From 8f9e3231fb41f58da5b92bd69ec491a36c63b49f Mon Sep 17 00:00:00 2001
From: ben <ben@cda61777-01e9-0310-a592-d414129be87e>
Date: Thu, 20 Sep 2007 21:07:24 +0000
Subject: [PATCH] In SSH-1, don't attempt password authentication unless the
 server has announced support for it.  Instead exit with a fatal error (since
 password auth is our last resort).

git-svn-id: svn://svn.tartarus.org/sgt/putty@7724 cda61777-01e9-0310-a592-d414129be87e
---
 ssh.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/ssh.c b/ssh.c
index a2aeb541..a1f43edc 100644
--- a/ssh.c
+++ b/ssh.c
@@ -62,6 +62,10 @@
 #define SSH1_SMSG_AUTH_CCARD_CHALLENGE            71	/* 0x47 */
 #define SSH1_CMSG_AUTH_CCARD_RESPONSE             72	/* 0x48 */
 
+#define SSH1_AUTH_RHOSTS                          1	/* 0x1 */
+#define SSH1_AUTH_RSA                             2	/* 0x2 */
+#define SSH1_AUTH_PASSWORD                        3	/* 0x3 */
+#define SSH1_AUTH_RHOSTS_RSA                      4	/* 0x4 */
 #define SSH1_AUTH_TIS                             5	/* 0x5 */
 #define SSH1_AUTH_CCARD                           16	/* 0x10 */
 
@@ -3776,6 +3780,10 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen,
 	    }
 	}
 	if (s->pwpkt_type == SSH1_CMSG_AUTH_PASSWORD) {
+	    if ((s->supported_auths_mask & (1 << SSH1_AUTH_PASSWORD)) == 0) {
+		bombout(("No supported authentication methods available"));
+		crStop(0);
+	    }
 	    s->cur_prompt->to_server = TRUE;
 	    s->cur_prompt->name = dupstr("SSH password");
 	    add_prompt(s->cur_prompt, dupprintf("%.90s@%.90s's password: ",
-- 
2.11.0