diff options
author | des <des@FreeBSD.org> | 2003-03-31 13:45:36 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2003-03-31 13:45:36 +0000 |
commit | 2f9a965fa96ca9a85f7111bbd64646cc109461df (patch) | |
tree | 5c905c6c4267e057178b82179f25046713e54de9 /crypto/openssh/auth.h | |
parent | 874869c32c9a77dca62c27f6f64b54dcd249948d (diff) | |
download | FreeBSD-src-2f9a965fa96ca9a85f7111bbd64646cc109461df.zip FreeBSD-src-2f9a965fa96ca9a85f7111bbd64646cc109461df.tar.gz |
If an ssh1 client initiated challenge-response authentication but did
not respond to challenge, and later successfully authenticated itself
using another method, the kbdint context would never be released,
leaving the PAM child process behind even after the connection ended.
Fix this by automatically releasing the kbdint context if a packet of
type SSH_CMSG_AUTH_TIS is follwed by anything but a packet of type
SSH_CMSG_AUTH_TIS_RESPONSE.
MFC after: 1 week
Diffstat (limited to 'crypto/openssh/auth.h')
-rw-r--r-- | crypto/openssh/auth.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/openssh/auth.h b/crypto/openssh/auth.h index 79ce420..4e19ee4 100644 --- a/crypto/openssh/auth.h +++ b/crypto/openssh/auth.h @@ -160,6 +160,7 @@ struct passwd * getpwnamallow(const char *user); char *get_challenge(Authctxt *); int verify_response(Authctxt *, const char *); +void abandon_challenge_response(Authctxt *); struct passwd * auth_get_user(void); |