Mercurial > dropbear

diff cli-auth.c @ 45:9ee8996a375f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Pubkey auth is mostly there for the client. Something strange with remote hostkey verification though.
author Matt Johnston <matt@ucc.asn.au>
date Tue, 03 Aug 2004 17:26:56 +0000
parents 942b22d7dd1c
children eee77ac31ccc
line wrap: on
line diff
--- a/cli-auth.c	Tue Aug 03 15:51:55 2004 +0000
+++ b/cli-auth.c	Tue Aug 03 17:26:56 2004 +0000
@@ -7,7 +7,6 @@
 #include "packet.h"
 #include "runopts.h"
 
-#undef DROPBEAR_PUBKEY_AUTH
 
 void cli_authinitialise() {
 
@@ -30,7 +29,6 @@
 	buf_putstring(ses.writepayload, "none", 4); /* 'none' method */
 
 	encrypt_packet();
-	cli_ses.state = USERAUTH_METHODS_SENT;
 	TRACE(("leave cli_auth_getmethods"));
 
 }
@@ -88,6 +86,20 @@
 	TRACE(("<- MSG_USERAUTH_FAILURE"));
 	TRACE(("enter recv_msg_userauth_failure"));
 
+	if (cli_ses.state != USERAUTH_REQ_SENT) {
+		/* Perhaps we should be more fatal? */
+		TRACE(("But we didn't send a userauth request!!!!!!"));
+		return;
+	}
+
+#ifdef DROPBEAR_PUBKEY_AUTH
+	/* If it was a pubkey auth request, we should cross that key 
+	 * off the list. */
+	if (cli_ses.lastauthtype == AUTH_TYPE_PUBKEY) {
+		cli_pubkeyfail();
+	}
+#endif
+
 	methods = buf_getstring(ses.payload, &methlen);
 
 	partial = buf_getbyte(ses.payload);
@@ -154,12 +166,14 @@
 #ifdef DROPBEAR_PUBKEY_AUTH
 	if (ses.authstate.authtypes & AUTH_TYPE_PUBKEY) {
 		finished = cli_auth_pubkey();
+		cli_ses.lastauthtype = AUTH_TYPE_PUBKEY;
 	}
 #endif
 
 #ifdef DROPBEAR_PASSWORD_AUTH
 	if (!finished && ses.authstate.authtypes & AUTH_TYPE_PASSWORD) {
 		finished = cli_auth_password();
+		cli_ses.lastauthtype = AUTH_TYPE_PASSWORD;
 	}
 #endif
 
@@ -167,6 +181,5 @@
 		dropbear_exit("No auth methods could be used.");
 	}
 
-	cli_ses.state = USERAUTH_REQ_SENT;
 	TRACE(("leave cli_auth_try"));
 }