CVE-2018-10933: Introduce SSH_AUTH_STATE_AUTH_NONE_SENT

The introduced auth state allows to identify when a request without authentication information was sent. Fixes T101 Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2026-02-07 02:39:48 +09:00 · 2018-09-19 17:01:15 +02:00
parent 825f4ba964
commit 20981bf229
2 changed files with 5 additions and 1 deletions
--- a/include/libssh/auth.h
+++ b/include/libssh/auth.h
@@ -82,6 +82,8 @@ enum ssh_auth_state_e {
  SSH_AUTH_STATE_PUBKEY_AUTH_SENT,
  /** We have sent a password expecting to be authenticated */
  SSH_AUTH_STATE_PASSWORD_AUTH_SENT,
+  /** We have sent a request without auth information (method 'none') */
+  SSH_AUTH_STATE_AUTH_NONE_SENT,
 };

 /** @internal