From 4efe25d91d5c5de0fcb4df2cf9199a96b13afd66 Mon Sep 17 00:00:00 2001
From: Nicolas Viennot <nicolas@viennot.biz>
Date: Tue, 15 Oct 2019 03:04:24 -0400
Subject: [PATCH] During SSH authentication, try the none auth method first

---
 tmate-ssh-client.c | 44 ++++++++++++++++++++++++++++++++------------
 tmate.h            |  4 +++-
 2 files changed, 35 insertions(+), 13 deletions(-)

diff --git a/tmate-ssh-client.c b/tmate-ssh-client.c
index c5fb4243..e33f4b17 100644
--- a/tmate-ssh-client.c
+++ b/tmate-ssh-client.c
@@ -235,7 +235,7 @@ static void on_ssh_client_event(struct tmate_ssh_client *client)
 	case SSH_INIT:
 		client->session = session = ssh_new();
 		if (!session) {
-			tmate_fatal("cannot initialize");
+			tmate_fatal("cannot ssh_new()");
 			return;
 		}
 
@@ -344,13 +344,30 @@ static void on_ssh_client_event(struct tmate_ssh_client *client)
 		 */
 		tmate_debug("Connected to %s", client->server_ip);
 		on_ssh_auth_server_complete(client);
-		client->state = SSH_AUTH_CLIENT;
 
+		client->state = SSH_AUTH_CLIENT_NONE;
 		/* fall through */
 
-	case SSH_AUTH_CLIENT:
+	case SSH_AUTH_CLIENT_NONE:
+		switch (ssh_userauth_none(session, NULL)) {
+		case SSH_AUTH_AGAIN:
+			return;
+		case SSH_AUTH_ERROR:
+			kill_ssh_client(client, "Auth error: %s", ssh_get_error(session));
+			return;
+		case SSH_AUTH_SUCCESS:
+			tmate_debug("Auth successful via none method");
+			client->state = SSH_NEW_CHANNEL;
+			goto SSH_NEW_CHANNEL;
+		case SSH_AUTH_PARTIAL:
+		case SSH_AUTH_DENIED:
+			client->state = SSH_AUTH_CLIENT_PUBKEY;
+			/* fall through */
+		}
+
+	case SSH_AUTH_CLIENT_PUBKEY:
 		client->tried_passphrase = client->tmate_session->passphrase;
-		switch (ssh_userauth_autopubkey(session, client->tried_passphrase)) {
+		switch (ssh_userauth_publickey_auto(session, NULL, client->tried_passphrase)) {
 		case SSH_AUTH_AGAIN:
 			return;
 		case SSH_AUTH_PARTIAL:
@@ -372,17 +389,20 @@ static void on_ssh_client_event(struct tmate_ssh_client *client)
 			kill_ssh_client(client, "Auth error: %s", ssh_get_error(session));
 			return;
 		case SSH_AUTH_SUCCESS:
-			tmate_debug("Auth successful");
-			client->state = SSH_OPEN_CHANNEL;
-
-			client->channel = channel = ssh_channel_new(session);
-			if (!channel) {
-				tmate_fatal("cannot initialize");
-				return;
-			}
+			tmate_debug("Auth successful with pubkey");
+			client->state = SSH_NEW_CHANNEL;
 			/* fall through */
 		}
 
+SSH_NEW_CHANNEL:
+	case SSH_NEW_CHANNEL:
+		client->channel = channel = ssh_channel_new(session);
+		if (!channel) {
+			tmate_fatal("cannot ssh_channel_new()");
+			return;
+		}
+		client->state = SSH_OPEN_CHANNEL;
+
 	case SSH_OPEN_CHANNEL:
 		switch (ssh_channel_open_session(channel)) {
 		case SSH_AGAIN:
diff --git a/tmate.h b/tmate.h
index f096a35c..7deb0ba6 100644
--- a/tmate.h
+++ b/tmate.h
@@ -106,7 +106,9 @@ enum tmate_ssh_client_state_types {
 	SSH_INIT,
 	SSH_CONNECT,
 	SSH_AUTH_SERVER,
-	SSH_AUTH_CLIENT,
+	SSH_AUTH_CLIENT_NONE,
+	SSH_AUTH_CLIENT_PUBKEY,
+	SSH_NEW_CHANNEL,
 	SSH_OPEN_CHANNEL,
 	SSH_BOOTSTRAP,
 	SSH_READY,