summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAnderson Toshiyuki Sasaki <ansasaki@redhat.com>2018-09-05 12:14:07 +0200
committerAndreas Schneider <asn@cryptomilk.org>2018-10-16 09:19:03 +0200
commit5d7414467d6dac100a93df761b06de5cd07fc69a (patch)
treefc3d0cf7e3723c2a86025ca632cf9e17b52661be
parent20981bf2296202e95d7919394d4610ae3a876cfa (diff)
downloadlibssh-5d7414467d6dac100a93df761b06de5cd07fc69a.tar.gz
libssh-5d7414467d6dac100a93df761b06de5cd07fc69a.tar.xz
libssh-5d7414467d6dac100a93df761b06de5cd07fc69a.zip
CVE-2018-10933: Set correct state after sending MIC
After sending the client token, the auth state is set as SSH_AUTH_STATE_GSSAPI_MIC_SENT. Then this can be expected to be the state when a USERAUTH_FAILURE or USERAUTH_SUCCESS arrives. Fixes T101 Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--src/gssapi.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/gssapi.c b/src/gssapi.c
index 51b69e7a..77df0b59 100644
--- a/src/gssapi.c
+++ b/src/gssapi.c
@@ -960,8 +960,8 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_client){
}
if (maj_stat == GSS_S_COMPLETE) {
- session->auth.state = SSH_AUTH_STATE_NONE;
ssh_gssapi_send_mic(session);
+ session->auth.state = SSH_AUTH_STATE_GSSAPI_MIC_SENT;
}
return SSH_PACKET_USED;