Hi Jon, I may be mistaking but I thought v0-6 already rejected such authentication attempts and put the session in failure mode for security. I'm not sure reporting the error to the user is a good idea.
Aris Le 20/01/14 04:03, Jon Simons a écrit : > Hi, > > Attached is a patch, based off of v0-6, I've used to > ensure that when public key signature validation fails, > the 'auth_pubkey_function' callback will be invoked > with a signature state of SSH_PUBLICKEY_STATE_WRONG. > > Without it I believe that one using 'ssh_server_callbacks' > can not be notified that there may have been any such > problem during signature validation. > > > -Jon >
