diff options
-rw-r--r-- | src/clientiface.cpp | 9 | ||||
-rw-r--r-- | src/clientiface.h | 2 | ||||
-rw-r--r-- | src/network/serverpackethandler.cpp | 2 |
3 files changed, 13 insertions, 0 deletions
diff --git a/src/clientiface.cpp b/src/clientiface.cpp index a1c3e1187..a4bfb8242 100644 --- a/src/clientiface.cpp +++ b/src/clientiface.cpp @@ -596,6 +596,15 @@ void RemoteClient::notifyEvent(ClientStateEvent event) } } +void RemoteClient::resetChosenMech() +{ + if (chosen_mech == AUTH_MECHANISM_SRP) { + srp_verifier_delete((SRPVerifier *) auth_data); + auth_data = nullptr; + } + chosen_mech = AUTH_MECHANISM_NONE; +} + u64 RemoteClient::uptime() const { return porting::getTimeS() - m_connection_time; diff --git a/src/clientiface.h b/src/clientiface.h index b1591ddb0..04e8b8033 100644 --- a/src/clientiface.h +++ b/src/clientiface.h @@ -242,6 +242,8 @@ public: u32 allowed_auth_mechs = 0; u32 allowed_sudo_mechs = 0; + void resetChosenMech(); + bool isSudoMechAllowed(AuthMechanism mech) { return allowed_sudo_mechs & mech; } bool isMechAllowed(AuthMechanism mech) diff --git a/src/network/serverpackethandler.cpp b/src/network/serverpackethandler.cpp index 366ec2d28..6f60b8172 100644 --- a/src/network/serverpackethandler.cpp +++ b/src/network/serverpackethandler.cpp @@ -1640,6 +1640,7 @@ void Server::handleCommand_SrpBytesA(NetworkPacket* pkt) << std::endl; if (wantSudo) { DenySudoAccess(peer_id); + client->resetChosenMech(); return; } @@ -1706,6 +1707,7 @@ void Server::handleCommand_SrpBytesM(NetworkPacket* pkt) << " tried to change their password, but supplied wrong" << " (SRP) password for authentication." << std::endl; DenySudoAccess(peer_id); + client->resetChosenMech(); return; } |