Transport gssapi-keyex: set the gss_kex_used flag late

Set the flag gss_kex_used only after a gssapi-keyex has been successfully completed. This change prevents a wrong value in case of exceptions during the gssapi-keyex handshake.
author: Anselm Kruis <a.kruis@science-computing.de> 2017-08-01 15:45:32 +0200
committer: Anselm Kruis <a.kruis@science-computing.de> 2017-08-04 19:40:53 +0200
commit: a859ddabc1f83ed95516812e18e68ed392ca7a71 (patch)
tree: 190bca6fb33f4417176cad22ded31f2a398c7f24 /paramiko/kex_gss.py
parent: f1c677d0abeeb27971465b3affed11e70299515d (diff)
download: paramiko-a859ddabc1f83ed95516812e18e68ed392ca7a71.tar.gz
1 files changed, 4 insertions, 2 deletions
diff --git a/paramiko/kex_gss.py b/paramiko/kex_gss.py
index 3406babb..04906abd 100644
--- a/paramiko/kex_gss.py
+++ b/paramiko/kex_gss.py
@@ -83,7 +83,6 @@ class KexGSSGroup1(object):
         """
         Start the GSS-API / SSPI Authenticated Diffie-Hellman Key Exchange.
         """
-        self.transport.gss_kex_used = True
         self._generate_x()
         if self.transport.server_mode:
             # compute f = g^x mod p, but don't send it yet
@@ -216,6 +215,7 @@ class KexGSSGroup1(object):
         else:
             self.kexgss.ssh_check_mic(mic_token,
                                       self.transport.session_id)
+        self.transport.gss_kex_used = True
         self.transport._activate_outbound()
 
     def _parse_kexgss_init(self, m):
@@ -258,6 +258,7 @@ class KexGSSGroup1(object):
             else:
                 m.add_boolean(False)
             self.transport._send_message(m)
+            self.transport.gss_kex_used = True
             self.transport._activate_outbound()
         else:
             m.add_byte(c_MSG_KEXGSS_CONTINUE)
@@ -325,7 +326,6 @@ class KexGSSGex(object):
         """
         Start the GSS-API / SSPI Authenticated Diffie-Hellman Group Exchange
         """
-        self.transport.gss_kex_used = True
         if self.transport.server_mode:
             self.transport._expect_packet(MSG_KEXGSS_GROUPREQ)
             return
@@ -501,6 +501,7 @@ class KexGSSGex(object):
             else:
                 m.add_boolean(False)
             self.transport._send_message(m)
+            self.transport.gss_kex_used = True
             self.transport._activate_outbound()
         else:
             m.add_byte(c_MSG_KEXGSS_CONTINUE)
@@ -587,6 +588,7 @@ class KexGSSGex(object):
         else:
             self.kexgss.ssh_check_mic(mic_token,
                                       self.transport.session_id)
+        self.transport.gss_kex_used = True
         self.transport._activate_outbound()
 
     def _parse_kexgss_error(self, m):
author	Anselm Kruis <a.kruis@science-computing.de>	2017-08-01 15:45:32 +0200
committer	Anselm Kruis <a.kruis@science-computing.de>	2017-08-04 19:40:53 +0200
commit	a859ddabc1f83ed95516812e18e68ed392ca7a71 (patch)
tree	190bca6fb33f4417176cad22ded31f2a398c7f24 /paramiko/kex_gss.py
parent	f1c677d0abeeb27971465b3affed11e70299515d (diff)
download	paramiko-a859ddabc1f83ed95516812e18e68ed392ca7a71.tar.gz