From 61a36c6c30a51c4f378be517001e273df7916b4b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <mail@3v1n0.net>
Date: Tue, 17 Oct 2023 06:05:59 +0200
Subject: [PATCH] auth2-chall: Fix selection of the keyboard-interactive device

We were only checking if the prefix of a device name was matching what
we had in the devices list, so if the device list contained "pam", then
also the device "pam-foo" was matching.
---
 auth2-chall.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/auth2-chall.c b/auth2-chall.c
index 047d4e83c334..db658c9b4a75 100644
--- a/auth2-chall.c
+++ b/auth2-chall.c
@@ -170,7 +170,7 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt)
 			    "keyboard-interactive", devices[i]->name))
 				continue;
 			if (strncmp(kbdintctxt->devices, devices[i]->name,
-			    len) == 0) {
+			    len) == 0 && strlen(devices[i]->name) == len) {
 				kbdintctxt->device = devices[i];
 				kbdintctxt->devices_done |= 1 << i;
 			}