diff options
author | Darren Tucker <dtucker@zip.com.au> | 2003-10-15 17:51:49 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2003-10-15 17:51:49 +1000 |
commit | bcd2f588d14ebdbf3fc4a3a9022a2a9ff4878d58 (patch) | |
tree | 69282452e3ab1137f7bde70ad3483c35805c6b44 | |
parent | 18c68111648543dedc03d4fa02b03b25006bb767 (diff) |
- markus@cvs.openbsd.org 2003/10/11 08:26:43
[sshconnect2.c]
search keys in reverse order; fixes #684
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | sshconnect2.c | 10 |
2 files changed, 13 insertions, 3 deletions
@@ -1,4 +1,8 @@ 20031015 + - (dtucker) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2003/10/11 08:26:43 + [sshconnect2.c] + search keys in reverse order; fixes #684 - (dtucker) [auth.c] Check for disabled password expiry on HP-UX Trusted Mode. 20031009 @@ -1240,4 +1244,4 @@ - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. Report from murple@murple.net, diagnosis from dtucker@zip.com.au -$Id: ChangeLog,v 1.2994.2.49 2003/10/15 07:47:43 dtucker Exp $ +$Id: ChangeLog,v 1.2994.2.50 2003/10/15 07:51:49 dtucker Exp $ diff --git a/sshconnect2.c b/sshconnect2.c index 2ef4201c..f38fdf9a 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.126 2003/10/07 21:58:28 deraadt Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.127 2003/10/11 08:26:43 markus Exp $"); #include "openbsd-compat/sys-queue.h" @@ -453,7 +453,12 @@ input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt) debug2("input_userauth_pk_ok: fp %s", fp); xfree(fp); - TAILQ_FOREACH(id, &authctxt->keys, next) { + /* + * search keys in the reverse order, because last candidate has been + * moved to the end of the queue. this also avoids confusion by + * duplicate keys + */ + TAILQ_FOREACH_REVERSE(id, &authctxt->keys, next, idlist) { if (key_equal(key, id->key)) { sent = sign_and_send_pubkey(authctxt, id); break; @@ -1086,6 +1091,7 @@ userauth_pubkey(Authctxt *authctxt) while ((id = TAILQ_FIRST(&authctxt->keys))) { if (id->tried++) return (0); + /* move key to the end of the queue */ TAILQ_REMOVE(&authctxt->keys, id, next); TAILQ_INSERT_TAIL(&authctxt->keys, id, next); /* |