projects
/
openssh.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
merge key exchange patch without rekeying support
[openssh.git]
/
auth2.c
diff --git
a/auth2.c
b/auth2.c
index
95820f9
..
3c38cdd
100644
(file)
--- a/
auth2.c
+++ b/
auth2.c
@@
-69,6
+69,7
@@
extern Authmethod method_passwd;
extern Authmethod method_kbdint;
extern Authmethod method_hostbased;
#ifdef GSSAPI
extern Authmethod method_kbdint;
extern Authmethod method_hostbased;
#ifdef GSSAPI
+extern Authmethod method_gsskeyex;
extern Authmethod method_gssapi;
#endif
#ifdef JPAKE
extern Authmethod method_gssapi;
#endif
#ifdef JPAKE
@@
-79,6
+80,7
@@
Authmethod *authmethods[] = {
&method_none,
&method_pubkey,
#ifdef GSSAPI
&method_none,
&method_pubkey,
#ifdef GSSAPI
+ &method_gsskeyex,
&method_gssapi,
#endif
#ifdef JPAKE
&method_gssapi,
#endif
#ifdef JPAKE
@@
-274,6
+276,7
@@
input_userauth_request(int type, u_int32_t seq, void *ctxt)
#endif
authctxt->postponed = 0;
#endif
authctxt->postponed = 0;
+ authctxt->server_caused_failure = 0;
/* try to authenticate user */
m = authmethod_lookup(method);
/* try to authenticate user */
m = authmethod_lookup(method);
@@
-346,7
+349,8
@@
userauth_finish(Authctxt *authctxt, int authenticated, char *method)
} else {
/* Allow initial try of "none" auth without failure penalty */
} else {
/* Allow initial try of "none" auth without failure penalty */
- if (authctxt->attempt > 1 || strcmp(method, "none") != 0)
+ if (!authctxt->server_caused_failure &&
+ (authctxt->attempt > 1 || strcmp(method, "none") != 0))
authctxt->failures++;
if (authctxt->failures >= options.max_authtries) {
#ifdef SSH_AUDIT_EVENTS
authctxt->failures++;
if (authctxt->failures >= options.max_authtries) {
#ifdef SSH_AUDIT_EVENTS