Prevent cached passwords from being wiped (#884)

2025-08-30 13:57:47 +00:00 · 2020-06-26 08:47:47 +02:00 · 2020-06-26 08:47:47 +02:00 · 889208b264
commit 889208b264
parent 2f7c50136a
1 changed files with 12 additions and 8 deletions
--- a/app/src/main/java/com/zeapo/pwdstore/git/config/SshjSessionFactory.kt
+++ b/app/src/main/java/com/zeapo/pwdstore/git/config/SshjSessionFactory.kt
@ -38,13 +38,13 @@ import kotlin.coroutines.suspendCoroutine
 sealed class SshAuthData {
    class Password(val passwordFinder: InteractivePasswordFinder) : SshAuthData() {
        override fun clearCredentials() {
-            passwordFinder.clearPassword()
+            passwordFinder.clearPasswords()
        }
    }

    class PublicKeyFile(val keyFile: File, val passphraseFinder: InteractivePasswordFinder) : SshAuthData() {
        override fun clearCredentials() {
-            passphraseFinder.clearPassword()
+            passphraseFinder.clearPasswords()
        }
    }

@ -57,13 +57,14 @@ abstract class InteractivePasswordFinder : PasswordFinder {

    private var isRetry = false
    private var lastPassword: CharArray? = null
+    private val rememberToWipe: MutableList<CharArray> = mutableListOf()

    fun resetForReuse() {
        isRetry = false
    }

-    fun clearPassword() {
-        lastPassword?.clear()
+    fun clearPasswords() {
+        rememberToWipe.forEach { it.clear() }
        lastPassword = null
    }

@ -73,17 +74,20 @@ abstract class InteractivePasswordFinder : PasswordFinder {
            // now being reused for a new one. We try the previous password so that the user
            // does not have to type it again.
            isRetry = true
-            return lastPassword!!
+            return lastPassword!!.clone().also { rememberToWipe.add(it) }
        }
-        clearPassword()
+        clearPasswords()
        val password = runBlocking(Dispatchers.Main) {
            suspendCoroutine<String?> { cont ->
                askForPassword(cont, isRetry)
            }
        }
        isRetry = true
-        return password?.toCharArray()?.also { lastPassword = it }
-            ?: throw SSHException(DisconnectReason.AUTH_CANCELLED_BY_USER)
+        if (password == null)
+            throw SSHException(DisconnectReason.AUTH_CANCELLED_BY_USER)
+        val passwordChars = password.toCharArray().also { rememberToWipe.add(it) }
+        lastPassword = passwordChars
+        return passwordChars.clone().also { rememberToWipe.add(it) }
    }

    final override fun shouldRetry(resource: Resource<*>?) = true