https://bugzilla.mindrot.org/show_bug.cgi?id=2642
Vincent Brillault <g...@lerya.net> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |g...@lerya.net --- Comment #2 from Vincent Brillault <g...@lerya.net> --- Created attachment 2895 --> https://bugzilla.mindrot.org/attachment.cgi?id=2895&action=edit Only reorder and resent count of authctxt->keys between authentications (Sorry for the double-posting, I am not sure what is the preferred way of submitting patches) While taking another look at the code, I realised that most of the accesses to the authctxt->keys list or its content do not modify it (the attached patch 'constifies' the arguments functions called on the content of the list, to make it easier to see that they don't modify them). There is only one place (not counting prepare/cleanup) that modifies it, userauth_pubkey. That function: - Re-order the key, increasing the tries count each time (up to 2 if it loops) - Set the isprivate flag on private keys when they are loaded This patch (also available at https://github.com/openssh/openssh-portable/pull/57): - Unset the isprivate flag on private keys when they are freed/cleared - Add a pubkey_reset function (called between authentication) that re-re-order the keys and reset the 'tries' count This patch/the code could be simplified: - The 'constification' could be ignored - If we don't care about the order in which keys are tested, the re-ordering could be removed - pubkey_reset could be inlined (esp. if the reordering is removed) - pubkey_cleanup could be inlined (only called once) -- You are receiving this mail because: You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs