- markus@cvs.openbsd.org 2001/12/09 18:45:56

[auth2.c auth2-chall.c auth.h] add auth2_challenge_stop(), simplifies cleanup of kbd-int sessions, fixes memleak.
2001-12-21 12:42:34 +11:00 · 2001-12-21 12:42:34 +11:00 · ee11625d43
parent 3afe375fd2
commit ee11625d43
4 changed files with 28 additions and 26 deletions
--- a/6
+++ b/6
@ -8,6 +8,10 @@
     [channels.c pathnames.h]
     use only one path to X11 UNIX domain socket vs. an array of paths
     to try.  report from djast@cs.toronto.edu.  ok markus@
+   - markus@cvs.openbsd.org 2001/12/09 18:45:56
+     [auth2.c auth2-chall.c auth.h]
+     add auth2_challenge_stop(), simplifies cleanup of kbd-int sessions,
+     fixes memleak.

 20011219
 - (stevesk) OpenBSD CVS sync X11 localhost display
@ -7036,4 +7040,4 @@
 - Wrote replacements for strlcpy and mkdtemp
 - Released 1.0pre1

-$Id: ChangeLog,v 1.1694 2001/12/21 01:39:51 djm Exp $
+$Id: ChangeLog,v 1.1695 2001/12/21 01:42:34 djm Exp $
--- a/auth.h
+++ b/auth.h
@ -21,7 +21,7 @@
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
- * $OpenBSD: auth.h,v 1.22 2001/06/26 17:27:22 markus Exp $
+ * $OpenBSD: auth.h,v 1.23 2001/12/09 18:45:56 markus Exp $
 */
 #ifndef AUTH_H
 #define AUTH_H
@ -130,6 +130,7 @@ void	userauth_finish(Authctxt *, int, char *);
 int	auth_root_allowed(char *);

 int	auth2_challenge(Authctxt *, char *);
+void	auth2_challenge_stop(Authctxt *);

 int	allowed_user(struct passwd *);

--- a/auth2-chall.c
+++ b/auth2-chall.c
@ -23,7 +23,7 @@
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth2-chall.c,v 1.8 2001/09/27 15:31:17 markus Exp $");
+RCSID("$OpenBSD: auth2-chall.c,v 1.9 2001/12/09 18:45:56 markus Exp $");

 #include "ssh2.h"
 #include "auth.h"
@ -156,6 +156,18 @@ auth2_challenge(Authctxt *authctxt, char *devs)
 	return auth2_challenge_start(authctxt);
 }

+/* unregister kbd-int callbacks and context */
+void
+auth2_challenge_stop(Authctxt *authctxt)
+{
+	/* unregister callback */
+	dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);
+	if (authctxt->kbdintctxt != NULL)  {
+		kbdint_free(authctxt->kbdintctxt);
+		authctxt->kbdintctxt = NULL;
+	}
+}
+
 /* side effect: sets authctxt->postponed if a reply was sent*/
 static int
 auth2_challenge_start(Authctxt *authctxt)
@ -166,21 +178,18 @@ auth2_challenge_start(Authctxt *authctxt)
 	    kbdintctxt->devices ?  kbdintctxt->devices : "<empty>");

 	if (kbdint_next_device(kbdintctxt) == 0) {
-		kbdint_free(kbdintctxt);
-		authctxt->kbdintctxt = NULL;
+		auth2_challenge_stop(authctxt);
 		return 0;
 	}
 	debug("auth2_challenge_start: trying authentication method '%s'",
 	    kbdintctxt->device->name);

 	if ((kbdintctxt->ctxt = kbdintctxt->device->init_ctx(authctxt)) == NULL) {
-		kbdint_free(kbdintctxt);
-		authctxt->kbdintctxt = NULL;
+		auth2_challenge_stop(authctxt);
 		return 0;
 	}
 	if (send_userauth_info_request(authctxt) == 0) {
-		kbdint_free(kbdintctxt);
-		authctxt->kbdintctxt = NULL;
+		auth2_challenge_stop(authctxt);
 		return 0;
 	}
 	dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE,
@ -271,10 +280,8 @@ input_userauth_info_response(int type, int plen, void *ctxt)
 		break;
 	case 1:
 		/* Authentication needs further interaction */
-		authctxt->postponed = 1;
-		if (send_userauth_info_request(authctxt) == 0) {
-			authctxt->postponed = 0;
-		}
+		if (send_userauth_info_request(authctxt) == 1)
+			authctxt->postponed = 1;
 		break;
 	default:
 		/* Failure! */
@ -290,12 +297,8 @@ input_userauth_info_response(int type, int plen, void *ctxt)
 	strlcat(method, kbdintctxt->device->name, len);

 	if (!authctxt->postponed) {
-		/* unregister callback */
-		dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);
-
 		if (authenticated) {
-			kbdint_free(kbdintctxt);
-			authctxt->kbdintctxt = NULL;
+			auth2_challenge_stop(authctxt);
 		} else {
 			/* start next device */
 			/* may set authctxt->postponed */
--- a/auth2.c
+++ b/auth2.c
@ -23,7 +23,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.74 2001/12/05 03:56:39 itojun Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.75 2001/12/09 18:45:56 markus Exp $");

 #include <openssl/evp.h>

@ -220,14 +220,8 @@ input_userauth_request(int type, int plen, void *ctxt)
 		    authctxt->user, authctxt->service, user, service);
 	}
 	/* reset state */
-	dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, &protocol_error);
+	auth2_challenge_stop(authctxt);
 	authctxt->postponed = 0;
-#ifdef BSD_AUTH
-	if (authctxt->as) {
-		auth_close(authctxt->as);
-		authctxt->as = NULL;
-	}
-#endif

 	/* try to authenticate user */
 	m = authmethod_lookup(method);