Where to look next?

Darren Tucker dtucker at zip.com.au
Thu Sep 22 09:58:24 AEST 2016


On Thu, Sep 22, 2016 at 09:51:11AM +1000, Darren Tucker wrote:
> The client thinks the session is authenticated, though.  I think
> that's actually a bug in the OpenSSH client: ssh_userauth2() calls
> ssh_dispatch_run() with DISPATCH_BLOCK blocking on authctxt.success.
> It assumes that if it exits then it's authenticated.
> 
> ssh_packet_read_poll_seqnr(), however, will return
> SSH_ERR_DISCONNECTED in that case, which will cause ssh_dispatch_run()
> to return.

This should handle this case.

diff --git a/sshconnect2.c b/sshconnect2.c
index fae8b0f..ae77243 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -404,6 +404,8 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
 	pubkey_cleanup(&authctxt);
 	ssh_dispatch_range(ssh, SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL);
 
+	if (!authctxt.success)
+		fatal("Authentication failed.");
 	debug("Authentication succeeded (%s).", authctxt.method->name);
 }
 
-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.


More information about the openssh-unix-dev mailing list