diff options
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | auth.h | 3 | ||||
| -rw-r--r-- | auth2-chall.c | 35 | ||||
| -rw-r--r-- | auth2.c | 10 |
4 files changed, 28 insertions, 26 deletions
@@ -8,6 +8,10 @@ [channels.c pathnames.h] use only one path to X11 UNIX domain socket vs. an array of paths to try. report from djast@cs.toronto.edu. ok markus@ + - markus@cvs.openbsd.org 2001/12/09 18:45:56 + [auth2.c auth2-chall.c auth.h] + add auth2_challenge_stop(), simplifies cleanup of kbd-int sessions, + fixes memleak. 20011219 - (stevesk) OpenBSD CVS sync X11 localhost display @@ -7036,4 +7040,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1694 2001/12/21 01:39:51 djm Exp $ +$Id: ChangeLog,v 1.1695 2001/12/21 01:42:34 djm Exp $ @@ -21,7 +21,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $OpenBSD: auth.h,v 1.22 2001/06/26 17:27:22 markus Exp $ + * $OpenBSD: auth.h,v 1.23 2001/12/09 18:45:56 markus Exp $ */ #ifndef AUTH_H #define AUTH_H @@ -130,6 +130,7 @@ void userauth_finish(Authctxt *, int, char *); int auth_root_allowed(char *); int auth2_challenge(Authctxt *, char *); +void auth2_challenge_stop(Authctxt *); int allowed_user(struct passwd *); diff --git a/auth2-chall.c b/auth2-chall.c index 5e6a691f..4b97e47b 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -23,7 +23,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: auth2-chall.c,v 1.8 2001/09/27 15:31:17 markus Exp $"); +RCSID("$OpenBSD: auth2-chall.c,v 1.9 2001/12/09 18:45:56 markus Exp $"); #include "ssh2.h" #include "auth.h" @@ -156,6 +156,18 @@ auth2_challenge(Authctxt *authctxt, char *devs) return auth2_challenge_start(authctxt); } +/* unregister kbd-int callbacks and context */ +void +auth2_challenge_stop(Authctxt *authctxt) +{ + /* unregister callback */ + dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL); + if (authctxt->kbdintctxt != NULL) { + kbdint_free(authctxt->kbdintctxt); + authctxt->kbdintctxt = NULL; + } +} + /* side effect: sets authctxt->postponed if a reply was sent*/ static int auth2_challenge_start(Authctxt *authctxt) @@ -166,21 +178,18 @@ auth2_challenge_start(Authctxt *authctxt) kbdintctxt->devices ? kbdintctxt->devices : "<empty>"); if (kbdint_next_device(kbdintctxt) == 0) { - kbdint_free(kbdintctxt); - authctxt->kbdintctxt = NULL; + auth2_challenge_stop(authctxt); return 0; } debug("auth2_challenge_start: trying authentication method '%s'", kbdintctxt->device->name); if ((kbdintctxt->ctxt = kbdintctxt->device->init_ctx(authctxt)) == NULL) { - kbdint_free(kbdintctxt); - authctxt->kbdintctxt = NULL; + auth2_challenge_stop(authctxt); return 0; } if (send_userauth_info_request(authctxt) == 0) { - kbdint_free(kbdintctxt); - authctxt->kbdintctxt = NULL; + auth2_challenge_stop(authctxt); return 0; } dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, @@ -271,10 +280,8 @@ input_userauth_info_response(int type, int plen, void *ctxt) break; case 1: /* Authentication needs further interaction */ - authctxt->postponed = 1; - if (send_userauth_info_request(authctxt) == 0) { - authctxt->postponed = 0; - } + if (send_userauth_info_request(authctxt) == 1) + authctxt->postponed = 1; break; default: /* Failure! */ @@ -290,12 +297,8 @@ input_userauth_info_response(int type, int plen, void *ctxt) strlcat(method, kbdintctxt->device->name, len); if (!authctxt->postponed) { - /* unregister callback */ - dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL); - if (authenticated) { - kbdint_free(kbdintctxt); - authctxt->kbdintctxt = NULL; + auth2_challenge_stop(authctxt); } else { /* start next device */ /* may set authctxt->postponed */ @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2.c,v 1.74 2001/12/05 03:56:39 itojun Exp $"); +RCSID("$OpenBSD: auth2.c,v 1.75 2001/12/09 18:45:56 markus Exp $"); #include <openssl/evp.h> @@ -220,14 +220,8 @@ input_userauth_request(int type, int plen, void *ctxt) authctxt->user, authctxt->service, user, service); } /* reset state */ - dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, &protocol_error); + auth2_challenge_stop(authctxt); authctxt->postponed = 0; -#ifdef BSD_AUTH - if (authctxt->as) { - auth_close(authctxt->as); - authctxt->as = NULL; - } -#endif /* try to authenticate user */ m = authmethod_lookup(method); |