* New upstream release (http://www.openssh.com/txt/release-6.2).

  - Add support for multiple required authentication in SSH protocol 2 via
    an AuthenticationMethods option (closes: #195716).
  - Fix Sophie Germain formula in moduli(5) (closes: #698612).
  - Update ssh-copy-id to Phil Hands' greatly revised version (closes:
    #99785, #322228, #620428; LP: #518883, #835901, #1074798).

1 files changed, 10 insertions, 3 deletions

diff --git a/auth1.c b/auth1.c
index 9079b737c..de49b172d 100644
--- a/auth1.c
+++ b/auth1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth1.c,v 1.75 2010/08/31 09:58:37 djm Exp $ */
+/* $OpenBSD: auth1.c,v 1.77 2012/12/02 20:34:09 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -253,7 +253,8 @@ do_authloop(Authctxt *authctxt)
                 if (options.use_pam && (PRIVSEP(do_pam_account())))
 #endif
                 {
-                        auth_log(authctxt, 1, "without authentication", "");
+                        auth_log(authctxt, 1, 0, "without authentication",
+                            NULL, "");
                         return;
                 }
         }
@@ -352,7 +353,8 @@ do_authloop(Authctxt *authctxt)
 
  skip:
                 /* Log before sending the reply */
-                auth_log(authctxt, authenticated, get_authname(type), info);
+                auth_log(authctxt, authenticated, 0, get_authname(type),
+                    NULL, info);
 
                 if (client_user != NULL) {
                         xfree(client_user);
@@ -412,6 +414,11 @@ do_authentication(Authctxt *authctxt)
                 authctxt->pw = fakepw();
         }
 
+        /* Configuration may have changed as a result of Match */
+        if (options.num_auth_methods != 0)
+                fatal("AuthenticationMethods is not supported with SSH "
+                    "protocol 1");
+
         setproctitle("%s%s", authctxt->valid ? user : "unknown",
             use_privsep ? " [net]" : "");