# HG changeset patch # User Matt Johnston # Date 1398241370 -28800 # Node ID ac340d3e452e747af5a30eb55ce5cbc989670684 # Parent 8f04e36622c0a3cb7307e6686c54434d1067a30b Fix pubkey auth if the first key presented fails (infinite loop of auth requests). Regresssion in ff597bf2cfb0 diff -r 8f04e36622c0 -r ac340d3e452e cli-auth.c --- a/cli-auth.c Fri Mar 21 22:16:42 2014 +0800 +++ b/cli-auth.c Wed Apr 23 16:22:50 2014 +0800 @@ -174,11 +174,11 @@ the "none" auth request, and then a response to the immediate auth request. We need to be careful handling them. */ if (cli_ses.ignore_next_auth_response) { - TRACE(("ignore next response, state set to USERAUTH_REQ_SENT")) cli_ses.state = USERAUTH_REQ_SENT; + cli_ses.ignore_next_auth_response = 0; + TRACE(("leave recv_msg_userauth_failure, ignored response, state set to USERAUTH_REQ_SENT")); + return; } else { - cli_ses.state = USERAUTH_FAIL_RCVD; - cli_ses.lastauthtype = AUTH_TYPE_NONE; #ifdef ENABLE_CLI_PUBKEY_AUTH /* If it was a pubkey auth request, we should cross that key * off the list. */ @@ -197,10 +197,10 @@ cli_ses.auth_interact_failed = 1; } #endif + cli_ses.state = USERAUTH_FAIL_RCVD; + cli_ses.lastauthtype = AUTH_TYPE_NONE; } - cli_ses.ignore_next_auth_response = 0; - methods = buf_getstring(ses.payload, &methlen); partial = buf_getbool(ses.payload);