diff options
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | sshconnect2.c | 14 |
2 files changed, 18 insertions, 2 deletions
| @@ -73,6 +73,10 @@ | |||
| 73 | - markus@cvs.openbsd.org 2001/08/30 22:22:32 | 73 | - markus@cvs.openbsd.org 2001/08/30 22:22:32 |
| 74 | [ssh-keyscan.c] | 74 | [ssh-keyscan.c] |
| 75 | do not pass pointers to longjmp; fix from wayne@blorf.net | 75 | do not pass pointers to longjmp; fix from wayne@blorf.net |
| 76 | - markus@cvs.openbsd.org 2001/08/31 11:46:39 | ||
| 77 | [sshconnect2.c] | ||
| 78 | disable kbd-interactive if we don't get | ||
| 79 | SSH2_MSG_USERAUTH_INFO_REQUEST messages | ||
| 76 | 80 | ||
| 77 | 20010815 | 81 | 20010815 |
| 78 | - (bal) Fixed stray code in readconf.c that went in by mistake. | 82 | - (bal) Fixed stray code in readconf.c that went in by mistake. |
| @@ -6396,4 +6400,4 @@ | |||
| 6396 | - Wrote replacements for strlcpy and mkdtemp | 6400 | - Wrote replacements for strlcpy and mkdtemp |
| 6397 | - Released 1.0pre1 | 6401 | - Released 1.0pre1 |
| 6398 | 6402 | ||
| 6399 | $Id: ChangeLog,v 1.1506 2001/09/12 18:05:05 mouring Exp $ | 6403 | $Id: ChangeLog,v 1.1507 2001/09/12 18:29:00 mouring Exp $ |
diff --git a/sshconnect2.c b/sshconnect2.c index a86d0036b..a7beb3600 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
| @@ -23,7 +23,7 @@ | |||
| 23 | */ | 23 | */ |
| 24 | 24 | ||
| 25 | #include "includes.h" | 25 | #include "includes.h" |
| 26 | RCSID("$OpenBSD: sshconnect2.c,v 1.81 2001/07/23 09:06:28 markus Exp $"); | 26 | RCSID("$OpenBSD: sshconnect2.c,v 1.82 2001/08/31 11:46:39 markus Exp $"); |
| 27 | 27 | ||
| 28 | #include <openssl/bn.h> | 28 | #include <openssl/bn.h> |
| 29 | #include <openssl/md5.h> | 29 | #include <openssl/md5.h> |
| @@ -164,6 +164,8 @@ struct Authctxt { | |||
| 164 | /* hostbased */ | 164 | /* hostbased */ |
| 165 | Key **keys; | 165 | Key **keys; |
| 166 | int nkeys; | 166 | int nkeys; |
| 167 | /* kbd-interactive */ | ||
| 168 | int info_req_seen; | ||
| 167 | }; | 169 | }; |
| 168 | struct Authmethod { | 170 | struct Authmethod { |
| 169 | char *name; /* string to compare against server's list */ | 171 | char *name; /* string to compare against server's list */ |
| @@ -252,6 +254,7 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host, | |||
| 252 | options.preferred_authentications = authmethods_get(); | 254 | options.preferred_authentications = authmethods_get(); |
| 253 | 255 | ||
| 254 | /* setup authentication context */ | 256 | /* setup authentication context */ |
| 257 | memset(&authctxt, 0, sizeof(authctxt)); | ||
| 255 | authctxt.agent = ssh_get_authentication_connection(); | 258 | authctxt.agent = ssh_get_authentication_connection(); |
| 256 | authctxt.server_user = server_user; | 259 | authctxt.server_user = server_user; |
| 257 | authctxt.local_user = local_user; | 260 | authctxt.local_user = local_user; |
| @@ -262,6 +265,7 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host, | |||
| 262 | authctxt.authlist = NULL; | 265 | authctxt.authlist = NULL; |
| 263 | authctxt.keys = keys; | 266 | authctxt.keys = keys; |
| 264 | authctxt.nkeys = nkeys; | 267 | authctxt.nkeys = nkeys; |
| 268 | authctxt.info_req_seen = 0; | ||
| 265 | if (authctxt.method == NULL) | 269 | if (authctxt.method == NULL) |
| 266 | fatal("ssh_userauth2: internal error: cannot send userauth none request"); | 270 | fatal("ssh_userauth2: internal error: cannot send userauth none request"); |
| 267 | 271 | ||
| @@ -739,6 +743,12 @@ userauth_kbdint(Authctxt *authctxt) | |||
| 739 | 743 | ||
| 740 | if (attempt++ >= options.number_of_password_prompts) | 744 | if (attempt++ >= options.number_of_password_prompts) |
| 741 | return 0; | 745 | return 0; |
| 746 | /* disable if no SSH2_MSG_USERAUTH_INFO_REQUEST has been seen */ | ||
| 747 | if (attempt > 1 && !authctxt->info_req_seen) { | ||
| 748 | debug3("userauth_kbdint: disable: no info_req_seen"); | ||
| 749 | dispatch_set(SSH2_MSG_USERAUTH_INFO_REQUEST, NULL); | ||
| 750 | return 0; | ||
| 751 | } | ||
| 742 | 752 | ||
| 743 | debug2("userauth_kbdint"); | 753 | debug2("userauth_kbdint"); |
| 744 | packet_start(SSH2_MSG_USERAUTH_REQUEST); | 754 | packet_start(SSH2_MSG_USERAUTH_REQUEST); |
| @@ -770,6 +780,8 @@ input_userauth_info_req(int type, int plen, void *ctxt) | |||
| 770 | if (authctxt == NULL) | 780 | if (authctxt == NULL) |
| 771 | fatal("input_userauth_info_req: no authentication context"); | 781 | fatal("input_userauth_info_req: no authentication context"); |
| 772 | 782 | ||
| 783 | authctxt->info_req_seen = 1; | ||
| 784 | |||
| 773 | name = packet_get_string(NULL); | 785 | name = packet_get_string(NULL); |
| 774 | inst = packet_get_string(NULL); | 786 | inst = packet_get_string(NULL); |
| 775 | lang = packet_get_string(NULL); | 787 | lang = packet_get_string(NULL); |