yubikey reset ssh session fix (#231)

Hidanio · web-flow · commit caa96d57d05f · 2024-05-27T17:39:07.000+03:00
diff --git a/src/main/kotlin/com/vk/admstorm/ssh/YubikeyHandler.kt b/src/main/kotlin/com/vk/admstorm/ssh/YubikeyHandler.kt
@@ -22,6 +22,12 @@ class YubikeyHandler {
         private val LOG = logger<YubikeyHandler>()
     }
 
+    private val openscPath = if (SystemInfo.isLinux) {
+        "usr/lib/x86_64-linux-gnu/opensc-pkcs11.so"
+    } else {
+        "/usr/local/lib/opensc-pkcs11.so"
+    }
+
     fun autoReset(project: Project, onFail: Runnable): Boolean {
         LOG.info("Try auto reset Yubikey")
         val resetScript = createScriptIfNotExists(project) ?: return false
@@ -44,10 +50,7 @@ class YubikeyHandler {
             PasswordSafe.instance.getPassword(credentialAttributes)!!
         }
 
-        val killOutput = CommandRunner.runLocally(project, "pkill ssh-agen")
-        if (killOutput.exitCode != 0) {
-            LOG.warn("pkill ssh-agen exited with non-zero code while Yubikey reset")
-        }
+
 
         val evalOutput = CommandRunner.runLocallyEval("ssh-agent -s")
         if (evalOutput == null) {
@@ -63,11 +66,13 @@ class YubikeyHandler {
 
         val echoBuilder = ProcessBuilder("echo", password)
 
-        val openscPath = if (SystemInfo.isLinux) {
-            "usr/lib/x86_64-linux-gnu/opensc-pkcs11.so"
-        } else {
-            "/usr/local/lib/opensc-pkcs11.so"
+        val sshResetKey = CommandRunner.runLocally(project, "ssh-add -e $openscPath")
+        val resetOk = sshResetKey.stderr.contains("Card removed")
+        if (!resetOk) {
+            LOG.warn("Yubikey reset error: ${sshResetKey.stderr}")
+            showYubikeyResetFailNotification(project, "Unable to reset yubikey", null, onFail)
         }
+
         val sshAddBuilder = ProcessBuilder("ssh-add", "-s", openscPath)
 
         sshAddBuilder.environment().apply {
@@ -82,9 +87,9 @@ class YubikeyHandler {
                     sshAddBuilder
                 )
             )
-        } catch (e: IOException) {
-            LOG.warn("Unexpected exception while startPipeline for Yubikey reset", e)
-            showYubikeyResetFailNotification(project, "Unable to run reset commands", null, onFail)
+        } catch (ex: IOException) {
+            LOG.warn("Unexpected exception while startPipeline for Yubikey add", ex)
+            showYubikeyResetFailNotification(project, "Unable to run add commands", null, onFail)
             return false
         }
 
@@ -160,12 +165,12 @@ class YubikeyHandler {
                     )
                     return null
                 }
-            } catch (e: Exception) {
+            } catch (ex: Exception) {
                 MessageDialog.showWarning(
                     """
                         Can't create script '${GitUIUtil.code(resetScript.absolutePath)}' for reset Yubikey:
                         
-                        ${e.message}
+                        ${ex.message}
                     """.trimIndent(),
                     "Problem with creating Yubikey reset script"
                 )
