From f65c84f27a580af0e4f47ffe6e901b07c7e3314c Mon Sep 17 00:00:00 2001 From: Samuel Ainsworth Date: Sat, 3 Feb 2024 21:41:30 +0000 Subject: [PATCH] server/encrypted.rs: respect `proceed_with_methods` in "none" and "password" authentication methods --- russh/src/server/encrypted.rs | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/russh/src/server/encrypted.rs b/russh/src/server/encrypted.rs index b67823c4..fab334fb 100644 --- a/russh/src/server/encrypted.rs +++ b/russh/src/server/encrypted.rs @@ -300,7 +300,14 @@ impl Encrypted { self.state = EncryptedState::InitCompression; } else { auth_user.clear(); - auth_request.methods -= MethodSet::PASSWORD; + if let Auth::Reject { + proceed_with_methods: Some(proceed_with_methods), + } = auth + { + auth_request.methods = proceed_with_methods; + } else { + auth_request.methods -= MethodSet::PASSWORD; + } auth_request.partial_success = false; reject_auth_request(until, &mut self.write, auth_request).await; } @@ -326,7 +333,14 @@ impl Encrypted { self.state = EncryptedState::InitCompression; } else { auth_user.clear(); - auth_request.methods -= MethodSet::NONE; + if let Auth::Reject { + proceed_with_methods: Some(proceed_with_methods), + } = auth + { + auth_request.methods = proceed_with_methods; + } else { + auth_request.methods -= MethodSet::NONE; + } auth_request.partial_success = false; reject_auth_request(until, &mut self.write, auth_request).await; }