File tree Expand file tree Collapse file tree 1 file changed +4
-4
lines changed Expand file tree Collapse file tree 1 file changed +4
-4
lines changed Original file line number Diff line number Diff line change @@ -202,16 +202,16 @@ func sessionHandler(session ssh.Session) {
202202}
203203
204204func publicKeyHandler (ctx ssh.Context , key ssh.PublicKey ) bool {
205- // The publicKeyHandler (PublicKeyCallback) only provides the candidate keys to authenticate,
205+ // The publicKeyHandler (PublicKeyCallback) only helps to provide the candidate keys to authenticate,
206206 // It does NOT really verify here, so we could only record the related information here.
207207 // After authentication (Verify), the "Permissions" will be assigned to the ssh conn,
208208 // then we can use it in the "session handler"
209209
210210 // first, reset the ctx permissions (just like https://github.com/gliderlabs/ssh/pull/243 does)
211- // it shouldn't be reused across different ssh conn (sessions)
212- ctxPerm := ctx .Permissions ().Permissions
211+ // it shouldn't be reused across different ssh conn (sessions), each pub key should have its own "Permissions"
212+ oldCtxPerm := ctx .Permissions ().Permissions
213213 ctx .Permissions ().Permissions = & gossh.Permissions {}
214- ctx .Permissions ().Permissions .CriticalOptions = maps .Clone (ctxPerm .CriticalOptions )
214+ ctx .Permissions ().Permissions .CriticalOptions = maps .Clone (oldCtxPerm .CriticalOptions )
215215
216216 setPermExt := func (keyID int64 ) {
217217 ctx .Permissions ().Permissions .Extensions = map [string ]string {
You can’t perform that action at this time.
0 commit comments