From b56e99e21389941dedc56c1f0ba47f380ec97b1f Mon Sep 17 00:00:00 2001 From: dtucker Date: Wed, 15 Oct 2003 05:55:59 +0000 Subject: [PATCH] - markus@cvs.openbsd.org 2003/10/11 08:26:43 [sshconnect2.c] search keys in reverse order; fixes #684 --- ChangeLog | 3 +++ sshconnect2.c | 10 ++++++++-- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index f484326c..eabcb884 100644 --- a/ChangeLog +++ b/ChangeLog @@ -16,6 +16,9 @@ remote x11 clients are now untrusted by default, uses xauth(8) to generate untrusted cookies; ForwardX11Trusted=yes restores old behaviour. ok deraadt; feedback and ok djm/fries + - markus@cvs.openbsd.org 2003/10/11 08:26:43 + [sshconnect2.c] + search keys in reverse order; fixes #684 20031009 - (dtucker) [sshd_config.5] UsePAM defaults to "no". ok djm@ diff --git a/sshconnect2.c b/sshconnect2.c index 2ef4201c..f38fdf9a 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.126 2003/10/07 21:58:28 deraadt Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.127 2003/10/11 08:26:43 markus Exp $"); #include "openbsd-compat/sys-queue.h" @@ -453,7 +453,12 @@ input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt) debug2("input_userauth_pk_ok: fp %s", fp); xfree(fp); - TAILQ_FOREACH(id, &authctxt->keys, next) { + /* + * search keys in the reverse order, because last candidate has been + * moved to the end of the queue. this also avoids confusion by + * duplicate keys + */ + TAILQ_FOREACH_REVERSE(id, &authctxt->keys, next, idlist) { if (key_equal(key, id->key)) { sent = sign_and_send_pubkey(authctxt, id); break; @@ -1086,6 +1091,7 @@ userauth_pubkey(Authctxt *authctxt) while ((id = TAILQ_FIRST(&authctxt->keys))) { if (id->tried++) return (0); + /* move key to the end of the queue */ TAILQ_REMOVE(&authctxt->keys, id, next); TAILQ_INSERT_TAIL(&authctxt->keys, id, next); /* -- 2.45.1