Bugzilla – Attachment 2196 Details for
Bug 983
Required authentication
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
fix of multiple required authentication methods
authmethods.patch (text/plain), 2.28 KB, created by
Petr Lautrbach
on 2012-11-30 02:17:59 AEDT
(
hide
)
Description:
fix of multiple required authentication methods
Filename:
MIME Type:
Creator:
Petr Lautrbach
Created:
2012-11-30 02:17:59 AEDT
Size:
2.28 KB
patch
obsolete
>Index: auth2.c >=================================================================== >RCS file: /cvs/openssh/auth2.c,v >retrieving revision 1.155 >diff -u -r1.155 auth2.c >--- auth2.c 4 Nov 2012 12:21:41 -0000 1.155 >+++ auth2.c 29 Nov 2012 15:01:03 -0000 >@@ -312,6 +312,13 @@ > #endif > } > >+ if (authenticated && options.num_auth_methods != 0) { >+ if (!auth2_update_methods_lists(authctxt, method)) { >+ authenticated = 0; >+ partial = 1; >+ } >+ } >+ > #ifdef USE_PAM > if (options.use_pam && authenticated) { > if (!PRIVSEP(do_pam_account())) { >@@ -335,18 +342,11 @@ > #endif /* _UNICOS */ > > /* Log before sending the reply */ >- auth_log(authctxt, authenticated, method, " ssh2"); >+ auth_log(authctxt, authenticated | partial, method, " ssh2"); > > if (authctxt->postponed) > return; > >- if (authenticated && options.num_auth_methods != 0) { >- if (!auth2_update_methods_lists(authctxt, method)) { >- authenticated = 0; >- partial = 1; >- } >- } >- > if (authenticated == 1) { > /* turn off userauth */ > dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore); >@@ -359,7 +359,8 @@ > > /* Allow initial try of "none" auth without failure penalty */ > if (!authctxt->server_caused_failure && >- (authctxt->attempt > 1 || strcmp(method, "none") != 0)) >+ (authctxt->attempt > 1 || strcmp(method, "none") != 0) && >+ !partial) > authctxt->failures++; > if (authctxt->failures >= options.max_authtries) { > #ifdef SSH_AUDIT_EVENTS >Index: monitor.c >=================================================================== >RCS file: /cvs/openssh/monitor.c,v >retrieving revision 1.153 >diff -u -r1.153 monitor.c >--- monitor.c 4 Nov 2012 12:21:41 -0000 1.153 >+++ monitor.c 29 Nov 2012 15:01:04 -0000 >@@ -353,6 +353,7 @@ > { > struct mon_table *ent; > int authenticated = 0; >+ int partial = 0; > > debug3("preauth child monitor started"); > >@@ -393,6 +394,7 @@ > debug3("%s: method %s: partial", __func__, > auth_method); > authenticated = 0; >+ partial = 1; > } > } > >@@ -417,9 +419,9 @@ > #endif > } > if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { >- auth_log(authctxt, authenticated, auth_method, >+ auth_log(authctxt, authenticated | partial, auth_method, > compat20 ? " ssh2" : ""); >- if (!authenticated) >+ if (!authenticated && !partial) > authctxt->failures++; > } > #ifdef JPAKE
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2196">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 983
:
807
|
941
|
1121
|
1122
|
1123
|
1455
|
1518
|
1521
|
1567
|
1667
|
1768
|
1955
|
1999
|
2079
|
2084
|
2096
|
2138
|
2177
|
2178
|
2192
|
2196