*/
#include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.47 2003/02/06 21:22:42 markus Exp $");
+RCSID("$OpenBSD: auth1.c,v 1.48 2003/04/08 20:21:28 itojun Exp $");
#include "xmalloc.h"
#include "rsa.h"
char info[1024];
u_int dlen;
u_int ulen;
- int type = 0;
+ int prev, type = 0;
struct passwd *pw = authctxt->pw;
debug("Attempting authentication for %s%.100s.",
info[0] = '\0';
/* Get a packet from the client. */
+ prev = type;
type = packet_read();
+ /*
+ * If we started challenge-response authentication but the
+ * next packet is not a response to our challenge, release
+ * the resources allocated by get_challenge() (which would
+ * normally have been released by verify_response() had we
+ * received such a response)
+ */
+ if (prev == SSH_CMSG_AUTH_TIS &&
+ type != SSH_CMSG_AUTH_TIS_RESPONSE)
+ abandon_challenge_response(authctxt);
+
/* Process the packet. */
switch (type) {
use_privsep ? " [net]" : "");
#ifdef USE_PAM
- PRIVSEP(start_pam(authctxt->pw == NULL ? "NOUSER" : user));
+ PRIVSEP(start_pam(user));
#endif
/*