N Winkel <nw1...@outlook.com> writes:
> Hi Michael,
Hi Neri,
> I've attached the logfiles from the new runs, though they do seem to
> be getting substantially larger, so I've attached two of them as
> weblinks (to my own cloud), I hope that's ok? if it isn't I've also
> attached one of them normally.
That's OK. You could provide all the logfiles on your cloud.
> From what I can glean from the logfiles the way I've set it up should
> be fine..
Yes.
> I do however still not get any prompts beside the normal password
> prompt etc, and toggling `tramp-use-fingerprint` doesn't appear to be
> respected currently either.
But we're making progress. This is the first time we've tested my new
code. Now we can see what's to do.
> I'm sorry that I'm making this more difficult than it has to be.
You don't.
My further analysis uses fprintUsed.log. First, the fingerprint prompt
appears in the connection buffer:
--8<---------------cut here---------------start------------->8---
13:16:24.976671 tramp-accept-process-output (10) # *tramp/sudo root@archlinux*
run t
Place your finger on the fingerprint reader
--8<---------------cut here---------------end--------------->8---
But it isn't detected by the respective regexp:
--8<---------------cut here---------------start------------->8---
13:16:24.977032 tramp-process-one-action (5) # Looking for regexp "\(\(?:Place
your \(?:\(?:finger o\(?:n the reader agai\)?\|\(?:left \(?:index
finger\|little finger\|middle finger\|ring finger\|thumb\)\|right \(?:index
finger\|little finger\|middle finger\|ring finger\|thumb\)\) o\)n\)\|Remove
your finger, and try swiping your finger again\|Swipe \(?:was too short, try
again\|your \(?:finger a\(?:cross\|gain\)\|\(?:left \(?:index finger\|little
finger\|middle finger\|ring finger\|thumb\)\|right \(?:index finger\|little
finger\|middle finger\|ring finger\|thumb\)\) across\)\)\|Your finger was not
centred, try swiping your finger again\).*\)\'" from remote shell
13:16:24.977056 tramp-get-connection-property (7) # check-remote-echo nil;
cache used: nil
13:16:24.977073 tramp-get-connection-property (7) # check-remote-echo nil;
cache used: nil
13:16:24.977100 tramp-process-one-action (5) # Looking for regexp
"\(^.*\(?:Permission denied\|Timeout, server not responding\.\|Sorry, try
again\.\|Name or service not known\|Host key verification
failed\.\|Authentication failed\|No supported authentication methods left to
try!\|Login \(?:[Ii]ncorrect\)\|Connection \(?:\(?:clo\|refu\)sed\)\|Received
signal [[:digit:]]+\|Verification timed out\|Failed to match fingerprint\|An
unknown error occurred\).*\)\'" from remote shell
...
--8<---------------cut here---------------end--------------->8---
This is a little bit strange. Thinking about, I have an idea: All these
checks in tramp-process-one-action assume, that the string is the very
last in the buffer. That means also, no trailing newline, as it is the
case for password prompts, shell prompts and alike.
But I suspectect, that fprintd writes "Place your finger on the
fingerprint reader" as a whole line, including the final newline.
So we must adapt our regexp. A similar case is handling of messages
emitted by a security key (like yubikey); I've taken the solution from
there.
Appended is a new patch. This time only for tramp.el; tramp-sh.el
doesn't need further care. Could you, pls test?
> Best regards, Neri
Best regards, Michael.
diff --git a/lisp/tramp.el b/lisp/tramp.el
index 863422a6..c22cc1d6 100644
--- a/lisp/tramp.el
+++ b/lisp/tramp.el
@@ -703,12 +703,51 @@ The regexp should match at end of buffer."
"No supported authentication methods left to try!"
(: "Login " (| "Incorrect" "incorrect"))
(: "Connection " (| "refused" "closed"))
- (: "Received signal " (+ digit)))
+ (: "Received signal " (+ digit))
+ ;; Fingerprint.
+ "Verification timed out"
+ "Failed to match fingerprint"
+ "An unknown error occurred")
(* nonl))
"Regexp matching a `login failed' message.
The regexp should match at end of buffer."
:type 'regexp)
+;; <https://gitlab.freedesktop.org/libfprint/fprintd/-/blob/master/pam/fingerprint-strings.h?ref_type=heads>
+(defcustom tramp-fingerprint-prompt-regexp
+ (rx (| "Place your finger on"
+ "Swipe your finger across"
+ "Place your left thumb on"
+ "Swipe your left thumb across"
+ "Place your left index finger on"
+ "Swipe your left index finger across"
+ "Place your left middle finger on"
+ "Swipe your left middle finger across"
+ "Place your left ring finger on"
+ "Swipe your left ring finger across"
+ "Place your left little finger on"
+ "Swipe your left little finger across"
+ "Place your right thumb on"
+ "Swipe your right thumb across"
+ "Place your right index finger on"
+ "Swipe your right index finger across"
+ "Place your right middle finger on"
+ "Swipe your right middle finger across"
+ "Place your right ring finger on"
+ "Swipe your right ring finger across"
+ "Place your right little finger on"
+ "Swipe your right little finger across"
+ "Place your finger on the reader again"
+ "Swipe your finger again"
+ "Swipe was too short, try again"
+ "Your finger was not centred, try swiping your finger again"
+ "Remove your finger, and try swiping your finger again")
+ (* nonl) (* (any "\r\n")))
+ "Regexp matching fingerprint prompts.
+The regexp should match at end of buffer."
+ :version "30.2"
+ :type 'regexp)
+
(defcustom tramp-yesno-prompt-regexp
(rx "Are you sure you want to continue connecting (yes/no"
(? "/[fingerprint]") ")?"
@@ -5693,6 +5732,27 @@ of."
(narrow-to-region (point-max) (point-max))))
t)
+(defcustom tramp-use-fingerprint t
+ "Whether fingerprint prompts shall be used for authentication."
+ :version "30.2"
+ :type 'boolean)
+
+(defun tramp-action-fingerprint (proc vec)
+ "Query the user for a fingerprint verification.
+Interrupt the query if `tramp-use-fingerprint' is nil."
+ (with-current-buffer (process-buffer proc)
+ (let ((point (point-max)))
+ (if tramp-use-fingerprint
+ (tramp-action-show-message proc vec)
+ ;; (process-send-string proc "�"))
+ (interrupt-process proc)
+ (sit-for 1 'nodisp)
+ (tramp-accept-process-output proc)
+ (tramp-message vec 6 "\n%s" (buffer-string)))
+ ;; Hide message.
+ (narrow-to-region point (point-max))))
+ t)
+
(defun tramp-action-succeed (_proc _vec)
"Signal success in finding shell prompt."
(throw 'tramp-action 'ok))
@@ -5739,6 +5799,16 @@ The terminal type can be configured with `tramp-terminal-type'."
(tramp-send-string vec (concat tramp-terminal-type tramp-local-end-of-line))
t)
+(defun tramp-action-show-message (proc vec)
+ "Show the user a message for action."
+ (with-current-buffer (process-buffer proc)
+ (let (inhibit-message)
+ (tramp-message vec 6 "\n%s" (buffer-string))
+ (goto-char (point-min))
+ (tramp-check-for-regexp proc tramp-process-action-regexp)
+ (message (concat (string-trim (match-string 0)) " "))))
+ t)
+
(defun tramp-action-confirm-message (_proc vec)
"Return RET in order to confirm the message."
(tramp-message
