merged OPENSSH_3_8P1_GSSAPI_20040304 to gpt-branch

[gssapi-openssh.git] / openssh / auth2.c

diff --git a/openssh/auth2.c b/openssh/auth2.c
index d073ba2fd714bf37be2ff9f397428f4198d915b5..eaa377f29af6c7b52ac7f274be1d6c07f8d31c88 100644 (file)
--- a/openssh/auth2.c
+++ b/openssh/auth2.c
@@ -23,13 +23,14 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.102 2003/08/26 09:58:43 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.104 2003/11/04 08:54:09 djm Exp $");
 
 #include "ssh2.h"
 #include "xmalloc.h"
 #include "packet.h"
 #include "log.h"
 #include "servconf.h"
+#include "compat.h"
 #include "auth.h"
 #include "dispatch.h"
 #include "pathnames.h"
@@ -44,8 +45,6 @@ extern ServerOptions options;
 extern u_char *session_id2;
 extern u_int session_id2_len;
 
-Authctxt *x_authctxt = NULL;
-
 /* methods */
 
 extern Authmethod method_none;
@@ -56,17 +55,16 @@ extern Authmethod method_hostbased;
 #ifdef GSSAPI
 extern Authmethod method_external;
 extern Authmethod method_gssapi;
+extern Authmethod method_gssapi_compat;
 #endif
 
 Authmethod *authmethods[] = {
        &method_none,
-#ifdef GSSAPI
-       &method_external,
-       &method_gssapi,
-#endif
        &method_pubkey,
 #ifdef GSSAPI
+       &method_external,
        &method_gssapi,
+       &method_gssapi_compat,
 #endif
        &method_passwd,
        &method_kbdint,
@@ -83,19 +81,14 @@ static void input_userauth_request(int, u_int32_t, void *);
 static Authmethod *authmethod_lookup(const char *);
 static char *authmethods_get(void);
 int user_key_allowed(struct passwd *, Key *);
-int hostbased_key_allowed(struct passwd *, const char *, char *, Key *);
 
 /*
  * loop until authctxt->success == TRUE
  */
 
-Authctxt *
-do_authentication2(void)
+void
+do_authentication2(Authctxt *authctxt)
 {
-       Authctxt *authctxt = authctxt_new();
-
-       x_authctxt = authctxt;          /*XXX*/
-
        /* challenge-response is implemented via keyboard interactive */
        if (options.challenge_response_authentication)
                options.kbd_interactive_authentication = 1;
@@ -103,8 +96,6 @@ do_authentication2(void)
        dispatch_init(&dispatch_protocol_error);
        dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request);
        dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt);
-
-       return (authctxt);
 }
 
 static void
@@ -179,9 +170,12 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
        if ((style = strchr(user, ':')) != NULL)
                *style++ = 0;
 
-       authctxt->attempt++;
-       if (!authctxt->user ||
-           strcmp(user, authctxt->user) != 0) {
+       ;
+       /* If first time or username changed or implicit username,
+          setup/reset authentication context. */
+       if ((authctxt->attempt++ == 0) ||
+           (strcmp(user, authctxt->user) != 0) ||
+           (strcmp(user, "") == 0)) {
                /* setup auth context */
                if (authctxt->user) {
                    xfree(authctxt->user);
@@ -313,14 +307,6 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
        }
 }
 
-/* get current user */
-
-struct passwd*
-auth_get_user(void)
-{
-       return (x_authctxt != NULL && x_authctxt->valid) ? x_authctxt->pw : NULL;
-}
-
 #define        DELIM   ","
 
 static char *