mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-10 01:48:00 +00:00
Fix error handling when command-line password fails.
In cmdline_get_passwd_input(), there's a boolean 'tried_once' which is set the first time the function returns the password set by -pw or -pwfile. The idea, as clearly commented in the code, was that if cmdline_get_password_input asks for that password _again_, we return failure, as if the user had refused to make a second attempt. But that wasn't actually what happened, because when we set tried_once to true, we also set cmdline_password to NULL, which causes the second call to the function to behave as if no password was ever provided at all. So after the -pw password failed, we'd fall back to asking interactively. This change moves the check of cmdline_password to after the check of tried_once, restoring the originally intended behaviour: password authentication will now _only_ be done via the pre-set password, if there is one. This seems like an xkcd #1172 kind of change: now that it's been wrong for a while, _someone_ has probably found the unintended behaviour useful, and started relying on it. So it may become necessary to add an option to set the behaviour either way. But for the moment, let's try it the way I originally intended it.
This commit is contained in:
parent
88d5bb2a22
commit
a82ab70b0b
11
cmdline.c
11
cmdline.c
@ -90,7 +90,7 @@ int cmdline_get_passwd_input(prompts_t *p)
|
||||
* passwords), and (currently) we only cope with a password prompt
|
||||
* that comes in a prompt-set on its own.
|
||||
*/
|
||||
if (!cmdline_password || p->n_prompts != 1 || p->prompts[0]->echo) {
|
||||
if (p->n_prompts != 1 || p->prompts[0]->echo) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
@ -101,6 +101,15 @@ int cmdline_get_passwd_input(prompts_t *p)
|
||||
if (tried_once)
|
||||
return 0;
|
||||
|
||||
/*
|
||||
* If we never had a password available in the first place, we
|
||||
* can't do anything in any case. (But we delay this test until
|
||||
* after tried_once, so that after we free cmdline_password below,
|
||||
* we'll still remember that we _used_ to have one.)
|
||||
*/
|
||||
if (!cmdline_password)
|
||||
return -1;
|
||||
|
||||
prompt_set_result(p->prompts[0], cmdline_password);
|
||||
smemclr(cmdline_password, strlen(cmdline_password));
|
||||
sfree(cmdline_password);
|
||||
|
Loading…
Reference in New Issue
Block a user