From f31c654b30a6f02ce0b8ea8ab81791b675489628 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 22 Sep 2016 02:29:57 +0000 Subject: [PATCH] upstream commit If ssh receives a PACKET_DISCONNECT during userauth it will cause ssh_dispatch_run(DISPATCH_BLOCK, ...) to return without the session being authenticated. Check for this and exit if necessary. ok djm@ Upstream-ID: b3afe126c0839d2eae6cddd41ff2ba317eda0903 --- sshconnect2.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sshconnect2.c b/sshconnect2.c index fae8b0f2c..5e7d07dc5 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.247 2016/07/22 05:46:11 dtucker Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.248 2016/09/22 02:29:57 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -404,6 +404,8 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host, pubkey_cleanup(&authctxt); ssh_dispatch_range(ssh, SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL); + if (!authctxt.success) + fatal("Authentication failed."); debug("Authentication succeeded (%s).", authctxt.method->name); }