- markus@cvs.openbsd.org 2001/08/30 22:22:32
[ssh-keyscan.c]
do not pass pointers to longjmp; fix from wayne@blorf.net
+ - markus@cvs.openbsd.org 2001/08/31 11:46:39
+ [sshconnect2.c]
+ disable kbd-interactive if we don't get
+ SSH2_MSG_USERAUTH_INFO_REQUEST messages
20010815
- (bal) Fixed stray code in readconf.c that went in by mistake.
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.81 2001/07/23 09:06:28 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.82 2001/08/31 11:46:39 markus Exp $");
#include <openssl/bn.h>
#include <openssl/md5.h>
/* hostbased */
Key **keys;
int nkeys;
+ /* kbd-interactive */
+ int info_req_seen;
};
struct Authmethod {
char *name; /* string to compare against server's list */
options.preferred_authentications = authmethods_get();
/* setup authentication context */
+ memset(&authctxt, 0, sizeof(authctxt));
authctxt.agent = ssh_get_authentication_connection();
authctxt.server_user = server_user;
authctxt.local_user = local_user;
authctxt.authlist = NULL;
authctxt.keys = keys;
authctxt.nkeys = nkeys;
+ authctxt.info_req_seen = 0;
if (authctxt.method == NULL)
fatal("ssh_userauth2: internal error: cannot send userauth none request");
if (attempt++ >= options.number_of_password_prompts)
return 0;
+ /* disable if no SSH2_MSG_USERAUTH_INFO_REQUEST has been seen */
+ if (attempt > 1 && !authctxt->info_req_seen) {
+ debug3("userauth_kbdint: disable: no info_req_seen");
+ dispatch_set(SSH2_MSG_USERAUTH_INFO_REQUEST, NULL);
+ return 0;
+ }
debug2("userauth_kbdint");
packet_start(SSH2_MSG_USERAUTH_REQUEST);
if (authctxt == NULL)
fatal("input_userauth_info_req: no authentication context");
+ authctxt->info_req_seen = 1;
+
name = packet_get_string(NULL);
inst = packet_get_string(NULL);
lang = packet_get_string(NULL);