- markus@cvs.openbsd.org 2003/05/15 00:28:28

[sshconnect2.c] cleanup unregister of per-method packet handlers; ok djm@
2003-05-15 12:01:28 +10:00 · 2003-05-15 12:01:28 +10:00 · f842fcb296
parent 9d2be48b8f
commit f842fcb296
2 changed files with 14 additions and 16 deletions
--- a/5
+++ b/5
@ -13,6 +13,9 @@
   - markus@cvs.openbsd.org 2003/05/14 22:24:42
     [clientloop.c session.c ssh.1]
     allow to send a BREAK to the remote system; ok various
+   - markus@cvs.openbsd.org 2003/05/15 00:28:28
+     [sshconnect2.c]
+     cleanup unregister of per-method packet handlers; ok djm@
 - (djm) Configure glue for DNS support (code doesn't work in portable yet)

 20030514
@ -1489,4 +1492,4 @@
     save auth method before monitor_reset_key_state(); bugzilla bug #284;
     ok provos@

-$Id: ChangeLog,v 1.2704 2003/05/15 00:53:49 djm Exp $
+$Id: ChangeLog,v 1.2705 2003/05/15 02:01:28 djm Exp $
--- a/sshconnect2.c
+++ b/sshconnect2.c
@ -23,7 +23,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.118 2003/05/14 02:15:47 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.119 2003/05/15 00:28:28 markus Exp $");

 #ifdef KRB5
 #include <krb5.h>
@ -204,7 +204,6 @@ int	userauth_kerberos(Authctxt *);
 void	userauth(Authctxt *, char *);

 static int sign_and_send_pubkey(Authctxt *, Identity *);
-static void clear_auth_state(Authctxt *);
 static void pubkey_prepare(Authctxt *);
 static void pubkey_cleanup(Authctxt *);
 static Key *load_identity_file(char *);
@ -299,8 +298,11 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
 	dispatch_run(DISPATCH_BLOCK, &authctxt.success, &authctxt);	/* loop until success */

 	pubkey_cleanup(&authctxt);
+	dispatch_range(SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL);
+
 	debug("Authentication succeeded (%s).", authctxt.method->name);
 }
+
 void
 userauth(Authctxt *authctxt, char *authlist)
 {
@ -316,6 +318,12 @@ userauth(Authctxt *authctxt, char *authlist)
 		if (method == NULL)
 			fatal("Permission denied (%s).", authlist);
 		authctxt->method = method;
+
+		/* reset the per method handler */
+		dispatch_range(SSH2_MSG_USERAUTH_PER_METHOD_MIN,
+		    SSH2_MSG_USERAUTH_PER_METHOD_MAX, NULL);
+
+		/* and try new method */
 		if (method->userauth(authctxt) != 0) {
 			debug2("we sent a %s packet, wait for reply", method->name);
 			break;
@ -353,7 +361,6 @@ input_userauth_success(int type, u_int32_t seq, void *ctxt)
 		fatal("input_userauth_success: no authentication context");
 	if (authctxt->authlist)
 		xfree(authctxt->authlist);
-	clear_auth_state(authctxt);
 	authctxt->success = 1;			/* break out */
 }

@ -375,7 +382,6 @@ input_userauth_failure(int type, u_int32_t seq, void *ctxt)
 		logit("Authenticated with partial success.");
 	debug("Authentications that can continue: %s", authlist);

-	clear_auth_state(authctxt);
 	userauth(authctxt, authlist);
 }
 void
@ -438,10 +444,6 @@ done:
 	xfree(pkalg);
 	xfree(pkblob);

-	/* unregister */
-	clear_auth_state(authctxt);
-	dispatch_set(SSH2_MSG_USERAUTH_PK_OK, NULL);
-
 	/* try another method if we did not send a packet */
 	if (sent == 0)
 		userauth(authctxt, NULL);
@ -558,13 +560,6 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt)
 	    &input_userauth_passwd_changereq);
 }

-static void
-clear_auth_state(Authctxt *authctxt)
-{
-	/* XXX clear authentication state */
-	dispatch_set(SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ, NULL);
-}
-
 static int
 identity_sign(Identity *id, u_char **sigp, u_int *lenp,
    u_char *data, u_int datalen)