#82 keyboard-interactive authentication breaks after returning Auth::Partial
There’s two branches where keyboard-interactive can be handled, the first iteration hits EncryptedState::WaitingAuthRequest(_) if buf[0] == msg::USERAUTH_REQUEST which works fine if you return an Auth::Accept or Auth::Reject, but if you return an Auth::Partial, future responses hit the EncryptedState::WaitingAuthRequest(ref mut auth) if buf[0] == msg::USERAUTH_INFO_RESPONSE case, which checks for the impossible condition if let EncryptedState::InitCompression = enc.state.
This check is fine in the first case, because there’s a call to enc.server_read_auth_request which ultimately mutates enc.state if Auth::Accept is returned from Handler::auth_keyboard_interactive. However, this mutation never happens in the second case, so we have to do the mutation ourselves.
diff --git a/thrussh/src/server/encrypted.rs b/thrussh/src/server/encrypted.rs
index 95a6734..1b85f16 100644
--- a/thrussh/src/server/encrypted.rs
+++ b/thrussh/src/server/encrypted.rs
@@ -160,9 +160,8 @@ impl Session {
)
.await?
{
- if let EncryptedState::InitCompression = enc.state {
- enc.client_compression.init_decompress(&mut enc.decompress);
- }
+ enc.state = EncryptedState::InitCompression;
+ enc.client_compression.init_decompress(&mut enc.decompress);
}
Ok(self)
}
Do you want to send a Pijul patch? We don’t take Git diffs here. If not, I can do it.
I was getting panics when trying to perform any repo-based commands using Pijul using both the version on crates.io and in nixpkgs relating to unsupported ciphers or something. Would appreciate if you could push it up. Thanks!
I would very much appreciate a bug report on Pijul as well. What did you do exactly? I’m not aware of any panic in Pijul in the last six months or so.
I’ve opened a discussion here: https://nest.pijul.com/pijul/pijul/discussions/811 - I just pulled the repo and attempted to make changes 🤷♂️