Known Hosts User Input Fix (#1778)

This handles ambiguous cases where the context that determines the block
id of a command is not provided.

Author: oneirocosm

frontend/app/modals/userinputmodal.scss

@@ -13,6 +13,7 @@
     justify-content: space-between;
     gap: 1rem;
     margin: 0 1rem 1rem 1rem;
+    max-width: 500px;
 
     font: var(--fixed-font);
     color: var(--main-text-color);

pkg/remote/sshclient.go

@@ -141,7 +141,13 @@ func createPublicKeyCallback(connCtx context.Context, sshKeywords *wshrpc.ConnKe
 	authSockSigners = append(authSockSigners, authSockSignersExt...)
 	authSockSignersPtr := &authSockSigners
 
-	return func() ([]ssh.Signer, error) {
+	return func() (outSigner []ssh.Signer, outErr error) {
+		defer func() {
+			panicErr := panichandler.PanicHandler("sshclient:publickey-callback", recover())
+			if panicErr != nil {
+				outErr = panicErr
+			}
+		}()
 		// try auth sock
 		if len(*authSockSignersPtr) != 0 {
 			authSockSigner := (*authSockSignersPtr)[0]
@@ -219,7 +225,13 @@ func createPublicKeyCallback(connCtx context.Context, sshKeywords *wshrpc.ConnKe
 }
 
 func createInteractivePasswordCallbackPrompt(connCtx context.Context, remoteDisplayName string, debugInfo *ConnectionDebugInfo) func() (secret string, err error) {
-	return func() (secret string, err error) {
+	return func() (secret string, outErr error) {
+		defer func() {
+			panicErr := panichandler.PanicHandler("sshclient:password-callback", recover())
+			if panicErr != nil {
+				outErr = panicErr
+			}
+		}()
 		blocklogger.Infof(connCtx, "[conndebug] Password Authentication requested from connection %s...\n", remoteDisplayName)
 		ctx, cancelFn := context.WithTimeout(connCtx, 60*time.Second)
 		defer cancelFn()
@@ -244,7 +256,13 @@ func createInteractivePasswordCallbackPrompt(connCtx context.Context, remoteDisp
 }
 
 func createInteractiveKbdInteractiveChallenge(connCtx context.Context, remoteName string, debugInfo *ConnectionDebugInfo) func(name, instruction string, questions []string, echos []bool) (answers []string, err error) {
-	return func(name, instruction string, questions []string, echos []bool) (answers []string, err error) {
+	return func(name, instruction string, questions []string, echos []bool) (answers []string, outErr error) {
+		defer func() {
+			panicErr := panichandler.PanicHandler("sshclient:kbdinteractive-callback", recover())
+			if panicErr != nil {
+				outErr = panicErr
+			}
+		}()
 		if len(questions) != len(echos) {
 			return nil, fmt.Errorf("bad response from server: questions has len %d, echos has len %d", len(questions), len(echos))
 		}
@@ -332,7 +350,7 @@ func writeToKnownHosts(knownHostsFile string, newLine string, getUserVerificatio
 	return f.Close()
 }
 
-func createUnknownKeyVerifier(knownHostsFile string, hostname string, remote string, key ssh.PublicKey) func() (*userinput.UserInputResponse, error) {
+func createUnknownKeyVerifier(ctx context.Context, knownHostsFile string, hostname string, remote string, key ssh.PublicKey) func() (*userinput.UserInputResponse, error) {
 	base64Key := base64.StdEncoding.EncodeToString(key.Marshal())
 	queryText := fmt.Sprintf(
 		"The authenticity of host '%s (%s)' can't be established "+
@@ -349,7 +367,7 @@ func createUnknownKeyVerifier(knownHostsFile string, hostname string, remote str
 		Title:        "Known Hosts Key Missing",
 	}
 	return func() (*userinput.UserInputResponse, error) {
-		ctx, cancelFn := context.WithTimeout(context.Background(), 60*time.Second)
+		ctx, cancelFn := context.WithTimeout(ctx, 60*time.Second)
 		defer cancelFn()
 		resp, err := userinput.GetUserInput(ctx, request)
 		if err != nil {
@@ -402,7 +420,7 @@ func lineContainsMatch(line []byte, matches [][]byte) bool {
 	return false
 }
 
-func createHostKeyCallback(sshKeywords *wshrpc.ConnKeywords) (ssh.HostKeyCallback, HostKeyAlgorithms, error) {
+func createHostKeyCallback(ctx context.Context, sshKeywords *wshrpc.ConnKeywords) (ssh.HostKeyCallback, HostKeyAlgorithms, error) {
 	globalKnownHostsFiles := sshKeywords.SshGlobalKnownHostsFile
 	userKnownHostsFiles := sshKeywords.SshUserKnownHostsFile
 
@@ -473,7 +491,13 @@ func createHostKeyCallback(sshKeywords *wshrpc.ConnKeywords) (ssh.HostKeyCallbac
 		}
 	}
 
