowercaseString] rangeOfString:@"enter passphrase for"].location != NSNotFound ) { - NSString *passphrase; - NSString *keyName = [argument stringByMatching:@"^\\s*Enter passphrase for key \\'(.*)\\':\\s*$" capture:1L]; - - if (keyName) { - - // Check whether the passphrase is in the keychain, using standard OS X sshagent name and account - KeyChain *keychain = [[KeyChain alloc] init]; - if ([keychain passwordExistsForName:@"SSH" account:keyName]) { - printf("%s\n", [[keychain getPasswordForName:@"SSH" account:keyName] UTF8String]); - [keychain release]; - [pool release]; - return 0; - } - [keychain release]; - } - - // Not found in the keychain - we need to ask the GUI. - - if (!verificationHash) { - NSLog(@"SSH Tunnel: key passphrase authentication required but insufficient details supplied to connect to GUI"); - [pool release]; - return 1; - } - - sequelProTunnel = (SPSSHTunnel *)[NSConnection rootProxyForConnectionWithRegisteredName:connectionName host:nil]; - if (!sequelProTunnel) { - NSLog(@"SSH Tunnel: unable to connect to Sequel Pro to show SSH question"); - [pool release]; - return 1; - } - passphrase = [sequelProTunnel getPasswordForQuery:argument verificationHash:verificationHash]; - if (!passphrase) { - [pool release]; - return 1; - } - - printf("%s\n", [passphrase UTF8String]); - [pool release]; - return 0; - } - - [pool release]; - return 1; -} -- cgit v1.2.3