- OpenBSD CVS Sync

- markus@cvs.openbsd.org 2001/03/28 22:43:31
     [auth.h auth2.c auth2-chall.c]
     check auth_root_allowed for kbd-int auth, too.

ChangeLog

@@ -7,6 +7,9 @@
    - provos@cvs.openbsd.org 2001/03/28 22:04:57
      [dh.c]
      more sanity checking on primes file
+   - markus@cvs.openbsd.org 2001/03/28 22:43:31
+     [auth.h auth2.c auth2-chall.c]
+     check auth_root_allowed for kbd-int auth, too.
 
 20010329
  - OpenBSD CVS Sync
@@ -4777,4 +4780,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1037 2001/03/30 00:47:43 djm Exp $
+$Id: ChangeLog,v 1.1038 2001/03/30 00:48:31 djm Exp $

auth.h

@@ -21,7 +21,7 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
- * $OpenBSD: auth.h,v 1.13 2001/03/20 18:57:04 markus Exp $
+ * $OpenBSD: auth.h,v 1.14 2001/03/28 22:43:31 markus Exp $
  */
 #ifndef AUTH_H
 #define AUTH_H
@@ -121,7 +121,7 @@ void	do_authentication2(void);
 
 Authctxt *authctxt_new(void);
 void	auth_log(Authctxt *authctxt, int authenticated, char *method, char *info);
-void	userauth_reply(Authctxt *authctxt, int authenticated);
+void	userauth_finish(Authctxt *authctxt, int authenticated, char *method);
 int	auth_root_allowed(char *method);
 
 int	auth2_challenge(Authctxt *authctxt, char *devs);

auth2-chall.c

@@ -22,7 +22,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: auth2-chall.c,v 1.3 2001/03/02 18:54:31 deraadt Exp $");
+RCSID("$OpenBSD: auth2-chall.c,v 1.4 2001/03/28 22:43:31 markus Exp $");
 
 #include "ssh2.h"
 #include "auth.h"
@@ -104,10 +104,9 @@ input_userauth_info_response(int type, int plen, void *ctxt)
 		}
 		xfree(response);
 	}
-	auth_log(authctxt, authenticated, method, " ssh2");
-	if (!authctxt->postponed) {
-		/* unregister callback and send reply */
+	/* unregister callback */
+	if (!authctxt->postponed)
 		dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);
-		userauth_reply(authctxt, authenticated);
-	}
+
+	userauth_finish(authctxt, authenticated, method);
 }

auth2.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.48 2001/03/21 11:43:44 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.49 2001/03/28 22:43:31 markus Exp $");
 
 #include <openssl/evp.h>
 
@@ -81,6 +81,7 @@ char	*authmethods_get(void);
 
 /* auth */
 void	userauth_banner(void);
+void	userauth_reply(Authctxt *authctxt, int authenticated);
 int	userauth_none(Authctxt *authctxt);
 int	userauth_passwd(Authctxt *authctxt);
 int	userauth_pubkey(Authctxt *authctxt);
@@ -231,6 +232,16 @@ input_userauth_request(int type, int plen, void *ctxt)
 		debug2("input_userauth_request: try method %s", method);
 		authenticated =	m->userauth(authctxt);
 	}
+	userauth_finish(authctxt, authenticated, method);
+
+	xfree(service);
+	xfree(user);
+	xfree(method);
+}
+
+void
+userauth_finish(Authctxt *authctxt, int authenticated, char *method)
+{
 	if (!authctxt->valid && authenticated)
 		fatal("INTERNAL ERROR: authenticated invalid user %s",
 		    authctxt->user);
@@ -251,10 +262,6 @@ input_userauth_request(int type, int plen, void *ctxt)
 
 	if (!authctxt->postponed)
 		userauth_reply(authctxt, authenticated);
-
-	xfree(service);
-	xfree(user);
-	xfree(method);
 }
 
 void