[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bug in partial key authentication?
[Thread Prev] | [Thread Next]
- Subject: Re: Bug in partial key authentication?
- From: Andreas Schneider <asn@xxxxxxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Fri, 19 May 2017 07:49:15 +0200
- To: libssh@xxxxxxxxxx
On Wednesday, 17 May 2017 22:14:53 CEST Jason Curl wrote: > Hello, > > I'm working on using libssh on Windows with .NET. I've compiled master using > MSYS64 and it works quite well (based on the current HEAD on master). > > I get a hang (in an arguably invalid situation), but as it's a hang and > blocks forever, I think the library should really check if it's in a valid > state and return an error instead of hanging for ever. > > The pseudo code I'm doing is (it's in C# and would be too complicated > otherwise) > * ssh_pki_import_pubkey_file(filename, &pubkey) => returns success > * ssh_userauth_none(m_Session, null) => returns denied (expected) > * ssh_userauth_try_publickey(m_Session, null, publicKey) => returns SUCCESS > > Now, normally I would have to call ssh_userauth_publickey(m_Session, null, > privateKey) and the program works as expected (it connects), but if I don't, > then: > * ssh_channel_new(m_Session) => Returns a valid channel handle. I'd expect > it to fail here instead of pass > * ssh_channel_open_session(m_Channel) => Blocks forever > > If ssh_userauth_try_publickey returns denied, then the above also fails and > I get error codes as I'd expect. If I do the right thing and also call > ssh_userauth_publickey then it also does the right thing. > > So I can ensure my code does the right thing, my question is, shouldn't the > above case not block anyway? We already fixed some issues that the code is in the wrong state in the auth code. I think there are more cases missing and those should be fixed. It should be easy to extend our test suite with the case you describe and fix it from their. Could you write the code for it? tests/client/torture_auth.c Is what you are looking for. Thanks, Andreas -- Andreas Schneider GPG-ID: CC014E3D www.cryptomilk.org asn@xxxxxxxxxxxxxx
Bug in partial key authentication? | Jason Curl <jason@xxxxxxxxxxxxxxxxxxxxxxxx> |