[configure.ac] SCO3 needs -lcrypt_i for -lprot

[openssh.git] / auth2.c

diff --git a/auth2.c b/auth2.c
index e6ec8ddcd315138b88c26566b61c94b4b8e212a6..a9490ccfd1f7aefbb8ed7dd5eafa29387e175233 100644 (file)
--- a/auth2.c
+++ b/auth2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.99 2003/06/24 08:23:46 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.104 2003/11/04 08:54:09 djm Exp $");
 
 #include "ssh2.h"
 #include "xmalloc.h"
@@ -36,13 +36,15 @@ RCSID("$OpenBSD: auth2.c,v 1.99 2003/06/24 08:23:46 markus Exp $");
 #include "pathnames.h"
 #include "monitor_wrap.h"
 
+#ifdef GSSAPI
+#include "ssh-gss.h"
+#endif
+
 /* import */
 extern ServerOptions options;
 extern u_char *session_id2;
 extern u_int session_id2_len;
 
-Authctxt *x_authctxt = NULL;
-
 /* methods */
 
 extern Authmethod method_none;
@@ -50,19 +52,19 @@ extern Authmethod method_pubkey;
 extern Authmethod method_passwd;
 extern Authmethod method_kbdint;
 extern Authmethod method_hostbased;
-#ifdef KRB5
-extern Authmethod method_kerberos;
+#ifdef GSSAPI
+extern Authmethod method_gssapi;
 #endif
 
 Authmethod *authmethods[] = {
        &method_none,
        &method_pubkey,
+#ifdef GSSAPI
+       &method_gssapi,
+#endif
        &method_passwd,
        &method_kbdint,
        &method_hostbased,
-#ifdef KRB5
-       &method_kerberos,
-#endif
        NULL
 };
 
@@ -75,19 +77,14 @@ static void input_userauth_request(int, u_int32_t, void *);
 static Authmethod *authmethod_lookup(const char *);
 static char *authmethods_get(void);
 int user_key_allowed(struct passwd *, Key *);
-int hostbased_key_allowed(struct passwd *, const char *, char *, Key *);
 
 /*
  * loop until authctxt->success == TRUE
  */
 
-Authctxt *
-do_authentication2(void)
+void
+do_authentication2(Authctxt *authctxt)
 {
-       Authctxt *authctxt = authctxt_new();
-
-       x_authctxt = authctxt;          /*XXX*/
-
        /* challenge-response is implemented via keyboard interactive */
        if (options.challenge_response_authentication)
                options.kbd_interactive_authentication = 1;
@@ -95,8 +92,6 @@ do_authentication2(void)
        dispatch_init(&dispatch_protocol_error);
        dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request);
        dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt);
-
-       return (authctxt);
 }
 
 static void
@@ -164,6 +159,7 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
 #endif
                } else {
                        logit("input_userauth_request: illegal user %s", user);
+                       authctxt->pw = fakepw();
 #ifdef USE_PAM
                        if (options.use_pam)
                                PRIVSEP(start_pam(user));
@@ -184,6 +180,12 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
        }
        /* reset state */
        auth2_challenge_stop(authctxt);
+
+#ifdef GSSAPI
+       dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
+       dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL);
+#endif
+
        authctxt->postponed = 0;
 
        /* try to authenticate user */
@@ -253,14 +255,6 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
        }
 }
 
-/* get current user */
-
-struct passwd*
-auth_get_user(void)
-{
-       return (x_authctxt != NULL && x_authctxt->valid) ? x_authctxt->pw : NULL;
-}
-
 #define        DELIM   ","
 
 static char *