SSH_AUTH_PARTIAL is now correctly passed to the caller of ssh_userauth_publickey_auto().

Implicitly fixed unsafe return code handling that could result in use-after-free. Signed-off-by: Tilo Eckert <tilo.eckert@flam.de> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2025-11-30 13:01:23 +03:00 · 2015-06-11 16:43:27 +02:00
parent cc25d747d4
commit 0423057424
1 changed files with 7 additions and 8 deletions
--- a/src/auth.c
+++ b/src/auth.c
@@ -1045,15 +1045,14 @@ int ssh_userauth_publickey_auto(ssh_session session,
                ssh_key_free(state->privkey);
                ssh_key_free(state->pubkey);
                SAFE_FREE(session->auth_auto_state);
+                if (rc == SSH_AUTH_SUCCESS) {
+                    SSH_LOG(SSH_LOG_INFO,
+                            "Successfully authenticated using %s",
+                            privkey_file);
+                }
+                return rc;
            }
-            if (rc == SSH_AUTH_ERROR) {
-                return rc;
-            } else if (rc == SSH_AUTH_SUCCESS) {
-                SSH_LOG(SSH_LOG_INFO,
-                        "Successfully authenticated using %s",
-                        privkey_file);
-                return rc;
-            } else if (rc == SSH_AUTH_AGAIN){
+            if (rc == SSH_AUTH_AGAIN){
                return rc;
            }