diff --git a/ChangeLog b/ChangeLog index 590a3f6c4..a6e2446e5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -13,6 +13,9 @@ - markus@cvs.openbsd.org 2003/05/14 22:24:42 [clientloop.c session.c ssh.1] allow to send a BREAK to the remote system; ok various + - markus@cvs.openbsd.org 2003/05/15 00:28:28 + [sshconnect2.c] + cleanup unregister of per-method packet handlers; ok djm@ - (djm) Configure glue for DNS support (code doesn't work in portable yet) 20030514 @@ -1489,4 +1492,4 @@ save auth method before monitor_reset_key_state(); bugzilla bug #284; ok provos@ -$Id: ChangeLog,v 1.2704 2003/05/15 00:53:49 djm Exp $ +$Id: ChangeLog,v 1.2705 2003/05/15 02:01:28 djm Exp $ diff --git a/sshconnect2.c b/sshconnect2.c index 36d592b42..1b85730fe 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.118 2003/05/14 02:15:47 markus Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.119 2003/05/15 00:28:28 markus Exp $"); #ifdef KRB5 #include @@ -204,7 +204,6 @@ int userauth_kerberos(Authctxt *); void userauth(Authctxt *, char *); static int sign_and_send_pubkey(Authctxt *, Identity *); -static void clear_auth_state(Authctxt *); static void pubkey_prepare(Authctxt *); static void pubkey_cleanup(Authctxt *); static Key *load_identity_file(char *); @@ -299,8 +298,11 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host, dispatch_run(DISPATCH_BLOCK, &authctxt.success, &authctxt); /* loop until success */ pubkey_cleanup(&authctxt); + dispatch_range(SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL); + debug("Authentication succeeded (%s).", authctxt.method->name); } + void userauth(Authctxt *authctxt, char *authlist) { @@ -316,6 +318,12 @@ userauth(Authctxt *authctxt, char *authlist) if (method == NULL) fatal("Permission denied (%s).", authlist); authctxt->method = method; + + /* reset the per method handler */ + dispatch_range(SSH2_MSG_USERAUTH_PER_METHOD_MIN, + SSH2_MSG_USERAUTH_PER_METHOD_MAX, NULL); + + /* and try new method */ if (method->userauth(authctxt) != 0) { debug2("we sent a %s packet, wait for reply", method->name); break; @@ -353,7 +361,6 @@ input_userauth_success(int type, u_int32_t seq, void *ctxt) fatal("input_userauth_success: no authentication context"); if (authctxt->authlist) xfree(authctxt->authlist); - clear_auth_state(authctxt); authctxt->success = 1; /* break out */ } @@ -375,7 +382,6 @@ input_userauth_failure(int type, u_int32_t seq, void *ctxt) logit("Authenticated with partial success."); debug("Authentications that can continue: %s", authlist); - clear_auth_state(authctxt); userauth(authctxt, authlist); } void @@ -438,10 +444,6 @@ done: xfree(pkalg); xfree(pkblob); - /* unregister */ - clear_auth_state(authctxt); - dispatch_set(SSH2_MSG_USERAUTH_PK_OK, NULL); - /* try another method if we did not send a packet */ if (sent == 0) userauth(authctxt, NULL); @@ -558,13 +560,6 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt) &input_userauth_passwd_changereq); } -static void -clear_auth_state(Authctxt *authctxt) -{ - /* XXX clear authentication state */ - dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ, NULL); -} - static int identity_sign(Identity *id, u_char **sigp, u_int *lenp, u_char *data, u_int datalen)