( connectionMetadata metadata.ConnectionMetadata, handlerNetworkConnection *networkConnectionWrapper, logger log.Logger, )
| 382 | } |
| 383 | |
| 384 | func (s *serverImpl) createGSSAPIConfig( |
| 385 | connectionMetadata metadata.ConnectionMetadata, |
| 386 | handlerNetworkConnection *networkConnectionWrapper, |
| 387 | logger log.Logger, |
| 388 | ) *ssh.GSSAPIWithMICConfig { |
| 389 | var gssConfig *ssh.GSSAPIWithMICConfig |
| 390 | |
| 391 | gssServer := handlerNetworkConnection.OnAuthGSSAPI(connectionMetadata) |
| 392 | if gssServer != nil { |
| 393 | gssConfig = &ssh.GSSAPIWithMICConfig{ |
| 394 | AllowLogin: func(conn ssh.ConnMetadata, srcName string) (*ssh.Permissions, error) { |
| 395 | if !gssServer.Success() { |
| 396 | if gssServer.Error() == nil { |
| 397 | return nil, messageCodes.NewMessage( |
| 398 | messageCodes.ESSHAuthFailed, |
| 399 | "Authentication failed", |
| 400 | ) |
| 401 | } |
| 402 | return nil, gssServer.Error() |
| 403 | } |
| 404 | |
| 405 | authenticating := connectionMetadata.StartAuthentication(string(conn.ClientVersion()), conn.User()) |
| 406 | authenticated, err := gssServer.AllowLogin(conn.User(), authenticating) |
| 407 | if err != nil { |
| 408 | return nil, s.wrapAndLogAuthFailure(logger, authenticating, "GSSAPI", err) |
| 409 | } |
| 410 | handlerNetworkConnection.authenticatedMetadata = authenticated |
| 411 | s.logAuthSuccessful(logger, authenticated, "GSSAPI") |
| 412 | |
| 413 | marshaledMetadata, err := json.Marshal(authenticated) |
| 414 | if err != nil { |
| 415 | return nil, err |
| 416 | } |
| 417 | return &ssh.Permissions{ |
| 418 | Extensions: map[string]string{ |
| 419 | "containerssh-metadata": string(marshaledMetadata), |
| 420 | }, |
| 421 | }, err |
| 422 | }, |
| 423 | Server: gssServer, |
| 424 | } |
| 425 | } |
| 426 | return gssConfig |
| 427 | } |
| 428 | |
| 429 | func (s *serverImpl) createKeyboardInteractiveCallback( |
| 430 | connectionMetadata metadata.ConnectionMetadata, |
no test coverage detected