summaryrefslogtreecommitdiff
path: root/auth2.c
diff options
context:
space:
mode:
Diffstat (limited to 'auth2.c')
-rw-r--r--auth2.c15
1 files changed, 13 insertions, 2 deletions
diff --git a/auth2.c b/auth2.c
index 3ee44014d..31ae31e0c 100644
--- a/auth2.c
+++ b/auth2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2.c,v 1.119 2008/07/04 23:30:16 djm Exp $ */ 1/* $OpenBSD: auth2.c,v 1.120 2008/11/04 08:22:12 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -72,6 +72,9 @@ extern Authmethod method_hostbased;
72extern Authmethod method_gsskeyex; 72extern Authmethod method_gsskeyex;
73extern Authmethod method_gssapi; 73extern Authmethod method_gssapi;
74#endif 74#endif
75#ifdef JPAKE
76extern Authmethod method_jpake;
77#endif
75 78
76Authmethod *authmethods[] = { 79Authmethod *authmethods[] = {
77 &method_none, 80 &method_none,
@@ -80,6 +83,9 @@ Authmethod *authmethods[] = {
80 &method_gsskeyex, 83 &method_gsskeyex,
81 &method_gssapi, 84 &method_gssapi,
82#endif 85#endif
86#ifdef JPAKE
87 &method_jpake,
88#endif
83 &method_passwd, 89 &method_passwd,
84 &method_kbdint, 90 &method_kbdint,
85 &method_hostbased, 91 &method_hostbased,
@@ -259,8 +265,12 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
259 } 265 }
260 /* reset state */ 266 /* reset state */
261 auth2_challenge_stop(authctxt); 267 auth2_challenge_stop(authctxt);
268#ifdef JPAKE
269 auth2_jpake_stop(authctxt);
270#endif
262 271
263#ifdef GSSAPI 272#ifdef GSSAPI
273 /* XXX move to auth2_gssapi_stop() */
264 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); 274 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
265 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL); 275 dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL);
266#endif 276#endif
@@ -339,7 +349,8 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
339 } else { 349 } else {
340 350
341 /* Allow initial try of "none" auth without failure penalty */ 351 /* Allow initial try of "none" auth without failure penalty */
342 if (authctxt->attempt > 1 || strcmp(method, "none") != 0) 352 if (!authctxt->server_caused_failure &&
353 (authctxt->attempt > 1 || strcmp(method, "none") != 0))
343 authctxt->failures++; 354 authctxt->failures++;
344 if (authctxt->failures >= options.max_authtries) { 355 if (authctxt->failures >= options.max_authtries) {
345#ifdef SSH_AUDIT_EVENTS 356#ifdef SSH_AUDIT_EVENTS