diff options
-rw-r--r-- | paramiko/auth_handler.py | 13 | ||||
-rw-r--r-- | sites/www/changelog.rst | 3 |
2 files changed, 10 insertions, 6 deletions
diff --git a/paramiko/auth_handler.py b/paramiko/auth_handler.py index ef4a8c7e..38b23729 100644 --- a/paramiko/auth_handler.py +++ b/paramiko/auth_handler.py @@ -356,7 +356,7 @@ class AuthHandler (object): m.add_string(p[0]) m.add_boolean(p[1]) self.transport._send_message(m) - + def _parse_userauth_request(self, m): if not self.transport.server_mode: # er, uh... what? @@ -495,8 +495,9 @@ class AuthHandler (object): m.add_string(token) self.transport._send_message(m) else: - raise SSHException("Client asked to handle paket %s" - %MSG_NAMES[ptype]) + result = AUTH_FAILED + self._send_auth_result(username, method, result) + return # check MIC ptype, m = self.transport.packetizer.read_message() if ptype == MSG_USERAUTH_GSSAPI_MIC: @@ -568,7 +569,7 @@ class AuthHandler (object): lang = m.get_string() self.transport._log(INFO, 'Auth banner: %s' % banner) # who cares. - + def _parse_userauth_info_request(self, m): if self.auth_method != 'keyboard-interactive': raise SSHException('Illegal info request from server') @@ -580,14 +581,14 @@ class AuthHandler (object): for i in range(prompts): prompt_list.append((m.get_text(), m.get_boolean())) response_list = self.interactive_handler(title, instructions, prompt_list) - + m = Message() m.add_byte(cMSG_USERAUTH_INFO_RESPONSE) m.add_int(len(response_list)) for r in response_list: m.add_string(r) self.transport._send_message(m) - + def _parse_userauth_info_response(self, m): if not self.transport.server_mode: raise SSHException('Illegal info response from server') diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 85fbe73e..b6d95d59 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,9 @@ Changelog ========= +* :bug:`652` Fix behavior of ``gssapi-with-mic`` auth requests so they fail + gracefully (allowing followup via other auth methods) instead of raising an + exception. Patch courtesy of ``@jamercee``. * :feature:`588` Add missing file-like object methods for `~paramiko.file.BufferedFile` and `~paramiko.sftp_file.SFTPFile`. Thanks to Adam Meily for the patch. |