summaryrefslogtreecommitdiffstats
path: root/vendor/golang.org/x/crypto/ssh/server.go
diff options
context:
space:
mode:
authorWim <wim@42.be>2018-08-06 21:47:05 +0200
committerWim <wim@42.be>2018-08-06 21:47:05 +0200
commit51062863a5c34d81e296cf15c61140911037cf3b (patch)
tree9b5e044672486326c7a0ca8fb26430f37bf4d83c /vendor/golang.org/x/crypto/ssh/server.go
parent4fb4b7aa6c02a54db8ad8dd98e4d321396926c0d (diff)
downloadmatterbridge-msglm-51062863a5c34d81e296cf15c61140911037cf3b.tar.gz
matterbridge-msglm-51062863a5c34d81e296cf15c61140911037cf3b.tar.bz2
matterbridge-msglm-51062863a5c34d81e296cf15c61140911037cf3b.zip
Use mod vendor for vendored directory (backwards compatible)
Diffstat (limited to 'vendor/golang.org/x/crypto/ssh/server.go')
-rw-r--r--vendor/golang.org/x/crypto/ssh/server.go23
1 files changed, 17 insertions, 6 deletions
diff --git a/vendor/golang.org/x/crypto/ssh/server.go b/vendor/golang.org/x/crypto/ssh/server.go
index d4df9160..d0f48253 100644
--- a/vendor/golang.org/x/crypto/ssh/server.go
+++ b/vendor/golang.org/x/crypto/ssh/server.go
@@ -166,6 +166,9 @@ type ServerConn struct {
// unsuccessful, it closes the connection and returns an error. The
// Request and NewChannel channels must be serviced, or the connection
// will hang.
+//
+// The returned error may be of type *ServerAuthError for
+// authentication errors.
func NewServerConn(c net.Conn, config *ServerConfig) (*ServerConn, <-chan NewChannel, <-chan *Request, error) {
fullConf := *config
fullConf.SetDefaults()
@@ -256,7 +259,7 @@ func (s *connection) serverHandshake(config *ServerConfig) (*Permissions, error)
func isAcceptableAlgo(algo string) bool {
switch algo {
case KeyAlgoRSA, KeyAlgoDSA, KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521, KeyAlgoED25519,
- CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01, CertAlgoECDSA384v01, CertAlgoECDSA521v01:
+ CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01, CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoED25519v01:
return true
}
return false
@@ -292,12 +295,13 @@ func checkSourceAddress(addr net.Addr, sourceAddrs string) error {
return fmt.Errorf("ssh: remote address %v is not allowed because of source-address restriction", addr)
}
-// ServerAuthError implements the error interface. It appends any authentication
-// errors that may occur, and is returned if all of the authentication methods
-// provided by the user failed to authenticate.
+// ServerAuthError represents server authentication errors and is
+// sometimes returned by NewServerConn. It appends any authentication
+// errors that may occur, and is returned if all of the authentication
+// methods provided by the user failed to authenticate.
type ServerAuthError struct {
// Errors contains authentication errors returned by the authentication
- // callback methods.
+ // callback methods. The first entry is typically ErrNoAuth.
Errors []error
}
@@ -309,6 +313,13 @@ func (l ServerAuthError) Error() string {
return "[" + strings.Join(errs, ", ") + "]"
}
+// ErrNoAuth is the error value returned if no
+// authentication method has been passed yet. This happens as a normal
+// part of the authentication loop, since the client first tries
+// 'none' authentication to discover available methods.
+// It is returned in ServerAuthError.Errors from NewServerConn.
+var ErrNoAuth = errors.New("ssh: no auth passed yet")
+
func (s *connection) serverAuthenticate(config *ServerConfig) (*Permissions, error) {
sessionID := s.transport.getSessionID()
var cache pubKeyCache
@@ -363,7 +374,7 @@ userAuthLoop:
}
perms = nil
- authErr := errors.New("no auth passed yet")
+ authErr := ErrNoAuth
switch userAuthReq.Method {
case "none":