Do not send extra ssh_message_reply_default()
Keyboard-interactive sends a reply when it initializes, in which
case we should manipulate connection state: we have not succeeded
in auth nor have we failed.
This state needs to be recognized, so we do not call
ssh_message_reply_default(), as that translates in an immediate
SSH_MSG_USERAUTH_FAILURE, which means on retry this message will
leak into the open session, where it is not a valid command.
Change auth_ret into a tri-state, with a new -1 state.
Fixes #68.
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
diff --git a/src/session_server_ssh.c b/src/session_server_ssh.c
index 2c19210..ff14ae7 100644
--- a/src/session_server_ssh.c
+++ b/src/session_server_ssh.c
@@ -855,6 +855,7 @@
char echo[] = {0};
ssh_message_auth_interactive_request(msg, "Interactive SSH Authentication", "Type your password:", 1, prompts, echo);
+ auth_ret = -1;
} else {
if (ssh_userauth_kbdint_getnanswers(session->ti.libssh.session) != 1) {// failed session
ssh_message_reply_default(msg);
@@ -862,12 +863,18 @@
}
pass_hash = auth_password_get_pwd_hash(session->username);// get hashed password
if (pass_hash) {
- auth_ret = auth_password_compare_pwd(pass_hash, ssh_userauth_kbdint_getanswer(session->ti.libssh.session, 0));
+ /* Normalize auth_password_compare_pwd result to 0 or 1 */
+ auth_ret = !!auth_password_compare_pwd(pass_hash, ssh_userauth_kbdint_getanswer(session->ti.libssh.session, 0));
free(pass_hash);// free hashed password
}
}
}
+ /* We have already sent a reply */
+ if (auth_ret == -1) {
+ return;
+ }
+
/* Authenticate message based on outcome */
if (!auth_ret) {
session->flags |= NC_SESSION_SSH_AUTHENTICATED;