-	waveHostKeyCallback := func(hostname string, remote net.Addr, key ssh.PublicKey) error {
+	waveHostKeyCallback := func(hostname string, remote net.Addr, key ssh.PublicKey) (outErr error) {
+		defer func() {
+			panicErr := panichandler.PanicHandler("sshclient:wave-hostkey-callback", recover())
+			if panicErr != nil {
+				outErr = panicErr
+			}
+		}()
 		err := basicCallback(hostname, remote, key)
 		if err == nil {
 			// success
@@ -493,7 +517,7 @@ func createHostKeyCallback(sshKeywords *wshrpc.ConnKeywords) (ssh.HostKeyCallbac
 			err := fmt.Errorf("placeholder, should not be returned") // a null value here can cause problems with empty slice
 			for _, filename := range knownHostsFiles {
 				newLine := xknownhosts.Line([]string{xknownhosts.Normalize(hostname)}, key)
-				getUserVerification := createUnknownKeyVerifier(filename, hostname, remote.String(), key)
+				getUserVerification := createUnknownKeyVerifier(ctx, filename, hostname, remote.String(), key)
 				err = writeToKnownHosts(filename, newLine, getUserVerification)
 				if err == nil {
 					break
@@ -623,7 +647,7 @@ func createClientConfig(connCtx context.Context, sshKeywords *wshrpc.ConnKeyword
 		authMethods = append(authMethods, authMethod)
 	}
 
-	hostKeyCallback, hostKeyAlgorithms, err := createHostKeyCallback(sshKeywords)
+	hostKeyCallback, hostKeyAlgorithms, err := createHostKeyCallback(connCtx, sshKeywords)
 	if err != nil {
 		return nil, err
 	}

pkg/userinput/userinput.go

@@ -5,13 +5,16 @@ package userinput
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"log"
 	"sync"
 	"time"
 
 	"github.com/google/uuid"
+	"github.com/wavetermdev/waveterm/pkg/blocklogger"
 	"github.com/wavetermdev/waveterm/pkg/genconn"
+	"github.com/wavetermdev/waveterm/pkg/util/utilfn"
 	"github.com/wavetermdev/waveterm/pkg/wps"
 	"github.com/wavetermdev/waveterm/pkg/wstore"
 )
@@ -63,22 +66,19 @@ func (ui *UserInputHandler) unregisterChannel(id string) {
 	delete(ui.Channels, id)
 }
 
-func (ui *UserInputHandler) sendRequestToFrontend(request *UserInputRequest, windowId string) {
+func (ui *UserInputHandler) sendRequestToFrontend(request *UserInputRequest, scopes []string) {
 	wps.Broker.Publish(wps.WaveEvent{
 		Event:  wps.Event_UserInput,
 		Data:   request,
-		Scopes: []string{windowId},
+		Scopes: scopes,
 	})
 }
 
-func GetUserInput(ctx context.Context, request *UserInputRequest) (*UserInputResponse, error) {
-	id, uiCh := MainUserInputHandler.registerChannel()
-	defer MainUserInputHandler.unregisterChannel(id)
-	request.RequestId = id
-	deadline, _ := ctx.Deadline()
-	request.TimeoutMs = int(time.Until(deadline).Milliseconds()) - 500
-
+func determineScopes(ctx context.Context) ([]string, error) {
 	connData := genconn.GetConnData(ctx)
+	if connData == nil {
+		return nil, fmt.Errorf("context did not contain connection info")
+	}
 	// resolve windowId from blockId
 	tabId, err := wstore.DBFindTabForBlockId(ctx, connData.BlockId)
 	if err != nil {
@@ -93,9 +93,31 @@ func GetUserInput(ctx context.Context, request *UserInputRequest) (*UserInputRes
 		return nil, fmt.Errorf("unabled to determine window for route: %w", err)
 	}
 
-	MainUserInputHandler.sendRequestToFrontend(request, windowId)
+	return []string{windowId}, nil
+}
+
+func GetUserInput(ctx context.Context, request *UserInputRequest) (*UserInputResponse, error) {
+	id, uiCh := MainUserInputHandler.registerChannel()
+	defer MainUserInputHandler.unregisterChannel(id)
+	request.RequestId = id
+	request.TimeoutMs = int(utilfn.TimeoutFromContext(ctx, 30*time.Second).Milliseconds())
+
+	scopes, scopesErr := determineScopes(ctx)
+	if scopesErr != nil {
+		log.Printf("user input scopes could not be found: %v", scopesErr)
+		blocklogger.Infof(ctx, "user input scopes could not be found: %v", scopesErr)
+		allWindows, err := wstore.DBGetAllOIDsByType(ctx, "window")
+		if err != nil {
+			blocklogger.Infof(ctx, "unable to find windows for user input: %v", err)
+			return nil, fmt.Errorf("unable to find windows for user input: %v", err)
+		}
+		scopes = allWindows
+	}
+
+	MainUserInputHandler.sendRequestToFrontend(request, scopes)
 
 	var response *UserInputResponse
+	var err error
 	select {
 	case resp := <-uiCh:
 		log.Printf("checking received: %v", resp.RequestId)
@@ -105,7 +127,7 @@ func GetUserInput(ctx context.Context, request *UserInputRequest) (*UserInputRes
 	}
 
 	if response.ErrorMsg != "" {
-		err = fmt.Errorf(response.ErrorMsg)
+		err = errors.New(response.ErrorMsg)
 	}
 
 	return response, err