summaryrefslogtreecommitdiffstats
path: root/tdeioslave/sftp
diff options
context:
space:
mode:
authorAlexander Golubev <[email protected]>2024-01-28 16:20:48 +0300
committerTDE Gitea <[email protected]>2024-03-04 11:04:11 +0000
commitf8f0b8815ca821ad6764149a915122f8b2f0bf8b (patch)
tree04b2c6b537e7c48bf14d45e8df606babc5b41554 /tdeioslave/sftp
parent21ce69f338efb0636e9eef0e7405825b5dd7c0b0 (diff)
downloadtdebase-f8f0b8815ca821ad6764149a915122f8b2f0bf8b.tar.gz
tdebase-f8f0b8815ca821ad6764149a915122f8b2f0bf8b.zip
tdeioslave/sftp: prevent infinite looping in kb-interactive auth
Signed-off-by: Alexander Golubev <[email protected]>
Diffstat (limited to 'tdeioslave/sftp')
-rw-r--r--tdeioslave/sftp/tdeio_sftp.cpp12
1 files changed, 12 insertions, 0 deletions
diff --git a/tdeioslave/sftp/tdeio_sftp.cpp b/tdeioslave/sftp/tdeio_sftp.cpp
index 3fb611f58..39788cfd7 100644
--- a/tdeioslave/sftp/tdeio_sftp.cpp
+++ b/tdeioslave/sftp/tdeio_sftp.cpp
@@ -339,6 +339,8 @@ int sftpProtocol::authenticateKeyboardInteractive(bool noPaswordQuery) {
kdDebug(TDEIO_SFTP_DB) << "Entering keyboard interactive function" << endl;
+ bool retryDenied = false; // a flag to avoid infinite looping
+
while (1) {
int n = 0;
int i = 0;
@@ -347,6 +349,11 @@ int sftpProtocol::authenticateKeyboardInteractive(bool noPaswordQuery) {
if (rc == SSH_AUTH_DENIED) { // do nothing
kdDebug(TDEIO_SFTP_DB) << "kb-interactive auth was denied; retrying again" << endl;
+ if (retryDenied) {
+ continue;
+ } else {
+ break;
+ }
} else if (rc != SSH_AUTH_INFO) {
kdDebug(TDEIO_SFTP_DB) << "Finishing kb-interactive auth rc=" << rc
<< " ssh_err=" << ssh_get_error_code(mSession)
@@ -360,6 +367,11 @@ int sftpProtocol::authenticateKeyboardInteractive(bool noPaswordQuery) {
instruction = TQString::fromUtf8(ssh_userauth_kbdint_getinstruction(mSession));
n = ssh_userauth_kbdint_getnprompts(mSession);
+ if (n>0) {
+ // If there is at least one prompt we will want to retry auth if we fail
+ retryDenied = true;
+ }
+
kdDebug(TDEIO_SFTP_DB) << "name=" << name << " instruction=" << instruction
<< " prompts:" << n << endl;