Import of OpenSSH 4.9p1

[gssapi-openssh.git] / openssh / auth2.c

diff --git a/openssh/auth2.c b/openssh/auth2.c
index 2265d311ecf5e51ba672c81ba423028a26459dbd..03d7f09dc680c8720803190479300a29aacf67d3 100644 (file)
--- a/openssh/auth2.c
+++ b/openssh/auth2.c
@@ -1,3 +1,4 @@
+/* $OpenBSD: auth2.c,v 1.116 2007/09/29 00:25:51 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -23,23 +24,31 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.107 2004/07/28 09:40:29 markus Exp $");
 
-#include "ssh2.h"
+#include <sys/types.h>
+
+#include <pwd.h>
+#include <stdarg.h>
+#include <string.h>
+
 #include "xmalloc.h"
+#include "ssh2.h"
 #include "packet.h"
 #include "log.h"
+#include "buffer.h"
 #include "servconf.h"
 #include "compat.h"
+#include "key.h"
+#include "hostfile.h"
 #include "auth.h"
 #include "dispatch.h"
 #include "pathnames.h"
-#include "monitor_wrap.h"
 #include "buffer.h"
 
 #ifdef GSSAPI
 #include "ssh-gss.h"
 #endif
+#include "monitor_wrap.h"
 
 /* import */
 extern ServerOptions options;
@@ -78,7 +87,6 @@ static void input_userauth_request(int, u_int32_t, void *);
 /* helper */
 static Authmethod *authmethod_lookup(const char *);
 static char *authmethods_get(void);
-int user_key_allowed(struct passwd *, Key *);
 
 /*
  * loop until authctxt->success == TRUE
@@ -87,15 +95,12 @@ int user_key_allowed(struct passwd *, Key *);
 void
 do_authentication2(Authctxt *authctxt)
 {
-       /* challenge-response is implemented via keyboard interactive */
-       if (options.challenge_response_authentication)
-               options.kbd_interactive_authentication = 1;
-
        dispatch_init(&dispatch_protocol_error);
        dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request);
        dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt);
 }
 
+/*ARGSUSED*/
 static void
 input_service_request(int type, u_int32_t seq, void *ctxt)
 {
@@ -129,6 +134,7 @@ input_service_request(int type, u_int32_t seq, void *ctxt)
        xfree(service);
 }
 
+/*ARGSUSED*/
 static void
 input_userauth_request(int type, u_int32_t seq, void *ctxt)
 {
@@ -156,21 +162,17 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
                if (authctxt->pw && strcmp(service, "ssh-connection")==0) {
                        authctxt->valid = 1;
                        debug2("input_userauth_request: setting up authctxt for %s", user);
-#ifdef USE_PAM
-                       if (options.use_pam)
-                               PRIVSEP(start_pam(authctxt));
-#endif
                } else {
                        logit("input_userauth_request: invalid user %s", user);
                        authctxt->pw = fakepw();
-#ifdef USE_PAM
-                       if (options.use_pam)
-                               PRIVSEP(start_pam(authctxt));
-#endif
 #ifdef SSH_AUDIT_EVENTS
                        PRIVSEP(audit_event(SSH_INVALID_USER));
 #endif
                }
+#ifdef USE_PAM
+               if (options.use_pam)
+                       PRIVSEP(start_pam(authctxt));
+#endif
                setproctitle("%s%s", authctxt->valid ? user : "unknown",
                    use_privsep ? " [net]" : "");
                authctxt->service = xstrdup(service);
@@ -234,7 +236,7 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
                                packet_write_wait();
                        }
                        fatal("Access denied for user %s by PAM account "
-                          "configuration", authctxt->user);
+                           "configuration", authctxt->user);
                }
        }
 #endif
@@ -278,8 +280,6 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
        }
 }
 
-#define        DELIM   ","
-
 static char *
 authmethods_get(void)
 {