=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/auth2.c,v retrieving revision 1.96 retrieving revision 1.96.2.2 diff -u -r1.96 -r1.96.2.2 --- src/usr.bin/ssh/auth2.c 2003/02/06 21:22:43 1.96 +++ src/usr.bin/ssh/auth2.c 2004/03/04 18:18:15 1.96.2.2 @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2.c,v 1.96 2003/02/06 21:22:43 markus Exp $"); +RCSID("$OpenBSD: auth2.c,v 1.96.2.2 2004/03/04 18:18:15 brad Exp $"); #include "ssh2.h" #include "xmalloc.h" @@ -36,13 +36,15 @@ #include "pathnames.h" #include "monitor_wrap.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif + /* import */ extern ServerOptions options; extern u_char *session_id2; -extern int session_id2_len; +extern u_int session_id2_len; -Authctxt *x_authctxt = NULL; - /* methods */ extern Authmethod method_none; @@ -50,10 +52,16 @@ extern Authmethod method_passwd; extern Authmethod method_kbdint; extern Authmethod method_hostbased; +#ifdef GSSAPI +extern Authmethod method_gssapi; +#endif Authmethod *authmethods[] = { &method_none, &method_pubkey, +#ifdef GSSAPI + &method_gssapi, +#endif &method_passwd, &method_kbdint, &method_hostbased, @@ -69,19 +77,14 @@ static Authmethod *authmethod_lookup(const char *); static char *authmethods_get(void); int user_key_allowed(struct passwd *, Key *); -int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); /* * loop until authctxt->success == TRUE */ -Authctxt * -do_authentication2(void) +void +do_authentication2(Authctxt *authctxt) { - Authctxt *authctxt = authctxt_new(); - - x_authctxt = authctxt; /*XXX*/ - /* challenge-response is implemented via keyboard interactive */ if (options.challenge_response_authentication) options.kbd_interactive_authentication = 1; @@ -89,8 +92,6 @@ dispatch_init(&dispatch_protocol_error); dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request); dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt); - - return (authctxt); } static void @@ -153,7 +154,8 @@ authctxt->valid = 1; debug2("input_userauth_request: setting up authctxt for %s", user); } else { - log("input_userauth_request: illegal user %s", user); + logit("input_userauth_request: illegal user %s", user); + authctxt->pw = fakepw(); } setproctitle("%s%s", authctxt->pw ? user : "unknown", use_privsep ? " [net]" : ""); @@ -170,6 +172,12 @@ } /* reset state */ auth2_challenge_stop(authctxt); + +#ifdef GSSAPI + dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); + dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL); +#endif + authctxt->postponed = 0; /* try to authenticate user */ @@ -225,14 +233,6 @@ packet_write_wait(); xfree(methods); } -} - -/* get current user */ - -struct passwd* -auth_get_user(void) -{ - return (x_authctxt != NULL && x_authctxt->valid) ? x_authctxt->pw : NULL; } #define DELIM ","