Mercurial > dropbear
comparison cli-auth.c @ 931:ac340d3e452e
Fix pubkey auth if the first key presented fails (infinite loop of
auth requests). Regresssion in ff597bf2cfb0
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Wed, 23 Apr 2014 16:22:50 +0800 |
| parents | 7032deca6b90 |
| children | c45d65392c1a |
comparison
equal
deleted
inserted
replaced
| 930:8f04e36622c0 | 931:ac340d3e452e |
|---|---|
| 172 | 172 |
| 173 /* When DROPBEAR_CLI_IMMEDIATE_AUTH is set there will be an initial response for | 173 /* When DROPBEAR_CLI_IMMEDIATE_AUTH is set there will be an initial response for |
| 174 the "none" auth request, and then a response to the immediate auth request. | 174 the "none" auth request, and then a response to the immediate auth request. |
| 175 We need to be careful handling them. */ | 175 We need to be careful handling them. */ |
| 176 if (cli_ses.ignore_next_auth_response) { | 176 if (cli_ses.ignore_next_auth_response) { |
| 177 TRACE(("ignore next response, state set to USERAUTH_REQ_SENT")) | |
| 178 cli_ses.state = USERAUTH_REQ_SENT; | 177 cli_ses.state = USERAUTH_REQ_SENT; |
| 178 cli_ses.ignore_next_auth_response = 0; | |
| 179 TRACE(("leave recv_msg_userauth_failure, ignored response, state set to USERAUTH_REQ_SENT")); | |
| 180 return; | |
| 179 } else { | 181 } else { |
| 180 cli_ses.state = USERAUTH_FAIL_RCVD; | |
| 181 cli_ses.lastauthtype = AUTH_TYPE_NONE; | |
| 182 #ifdef ENABLE_CLI_PUBKEY_AUTH | 182 #ifdef ENABLE_CLI_PUBKEY_AUTH |
| 183 /* If it was a pubkey auth request, we should cross that key | 183 /* If it was a pubkey auth request, we should cross that key |
| 184 * off the list. */ | 184 * off the list. */ |
| 185 if (cli_ses.lastauthtype == AUTH_TYPE_PUBKEY) { | 185 if (cli_ses.lastauthtype == AUTH_TYPE_PUBKEY) { |
| 186 cli_pubkeyfail(); | 186 cli_pubkeyfail(); |
| 195 && !cli_ses.interact_request_received) { | 195 && !cli_ses.interact_request_received) { |
| 196 TRACE(("setting auth_interact_failed = 1")) | 196 TRACE(("setting auth_interact_failed = 1")) |
| 197 cli_ses.auth_interact_failed = 1; | 197 cli_ses.auth_interact_failed = 1; |
| 198 } | 198 } |
| 199 #endif | 199 #endif |
| 200 } | 200 cli_ses.state = USERAUTH_FAIL_RCVD; |
| 201 | 201 cli_ses.lastauthtype = AUTH_TYPE_NONE; |
| 202 cli_ses.ignore_next_auth_response = 0; | 202 } |
| 203 | 203 |
| 204 methods = buf_getstring(ses.payload, &methlen); | 204 methods = buf_getstring(ses.payload, &methlen); |
| 205 | 205 |
| 206 partial = buf_getbool(ses.payload); | 206 partial = buf_getbool(ses.payload); |
| 207 | 207 |