===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/sshconnect2.c,v
retrieving revision 1.367.2.1
retrieving revision 1.368
diff -u -r1.367.2.1 -r1.368
--- src/usr.bin/ssh/sshconnect2.c	2023/12/18 14:56:35	1.367.2.1
+++ src/usr.bin/ssh/sshconnect2.c	2023/10/12 02:15:53	1.368
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.367.2.1 2023/12/18 14:56:35 bluhm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.368 2023/10/12 02:15:53 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -351,6 +351,7 @@
 };
 
 static int input_userauth_service_accept(int, u_int32_t, struct ssh *);
+static int input_userauth_ext_info(int, u_int32_t, struct ssh *);
 static int input_userauth_success(int, u_int32_t, struct ssh *);
 static int input_userauth_failure(int, u_int32_t, struct ssh *);
 static int input_userauth_banner(int, u_int32_t, struct ssh *);
@@ -464,10 +465,18 @@
 
 	ssh->authctxt = &authctxt;
 	ssh_dispatch_init(ssh, &input_userauth_error);
-	ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, kex_input_ext_info);
+	ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_ext_info);
 	ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_ACCEPT, &input_userauth_service_accept);
 	ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt.success);	/* loop until success */
 	pubkey_cleanup(ssh);
+#ifdef GSSAPI
+	if (authctxt.gss_supported_mechs != NULL) {
+		u_int ms;
+
+		gss_release_oid_set(&ms, &authctxt.gss_supported_mechs);
+		authctxt.gss_supported_mechs = NULL;
+	}
+#endif
 	ssh->authctxt = NULL;
 
 	ssh_dispatch_range(ssh, SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL);
@@ -515,6 +524,12 @@
 	return r;
 }
 
+static int
+input_userauth_ext_info(int type, u_int32_t seqnr, struct ssh *ssh)
+{
+	return kex_input_ext_info(type, seqnr, ssh);
+}
+
 void
 userauth(struct ssh *ssh, char *authlist)
 {
@@ -593,7 +608,6 @@
 	free(authctxt->methoddata);
 	authctxt->methoddata = NULL;
 	authctxt->success = 1;			/* break out */
-	ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, dispatch_protocol_error);
 	return 0;
 }
 
@@ -807,9 +821,6 @@
 
 	ssh_gssapi_delete_ctx(&gssctxt);
 	authctxt->methoddata = NULL;
-
-	free(authctxt->gss_supported_mechs);
-	authctxt->gss_supported_mechs = NULL;
 }
 
 static OM_uint32