diff options
author | Michael Gmelin <mg@grem.de> | 2018-01-18 01:28:19 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2018-01-18 17:08:13 +0100 |
commit | ddafd45af12a128a99bfe4d35c58809e22d75c52 (patch) | |
tree | 0c77cbbccc3dc3594a667c541a5026d4b43c0b9f /lib/vauth | |
parent | 9e4ad1e2af22f00eeca533b745b67956f57319cb (diff) |
SSH: Fix state machine for ssh-agent authentication
In case an identity didn't match[0], the state machine would fail in
state SSH_AUTH_AGENT instead of progressing to the next identity in
ssh-agent. As a result, ssh-agent authentication only worked if the
identity required happened to be the first added to ssh-agent.
This was introduced as part of commit c4eb10e2f06fbd6cc904f1d78e4, which
stated that the "else" statement was required to prevent getting stuck
in state SSH_AUTH_AGENT. Given the state machine's logic and libssh2's
interface I couldn't see how this could happen or reproduce it and I
also couldn't find a more detailed description of the problem which
would explain a test case to reproduce the problem this was supposed to
fix.
[0] libssh2_agent_userauth returning LIBSSH2_ERROR_AUTHENTICATION_FAILED
Closes #2248
Diffstat (limited to 'lib/vauth')
0 files changed, 0 insertions, 0 deletions