===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/auth-passwd.c,v
retrieving revision 1.18.2.4
retrieving revision 1.18.2.5
diff -u -r1.18.2.4 -r1.18.2.5
--- src/usr.bin/ssh/auth-passwd.c	2001/05/07 21:09:25	1.18.2.4
+++ src/usr.bin/ssh/auth-passwd.c	2001/09/27 00:15:41	1.18.2.5
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth-passwd.c,v 1.18.2.4 2001/05/07 21:09:25 jason Exp $");
+RCSID("$OpenBSD: auth-passwd.c,v 1.18.2.5 2001/09/27 00:15:41 miod Exp $");
 
 #include "packet.h"
 #include "xmalloc.h"
@@ -64,23 +64,29 @@
 		return 0;
 	if (*password == '\0' && options.permit_empty_passwd == 0)
 		return 0;
-#ifdef BSD_AUTH
-	if (auth_userokay(pw->pw_name, authctxt->style, "auth-ssh",
-	    (char *)password) == 0)
-		return 0;
-	else
-		return 1;
+#ifdef KRB5
+	if (options.kerberos_authentication == 1) {
+		int ret = auth_krb5_password(authctxt, password);
+		if (ret == 1 || ret == 0)
+			return ret;
+		/* Fall back to ordinary passwd authentication. */
+	}
 #endif
-
 #ifdef KRB4
 	if (options.kerberos_authentication == 1) {
-		int ret = auth_krb4_password(pw, password);
+		int ret = auth_krb4_password(authctxt, password);
 		if (ret == 1 || ret == 0)
 			return ret;
 		/* Fall back to ordinary passwd authentication. */
 	}
 #endif
-
+#ifdef BSD_AUTH
+	if (auth_userokay(pw->pw_name, authctxt->style, "auth-ssh",
+	    (char *)password) == 0)
+		return 0;
+	else
+		return 1;
+#endif
 	/* Check for users with no password. */
 	if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0)
 		return 1;