* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
-RCSID("$OpenBSD: auth2-chall.c,v 1.20 2002/06/30 21:59:45 deraadt Exp $");
+RCSID("$OpenBSD: auth2-chall.c,v 1.22 2005/01/19 13:11:47 dtucker Exp $");
#include "ssh2.h"
#include "auth.h"
#include "packet.h"
#include "xmalloc.h"
#include "dispatch.h"
-#include "auth.h"
#include "log.h"
+#include "servconf.h"
+
+/* import */
+extern ServerOptions options;
static int auth2_challenge_start(Authctxt *);
static int send_userauth_info_request(Authctxt *);
u_int nreq;
};
+#ifdef USE_PAM
+void
+remove_kbdint_device(const char *devname)
+{
+ int i, j;
+
+ for (i = 0; devices[i] != NULL; i++)
+ if (strcmp(devices[i]->name, devname) == 0) {
+ for (j = i; devices[j] != NULL; j++)
+ devices[j] = devices[j+1];
+ i--;
+ }
+}
+#endif
+
static KbdintAuthctxt *
kbdint_alloc(const char *devs)
{
Buffer b;
int i;
+#ifdef USE_PAM
+ if (!options.use_pam)
+ remove_kbdint_device("pam");
+#endif
+
kbdintctxt = xmalloc(sizeof(KbdintAuthctxt));
if (strcmp(devs, "") == 0) {
buffer_init(&b);
}
packet_check_eom();
- if (authctxt->valid) {
- res = kbdintctxt->device->respond(kbdintctxt->ctxt,
- nresp, response);
- } else {
- res = -1;
- }
+ res = kbdintctxt->device->respond(kbdintctxt->ctxt, nresp, response);
for (i = 0; i < nresp; i++) {
memset(response[i], 'r', strlen(response[i]));
switch (res) {
case 0:
/* Success! */
- authenticated = 1;
+ authenticated = authctxt->valid ? 1 : 0;
break;
case 1:
/* Authentication needs further interaction */
void
privsep_challenge_enable(void)
{
+#if defined(BSD_AUTH) || defined(USE_PAM) || defined(SKEY)
+ int n = 0;
+#endif
#ifdef BSD_AUTH
extern KbdintDevice mm_bsdauth_device;
#endif
#ifdef SKEY
extern KbdintDevice mm_skey_device;
#endif
- int n = 0;
#ifdef BSD_AUTH
devices[n++] = &mm_bsdauth_device;