fix: duplicate output

[wxphaha]

[Problem]
In OpenSSH 9.x (e.g., UOS V25), the client displays "验证成功" (Authentication successful) twice during SSH login.
In contrast, OpenSSH 7.x (e.g., UOS V20) only displays it once.

[Root Cause]
In the privsep (privilege separation) mode:

1. During the authentication phase, mm_answer_pam_account() sends the PAM_TEXT_INFO (loginmsg) to the child process via SSH2_MSG_USERAUTH_BANNER (type 53).
2. During the session phase, mm_answer_pty() sends the same loginmsg again when allocating the PTY, as the monitor's loginmsg buffer was not cleared. V25's new version of SSH triggers the first Banner send which was not active in V20, leading to the duplicate output.

[Solution]
Call sshbuf_reset(loginmsg) in mm_answer_pam_account() after the message is successfully sent to ensure the buffer is empty for subsequent session requests.

---

[问题描述]
在 OpenSSH 9.x 版本（如 UOS V25）中，通过 SSH 登录时客户端会显示两次“验证成功”。 相比之下，OpenSSH 7.x 版本（如 UOS V20）只显示一次。

[根因分析]
在特权分离模式下：

1. 认证阶段：mm_answer_pam_account() 通过 SSH2_MSG_USERAUTH_BANNER (type 53) 将 PAM_TEXT_INFO (loginmsg) 发送给子进程。
2. 会话阶段：由于 monitor 进程的 loginmsg 缓冲区未被重置，mm_answer_pty() 在分配 PTY 时会再次发送该残留信息。 V25 使用的新版本 SSH 启用了认证阶段的消息发送逻辑，而该逻辑在 V20 中未被触发，从而导致重复。

[修复方案]
在 mm_answer_pam_account() 发送完请求后调用 sshbuf_reset(loginmsg) 重置缓冲区， 确保后续会话请求不会再次发送已处理的消息。

[deepin-ci-robot]

Hi @wxphaha. Thanks for your PR. 😃

[github-actions]

TAG Bot

TAG: 1%9.9p2-0deepin6
EXISTED: no
DISTRIBUTION: unstable

[deepin-ci-robot]

Hi @wxphaha. Thanks for your PR.

I'm waiting for a deepin-community member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[deepin-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign yukarichiba for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• https:/raw.githubusercontent.com/deepin-community/template-repository/master/debian/deepin/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment