diff options
author | Jon Simons <jon@jonsimons.org> | 2013-11-02 01:34:46 -0700 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2013-11-02 21:02:56 +0100 |
commit | d4f5a0e6ab09ce96792a9ba89c44a94387e883b4 (patch) | |
tree | c2388f90c05a3cd8b019e5df4d371f1e6810c788 /doc | |
parent | ce1d73e0f08587e90ccf31aa59ef26202b7bd483 (diff) | |
download | libssh-d4f5a0e6ab09ce96792a9ba89c44a94387e883b4.tar.gz libssh-d4f5a0e6ab09ce96792a9ba89c44a94387e883b4.tar.xz libssh-d4f5a0e6ab09ce96792a9ba89c44a94387e883b4.zip |
server: fix pubkey reply for key probes
Per RFC 4252, it is required to send back only one of either
SSH_MSG_USERAUTH_PK_OK or SSH_MSG_USERAUTH_FAILURE for public
key probes.
Update the handling of 'auth_pubkey_function' to send back PK_OK
instead of SSH_MSG_USERAUTH_SUCCESS for the case that the state
of the message at hand is SSH_PUBLICKEY_STATE_NONE.
With this change, it is now possible to process an initial key probe
and then subsequent signature validation using the server callbacks.
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'doc')
0 files changed, 0 insertions, 0 deletions