3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-03 19:32:48 +02:00
Code Issues Projects Releases Packages Wiki Activity

make sure to include methods in deny response

Browse source
This commit is contained in:
Kenneth Jenkins 2025-02-26 16:37:13 -08:00
parent e45f11d281
commit 3e6f4464af
1 changed files with 8 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

9
authorize/ssh_grpc.go
View file

@ -440,11 +440,18 @@ func handleEvaluatorResponseForSSH(
// XXX: do we want to send an equivalent to the "show error details" output // XXX: do we want to send an equivalent to the "show error details" output
// in the case of a deny result? // in the case of a deny result?
methods := []string{"publickey"}
if slices.Contains(state.MethodsAuthenticated, "keyboard-interactive") {
methods = append(methods, "keyboard-interactive")
}
return &extensions_ssh.ServerMessage{ return &extensions_ssh.ServerMessage{
Message: &extensions_ssh.ServerMessage_AuthResponse{ Message: &extensions_ssh.ServerMessage_AuthResponse{
AuthResponse: &extensions_ssh.AuthenticationResponse{ AuthResponse: &extensions_ssh.AuthenticationResponse{
Response: &extensions_ssh.AuthenticationResponse_Deny{ Response: &extensions_ssh.AuthenticationResponse_Deny{
Deny: &extensions_ssh.DenyResponse{}, Deny: &extensions_ssh.DenyResponse{
Methods: methods,
},
}, },
}, },
}, },