diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-02-12 23:53:10 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-02-13 10:55:44 +1100 |
commit | 38e83e4f219c752ebb1560633b73f06f0392018b (patch) | |
tree | c62abfc4f840dc96e854957ad870ee7f3d37b196 /sshconnect2.c | |
parent | 5c68ea8da790d711e6dd5f4c30d089c54032c59a (diff) |
upstream: fix regression in r1.302 reported by naddy@ - only the first
public key from the agent was being attempted for use.
OpenBSD-Commit-ID: 07116aea521a04888718b2157f1ca723b2f46c8d
Diffstat (limited to 'sshconnect2.c')
-rw-r--r-- | sshconnect2.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/sshconnect2.c b/sshconnect2.c index 6d37e92f7..dffee90b1 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect2.c,v 1.302 2019/02/11 09:44:42 djm Exp $ */ | 1 | /* $OpenBSD: sshconnect2.c,v 1.303 2019/02/12 23:53:10 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2008 Damien Miller. All rights reserved. |
@@ -306,7 +306,6 @@ static int input_userauth_passwd_changereq(int, u_int32_t, struct ssh *); | |||
306 | 306 | ||
307 | static int userauth_none(struct ssh *); | 307 | static int userauth_none(struct ssh *); |
308 | static int userauth_pubkey(struct ssh *); | 308 | static int userauth_pubkey(struct ssh *); |
309 | static void userauth_pubkey_cleanup(struct ssh *); | ||
310 | static int userauth_passwd(struct ssh *); | 309 | static int userauth_passwd(struct ssh *); |
311 | static int userauth_kbdint(struct ssh *); | 310 | static int userauth_kbdint(struct ssh *); |
312 | static int userauth_hostbased(struct ssh *); | 311 | static int userauth_hostbased(struct ssh *); |
@@ -322,6 +321,7 @@ static int input_gssapi_errtok(int, u_int32_t, struct ssh *); | |||
322 | 321 | ||
323 | void userauth(struct ssh *, char *); | 322 | void userauth(struct ssh *, char *); |
324 | 323 | ||
324 | static void pubkey_cleanup(struct ssh *); | ||
325 | static int sign_and_send_pubkey(struct ssh *ssh, Identity *); | 325 | static int sign_and_send_pubkey(struct ssh *ssh, Identity *); |
326 | static void pubkey_prepare(Authctxt *); | 326 | static void pubkey_prepare(Authctxt *); |
327 | static void pubkey_reset(Authctxt *); | 327 | static void pubkey_reset(Authctxt *); |
@@ -346,7 +346,7 @@ Authmethod authmethods[] = { | |||
346 | NULL}, | 346 | NULL}, |
347 | {"publickey", | 347 | {"publickey", |
348 | userauth_pubkey, | 348 | userauth_pubkey, |
349 | userauth_pubkey_cleanup, | 349 | NULL, |
350 | &options.pubkey_authentication, | 350 | &options.pubkey_authentication, |
351 | NULL}, | 351 | NULL}, |
352 | {"keyboard-interactive", | 352 | {"keyboard-interactive", |
@@ -415,6 +415,7 @@ ssh_userauth2(struct ssh *ssh, const char *local_user, | |||
415 | ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_ext_info); | 415 | ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_ext_info); |
416 | ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_ACCEPT, &input_userauth_service_accept); | 416 | ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_ACCEPT, &input_userauth_service_accept); |
417 | ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt.success); /* loop until success */ | 417 | ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt.success); /* loop until success */ |
418 | pubkey_cleanup(ssh); | ||
418 | ssh->authctxt = NULL; | 419 | ssh->authctxt = NULL; |
419 | 420 | ||
420 | ssh_dispatch_range(ssh, SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL); | 421 | ssh_dispatch_range(ssh, SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL); |
@@ -1638,10 +1639,9 @@ pubkey_prepare(Authctxt *authctxt) | |||
1638 | } | 1639 | } |
1639 | 1640 | ||
1640 | static void | 1641 | static void |
1641 | userauth_pubkey_cleanup(struct ssh *ssh) | 1642 | pubkey_cleanup(struct ssh *ssh) |
1642 | { | 1643 | { |
1643 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; | 1644 | Authctxt *authctxt = (Authctxt *)ssh->authctxt; |
1644 | |||
1645 | Identity *id; | 1645 | Identity *id; |
1646 | 1646 | ||
1647 | if (authctxt->agent_fd != -1) { | 1647 | if (authctxt->agent_fd != -1) { |