Mercurial > dropbear

comparison cli-auth.c @ 686:983a817f8e41 insecure-nocrypto

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
- Only request "none" cipher after auth has succeeded
author Matt Johnston <matt@ucc.asn.au>
date Thu, 17 May 2012 20:52:57 +0800
parents 5af8993f7529
children 714b9106e335
comparison
equal deleted inserted replaced
685:5af8993f7529 686:983a817f8e41
255 cli_ses.lastauthtype = AUTH_TYPE_PUBKEY; 255 cli_ses.lastauthtype = AUTH_TYPE_PUBKEY;
256 } 256 }
257 #endif 257 #endif
258 258
259 #ifdef ENABLE_CLI_INTERACT_AUTH 259 #ifdef ENABLE_CLI_INTERACT_AUTH
260 #if defined(DROPBEAR_NONE_CIPHER) && !defined(ALLOW_NONE_PASSWORD_AUTH)
261 if (ses.keys->trans.algo_crypt->cipherdesc == NULL) { 260 if (ses.keys->trans.algo_crypt->cipherdesc == NULL) {
262 fprintf(stderr, "Sorry, I won't let you use interactive auth unencrypted.\n"); 261 fprintf(stderr, "Sorry, I won't let you use interactive auth unencrypted.\n");
263 } 262 } else if (!finished && ses.authstate.authtypes & AUTH_TYPE_INTERACT) {
264 else
265 #endif
266 if (!finished && ses.authstate.authtypes & AUTH_TYPE_INTERACT) {
267 if (cli_ses.auth_interact_failed) { 263 if (cli_ses.auth_interact_failed) {
268 finished = 0; 264 finished = 0;
269 } else { 265 } else {
270 cli_auth_interactive(); 266 cli_auth_interactive();
271 cli_ses.lastauthtype = AUTH_TYPE_INTERACT; 267 cli_ses.lastauthtype = AUTH_TYPE_INTERACT;
273 } 269 }
274 } 270 }
275 #endif 271 #endif
276 272
277 #ifdef ENABLE_CLI_PASSWORD_AUTH 273 #ifdef ENABLE_CLI_PASSWORD_AUTH
278 #if defined(DROPBEAR_NONE_CIPHER) && !defined(ALLOW_NONE_PASSWORD_AUTH)
279 if (ses.keys->trans.algo_crypt->cipherdesc == NULL) { 274 if (ses.keys->trans.algo_crypt->cipherdesc == NULL) {
280 fprintf(stderr, "Sorry, I won't let you use password auth unencrypted.\n"); 275 fprintf(stderr, "Sorry, I won't let you use password auth unencrypted.\n");
281 } 276 } else if (!finished && ses.authstate.authtypes & AUTH_TYPE_PASSWORD) {
282 else
283 #endif
284 if (!finished && ses.authstate.authtypes & AUTH_TYPE_PASSWORD) {
285 cli_auth_password(); 277 cli_auth_password();
286 finished = 1; 278 finished = 1;
287 cli_ses.lastauthtype = AUTH_TYPE_PASSWORD; 279 cli_ses.lastauthtype = AUTH_TYPE_PASSWORD;
288 } 280 }
289 #endif 281 #endif