From 0a65d477915cb445e95575521688810fe7905b4b Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Thu, 17 May 2012 20:52:57 +0800
Subject: - Only request "none" cipher after auth has succeeded

---
 cli-session.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'cli-session.c')

diff --git a/cli-session.c b/cli-session.c
index 566dd2a..e58fdbd 100644
--- a/cli-session.c
+++ b/cli-session.c
@@ -133,6 +133,13 @@ static void cli_session_init() {
 	cli_ses.lastprivkey = NULL;
 	cli_ses.lastauthtype = 0;
 
+#ifdef DROPBEAR_NONE_CIPHER
+	cli_ses.cipher_none_after_auth = get_algo_usable(sshciphers, "none");
+	set_algo_usable(sshciphers, "none", 0);
+#else
+	cli_ses.cipher_none_after_auth = 0;
+#endif
+
 	/* For printing "remote host closed" for the user */
 	ses.remoteclosed = cli_remoteclosed;
 	ses.buf_match_algo = cli_buf_match_algo;
@@ -207,6 +214,14 @@ static void cli_sessionloop() {
 
 		case USERAUTH_SUCCESS_RCVD:
 
+#ifdef DROPBEAR_NONE_CIPHER
+			if (cli_ses.cipher_none_after_auth)
+			{
+				set_algo_usable(sshciphers, "none", 1);
+				send_msg_kexinit();
+			}
+#endif
+
 			if (cli_opts.backgrounded) {
 				int devnull;
 				/* keeping stdin open steals input from the terminal and
-- 
cgit v1.2.1