diff cli-auth.c @ 931:ac340d3e452e

Fix pubkey auth if the first key presented fails (infinite loop of auth requests). Regresssion in ff597bf2cfb0
author Matt Johnston <matt@ucc.asn.au>
date Wed, 23 Apr 2014 16:22:50 +0800
parents 7032deca6b90
children c45d65392c1a
line wrap: on
line diff
--- a/cli-auth.c	Fri Mar 21 22:16:42 2014 +0800
+++ b/cli-auth.c	Wed Apr 23 16:22:50 2014 +0800
@@ -174,11 +174,11 @@
 	the "none" auth request, and then a response to the immediate auth request. 
 	We need to be careful handling them. */
 	if (cli_ses.ignore_next_auth_response) {
-		TRACE(("ignore next response, state set to USERAUTH_REQ_SENT"))
 		cli_ses.state = USERAUTH_REQ_SENT;
+		cli_ses.ignore_next_auth_response = 0;
+		TRACE(("leave recv_msg_userauth_failure, ignored response, state set to USERAUTH_REQ_SENT"));
+		return;
 	} else  {
-		cli_ses.state = USERAUTH_FAIL_RCVD;
-		cli_ses.lastauthtype = AUTH_TYPE_NONE;
 #ifdef ENABLE_CLI_PUBKEY_AUTH
 		/* If it was a pubkey auth request, we should cross that key 
 		 * off the list. */
@@ -197,10 +197,10 @@
 			cli_ses.auth_interact_failed = 1;
 		}
 #endif
+		cli_ses.state = USERAUTH_FAIL_RCVD;
+		cli_ses.lastauthtype = AUTH_TYPE_NONE;
 	}
 
-	cli_ses.ignore_next_auth_response = 0;
-
 	methods = buf_getstring(ses.payload, &methlen);
 
 	partial = buf_getbool(ses.payload);