summaryrefslogtreecommitdiff
path: root/sshconnect2.c
diff options
context:
space:
mode:
authorBen Lindstrom <mouring@eviladmin.org>2001-09-12 18:29:00 +0000
committerBen Lindstrom <mouring@eviladmin.org>2001-09-12 18:29:00 +0000
commit7d199962015ad042208beb54cf4a8fb72053f468 (patch)
tree09c89d97fae22eb9fbbc40f97370031c53effb8d /sshconnect2.c
parent520b55c8c410061c9a16417a6ec879967b1ea95a (diff)
- markus@cvs.openbsd.org 2001/08/31 11:46:39
[sshconnect2.c] disable kbd-interactive if we don't get SSH2_MSG_USERAUTH_INFO_REQUEST messages
Diffstat (limited to 'sshconnect2.c')
-rw-r--r--sshconnect2.c14
1 files changed, 13 insertions, 1 deletions
diff --git a/sshconnect2.c b/sshconnect2.c
index a86d0036b..a7beb3600 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: sshconnect2.c,v 1.81 2001/07/23 09:06:28 markus Exp $"); 26RCSID("$OpenBSD: sshconnect2.c,v 1.82 2001/08/31 11:46:39 markus Exp $");
27 27
28#include <openssl/bn.h> 28#include <openssl/bn.h>
29#include <openssl/md5.h> 29#include <openssl/md5.h>
@@ -164,6 +164,8 @@ struct Authctxt {
164 /* hostbased */ 164 /* hostbased */
165 Key **keys; 165 Key **keys;
166 int nkeys; 166 int nkeys;
167 /* kbd-interactive */
168 int info_req_seen;
167}; 169};
168struct Authmethod { 170struct Authmethod {
169 char *name; /* string to compare against server's list */ 171 char *name; /* string to compare against server's list */
@@ -252,6 +254,7 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
252 options.preferred_authentications = authmethods_get(); 254 options.preferred_authentications = authmethods_get();
253 255
254 /* setup authentication context */ 256 /* setup authentication context */
257 memset(&authctxt, 0, sizeof(authctxt));
255 authctxt.agent = ssh_get_authentication_connection(); 258 authctxt.agent = ssh_get_authentication_connection();
256 authctxt.server_user = server_user; 259 authctxt.server_user = server_user;
257 authctxt.local_user = local_user; 260 authctxt.local_user = local_user;
@@ -262,6 +265,7 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
262 authctxt.authlist = NULL; 265 authctxt.authlist = NULL;
263 authctxt.keys = keys; 266 authctxt.keys = keys;
264 authctxt.nkeys = nkeys; 267 authctxt.nkeys = nkeys;
268 authctxt.info_req_seen = 0;
265 if (authctxt.method == NULL) 269 if (authctxt.method == NULL)
266 fatal("ssh_userauth2: internal error: cannot send userauth none request"); 270 fatal("ssh_userauth2: internal error: cannot send userauth none request");
267 271
@@ -739,6 +743,12 @@ userauth_kbdint(Authctxt *authctxt)
739 743
740 if (attempt++ >= options.number_of_password_prompts) 744 if (attempt++ >= options.number_of_password_prompts)
741 return 0; 745 return 0;
746 /* disable if no SSH2_MSG_USERAUTH_INFO_REQUEST has been seen */
747 if (attempt > 1 && !authctxt->info_req_seen) {
748 debug3("userauth_kbdint: disable: no info_req_seen");
749 dispatch_set(SSH2_MSG_USERAUTH_INFO_REQUEST, NULL);
750 return 0;
751 }
742 752
743 debug2("userauth_kbdint"); 753 debug2("userauth_kbdint");
744 packet_start(SSH2_MSG_USERAUTH_REQUEST); 754 packet_start(SSH2_MSG_USERAUTH_REQUEST);
@@ -770,6 +780,8 @@ input_userauth_info_req(int type, int plen, void *ctxt)
770 if (authctxt == NULL) 780 if (authctxt == NULL)
771 fatal("input_userauth_info_req: no authentication context"); 781 fatal("input_userauth_info_req: no authentication context");
772 782
783 authctxt->info_req_seen = 1;
784
773 name = packet_get_string(NULL); 785 name = packet_get_string(NULL);
774 inst = packet_get_string(NULL); 786 inst = packet_get_string(NULL);
775 lang = packet_get_string(NULL); 787 lang = packet_get_string(NULL);
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 10:04:23 +0000