- markus@cvs.openbsd.org 2003/05/15 00:28:28

     [sshconnect2.c]
     cleanup unregister of per-method packet handlers; ok djm@

2 files changed, 14 insertions, 16 deletions

diff --git a/ChangeLog b/ChangeLog
index 590a3f6c4..a6e2446e5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -13,6 +13,9 @@
    - markus@cvs.openbsd.org 2003/05/14 22:24:42
      [clientloop.c session.c ssh.1]
      allow to send a BREAK to the remote system; ok various
+   - markus@cvs.openbsd.org 2003/05/15 00:28:28
+     [sshconnect2.c]
+     cleanup unregister of per-method packet handlers; ok djm@
  - (djm) Configure glue for DNS support (code doesn't work in portable yet)
 
 20030514
@@ -1489,4 +1492,4 @@
      save auth method before monitor_reset_key_state(); bugzilla bug #284;
      ok provos@
 
-$Id: ChangeLog,v 1.2704 2003/05/15 00:53:49 djm Exp $
+$Id: ChangeLog,v 1.2705 2003/05/15 02:01:28 djm Exp $
diff --git a/sshconnect2.c b/sshconnect2.c
index 36d592b42..1b85730fe 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.118 2003/05/14 02:15:47 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.119 2003/05/15 00:28:28 markus Exp $");
 
 #ifdef KRB5
 #include <krb5.h>
@@ -204,7 +204,6 @@ int	userauth_kerberos(Authctxt *);
 void    userauth(Authctxt *, char *);
 
 static int sign_and_send_pubkey(Authctxt *, Identity *);
-static void clear_auth_state(Authctxt *);
 static void pubkey_prepare(Authctxt *);
 static void pubkey_cleanup(Authctxt *);
 static Key *load_identity_file(char *);
@@ -299,8 +298,11 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
         dispatch_run(DISPATCH_BLOCK, &authctxt.success, &authctxt);     /* loop until success */
 
         pubkey_cleanup(&authctxt);
+        dispatch_range(SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL);
+
         debug("Authentication succeeded (%s).", authctxt.method->name);
 }
+
 void
 userauth(Authctxt *authctxt, char *authlist)
 {
@@ -316,6 +318,12 @@ userauth(Authctxt *authctxt, char *authlist)
                 if (method == NULL)
                         fatal("Permission denied (%s).", authlist);
                 authctxt->method = method;
+
+                /* reset the per method handler */
+                dispatch_range(SSH2_MSG_USERAUTH_PER_METHOD_MIN,
+                    SSH2_MSG_USERAUTH_PER_METHOD_MAX, NULL);
+
+                /* and try new method */
                 if (method->userauth(authctxt) != 0) {
                         debug2("we sent a %s packet, wait for reply", method->name);
                         break;
@@ -353,7 +361,6 @@ input_userauth_success(int type, u_int32_t seq, void *ctxt)
                 fatal("input_userauth_success: no authentication context");
         if (authctxt->authlist)
                 xfree(authctxt->authlist);
-        clear_auth_state(authctxt);
         authctxt->success = 1;                  /* break out */
 }
 
@@ -375,7 +382,6 @@ input_userauth_failure(int type, u_int32_t seq, void *ctxt)
                 logit("Authenticated with partial success.");
         debug("Authentications that can continue: %s", authlist);
 
-        clear_auth_state(authctxt);
         userauth(authctxt, authlist);
 }
 void
@@ -438,10 +444,6 @@ done:
         xfree(pkalg);
         xfree(pkblob);
 
-        /* unregister */
-        clear_auth_state(authctxt);
-        dispatch_set(SSH2_MSG_USERAUTH_PK_OK, NULL);
-
         /* try another method if we did not send a packet */
         if (sent == 0)
                 userauth(authctxt, NULL);
@@ -558,13 +560,6 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt)
             &input_userauth_passwd_changereq);
 }
 
-static void
-clear_auth_state(Authctxt *authctxt)
-{
-        /* XXX clear authentication state */
-        dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ, NULL);
-}
-
 static int
 identity_sign(Identity *id, u_char **sigp, u_int *lenp,
     u_char *data, u_int datalen)