[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Should ssh_userauth_none() produce an error?
[Thread Prev] | [Thread Next]
- Subject: Should ssh_userauth_none() produce an error?
- From: Jakub Jelen <jjelen@xxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Sun, 26 Aug 2018 22:30:29 +0200
- To: libssh@xxxxxxxxxx
Hello, at this moment, I am debugging application, that is using the above method to figure out the list of supported authentication mechanisms and is failing later without any specific error message (my other email from today). Then we ask for the last error, we are getting the error from the above authentication method, which should not be an error at all (actually confirmed from the server log -- the only failed method was the "none" one probing for the supported authentication methods): read failed: Access denied. Authentication that can continue: publickey,gssapi-keyex,gssapi-with-mic,password (libssh error code: 1, sftp error code: 0) Reading through the tests, they make sure this function returns this error, but I don't think this is a very good idea, because almost any other failure, which will not set its own error will see this error message. It is also confusing, that this type of message does not list what authentication method was used (none) so this is something that should get fixed at least. I understand, this might be harder to change, since this might be considered as part of API, but this email is mostly to start a discussion if others might see this as a problem as well or what can be done about such lurking errors in the code. Regards, -- Jakub Jelen Software Engineer Security Technologies Red Hat, Inc.
| Re: Should ssh_userauth_none() produce an error? | Andreas Schneider <asn@xxxxxxxxxxxxxx> |