diff options
author | Anselm Kruis <a.kruis@science-computing.de> | 2017-08-01 15:45:32 +0200 |
---|---|---|
committer | Anselm Kruis <a.kruis@science-computing.de> | 2017-08-04 19:40:53 +0200 |
commit | a859ddabc1f83ed95516812e18e68ed392ca7a71 (patch) | |
tree | 190bca6fb33f4417176cad22ded31f2a398c7f24 /paramiko/kex_gss.py | |
parent | f1c677d0abeeb27971465b3affed11e70299515d (diff) | |
download | paramiko-a859ddabc1f83ed95516812e18e68ed392ca7a71.tar.gz |
Transport gssapi-keyex: set the gss_kex_used flag late
Set the flag gss_kex_used only after a gssapi-keyex has been
successfully completed. This change prevents a wrong value in case of
exceptions during the gssapi-keyex handshake.
Diffstat (limited to 'paramiko/kex_gss.py')
-rw-r--r-- | paramiko/kex_gss.py | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/paramiko/kex_gss.py b/paramiko/kex_gss.py index 3406babb..04906abd 100644 --- a/paramiko/kex_gss.py +++ b/paramiko/kex_gss.py @@ -83,7 +83,6 @@ class KexGSSGroup1(object): """ Start the GSS-API / SSPI Authenticated Diffie-Hellman Key Exchange. """ - self.transport.gss_kex_used = True self._generate_x() if self.transport.server_mode: # compute f = g^x mod p, but don't send it yet @@ -216,6 +215,7 @@ class KexGSSGroup1(object): else: self.kexgss.ssh_check_mic(mic_token, self.transport.session_id) + self.transport.gss_kex_used = True self.transport._activate_outbound() def _parse_kexgss_init(self, m): @@ -258,6 +258,7 @@ class KexGSSGroup1(object): else: m.add_boolean(False) self.transport._send_message(m) + self.transport.gss_kex_used = True self.transport._activate_outbound() else: m.add_byte(c_MSG_KEXGSS_CONTINUE) @@ -325,7 +326,6 @@ class KexGSSGex(object): """ Start the GSS-API / SSPI Authenticated Diffie-Hellman Group Exchange """ - self.transport.gss_kex_used = True if self.transport.server_mode: self.transport._expect_packet(MSG_KEXGSS_GROUPREQ) return @@ -501,6 +501,7 @@ class KexGSSGex(object): else: m.add_boolean(False) self.transport._send_message(m) + self.transport.gss_kex_used = True self.transport._activate_outbound() else: m.add_byte(c_MSG_KEXGSS_CONTINUE) @@ -587,6 +588,7 @@ class KexGSSGex(object): else: self.kexgss.ssh_check_mic(mic_token, self.transport.session_id) + self.transport.gss_kex_used = True self.transport._activate_outbound() def _parse_kexgss_error(self, m): |