diff options
author | Jeremy T. Bouse <Jeremy.Bouse@UnderGrid.net> | 2015-10-25 22:29:44 -0400 |
---|---|---|
committer | Jeremy T. Bouse <Jeremy.Bouse@UnderGrid.net> | 2015-10-25 22:29:44 -0400 |
commit | ad30777fe9b9b34797ba7487056966d27d890974 (patch) | |
tree | fd14ac1ad24a701986483860e1218e7cdc09c732 /paramiko/auth_handler.py | |
parent | 767153f789ed210fe00509f591b013320fc0f3fa (diff) | |
parent | bf855e6da326dba0c46f005eedc9f390c6c3b206 (diff) | |
download | python-paramiko-ad30777fe9b9b34797ba7487056966d27d890974.tar python-paramiko-ad30777fe9b9b34797ba7487056966d27d890974.tar.gz |
Merge tag 'upstream/1.15.3'
Upstream version 1.15.3
Diffstat (limited to 'paramiko/auth_handler.py')
-rw-r--r-- | paramiko/auth_handler.py | 24 |
1 files changed, 8 insertions, 16 deletions
diff --git a/paramiko/auth_handler.py b/paramiko/auth_handler.py index c001aee..ef4a8c7 100644 --- a/paramiko/auth_handler.py +++ b/paramiko/auth_handler.py @@ -34,7 +34,7 @@ from paramiko.common import cMSG_SERVICE_REQUEST, cMSG_DISCONNECT, \ cMSG_USERAUTH_GSSAPI_ERRTOK, cMSG_USERAUTH_GSSAPI_MIC,\ MSG_USERAUTH_GSSAPI_RESPONSE, MSG_USERAUTH_GSSAPI_TOKEN, \ MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, MSG_USERAUTH_GSSAPI_ERROR, \ - MSG_USERAUTH_GSSAPI_ERRTOK, MSG_USERAUTH_GSSAPI_MIC + MSG_USERAUTH_GSSAPI_ERRTOK, MSG_USERAUTH_GSSAPI_MIC, MSG_NAMES from paramiko.message import Message from paramiko.py3compat import bytestring @@ -510,15 +510,11 @@ class AuthHandler (object): result = AUTH_FAILED self._send_auth_result(username, method, result) raise - if retval == 0: - # TODO: Implement client credential saving. - # The OpenSSH server is able to create a TGT with the delegated - # client credentials, but this is not supported by GSS-API. - result = AUTH_SUCCESSFUL - self.transport.server_object.check_auth_gssapi_with_mic( - username, result) - else: - result = AUTH_FAILED + # TODO: Implement client credential saving. + # The OpenSSH server is able to create a TGT with the delegated + # client credentials, but this is not supported by GSS-API. + result = AUTH_SUCCESSFUL + self.transport.server_object.check_auth_gssapi_with_mic(username, result) elif method == "gssapi-keyex" and gss_auth: mic_token = m.get_string() sshgss = self.transport.kexgss_ctxt @@ -534,12 +530,8 @@ class AuthHandler (object): result = AUTH_FAILED self._send_auth_result(username, method, result) raise - if retval == 0: - result = AUTH_SUCCESSFUL - self.transport.server_object.check_auth_gssapi_keyex(username, - result) - else: - result = AUTH_FAILED + result = AUTH_SUCCESSFUL + self.transport.server_object.check_auth_gssapi_keyex(username, result) else: result = self.transport.server_object.check_auth_none(username) # okay, send result |