diff options
author | Jon Simons <jon@jonsimons.org> | 2013-11-02 01:34:46 -0700 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2013-11-02 21:02:56 +0100 |
commit | d4f5a0e6ab09ce96792a9ba89c44a94387e883b4 (patch) | |
tree | c2388f90c05a3cd8b019e5df4d371f1e6810c788 /src | |
parent | ce1d73e0f08587e90ccf31aa59ef26202b7bd483 (diff) | |
download | libssh-d4f5a0e6ab09ce96792a9ba89c44a94387e883b4.tar.gz libssh-d4f5a0e6ab09ce96792a9ba89c44a94387e883b4.tar.xz libssh-d4f5a0e6ab09ce96792a9ba89c44a94387e883b4.zip |
server: fix pubkey reply for key probes
Per RFC 4252, it is required to send back only one of either
SSH_MSG_USERAUTH_PK_OK or SSH_MSG_USERAUTH_FAILURE for public
key probes.
Update the handling of 'auth_pubkey_function' to send back PK_OK
instead of SSH_MSG_USERAUTH_SUCCESS for the case that the state
of the message at hand is SSH_PUBLICKEY_STATE_NONE.
With this change, it is now possible to process an initial key probe
and then subsequent signature validation using the server callbacks.
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/messages.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/messages.c b/src/messages.c index 73f39974..c8e0e094 100644 --- a/src/messages.c +++ b/src/messages.c @@ -120,10 +120,18 @@ static int ssh_execute_server_request(ssh_session session, ssh_message msg) msg->auth_request.username, msg->auth_request.pubkey, msg->auth_request.signature_state, session->server_callbacks->userdata); - if (rc == SSH_AUTH_SUCCESS || rc == SSH_AUTH_PARTIAL){ + if (msg->auth_request.signature_state != SSH_PUBLICKEY_STATE_NONE) { + if (rc == SSH_AUTH_SUCCESS || rc == SSH_AUTH_PARTIAL) { ssh_message_auth_reply_success(msg, rc == SSH_AUTH_PARTIAL); + } else { + ssh_message_reply_default(msg); + } } else { + if (rc == SSH_AUTH_SUCCESS) { + ssh_message_auth_reply_pk_ok_simple(msg); + } else { ssh_message_reply_default(msg); + } } return SSH_OK; |