From 188ec1e2588af00f4511e03861e962edafa68f41 Mon Sep 17 00:00:00 2001 From: Matt Johnston <matt@ucc.asn.au> Date: Wed, 23 Apr 2014 16:22:50 +0800 Subject: [PATCH] Fix pubkey auth if the first key presented fails (infinite loop of auth requests). Regresssion in ff597bf2cfb0 --- cli-auth.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/cli-auth.c b/cli-auth.c index c21f6946..70ace658 100644 --- a/cli-auth.c +++ b/cli-auth.c @@ -174,11 +174,11 @@ void recv_msg_userauth_failure() { the "none" auth request, and then a response to the immediate auth request. We need to be careful handling them. */ if (cli_ses.ignore_next_auth_response) { - TRACE(("ignore next response, state set to USERAUTH_REQ_SENT")) cli_ses.state = USERAUTH_REQ_SENT; + cli_ses.ignore_next_auth_response = 0; + TRACE(("leave recv_msg_userauth_failure, ignored response, state set to USERAUTH_REQ_SENT")); + return; } else { - cli_ses.state = USERAUTH_FAIL_RCVD; - cli_ses.lastauthtype = AUTH_TYPE_NONE; #ifdef ENABLE_CLI_PUBKEY_AUTH /* If it was a pubkey auth request, we should cross that key * off the list. */ @@ -197,10 +197,10 @@ void recv_msg_userauth_failure() { cli_ses.auth_interact_failed = 1; } #endif + cli_ses.state = USERAUTH_FAIL_RCVD; + cli_ses.lastauthtype = AUTH_TYPE_NONE; } - cli_ses.ignore_next_auth_response = 0; - methods = buf_getstring(ses.payload, &methlen); partial = buf_getbool(ses.payload); -- GitLab