13 files changed, 347 insertions, 146 deletions

diff --git a/ChangeLog b/ChangeLog
index e29734eca..34d4ace83 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,7 +3,12 @@
    - markus@cvs.openbsd.org 2001/05/17 21:34:15                                 
      [ssh.1]                                                                    
      no spaces in PreferredAuthentications; 
-     meixner@rbg.informatik.tu-darmstadt.de                                                                              
+     meixner@rbg.informatik.tu-darmstadt.de
+   - markus@cvs.openbsd.org 2001/05/18 14:13:29
+     [auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c 
+      readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c]
+     improved kbd-interactive support. work by per@appgate.com and me
+
 20010528
  - (tim) [conifgure.in] add setvbuf test needed for sftp-int.c
    Patch by Corinna Vinschen <vinschen@redhat.com>
@@ -5433,4 +5438,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1227 2001/06/05 18:39:10 mouring Exp $
+$Id: ChangeLog,v 1.1228 2001/06/05 18:56:16 mouring Exp $
diff --git a/auth-chall.c b/auth-chall.c
index f3502f4ee..45e0c3452 100644
--- a/auth-chall.c
+++ b/auth-chall.c
@@ -23,82 +23,60 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth-chall.c,v 1.7 2001/04/05 10:42:47 markus Exp $");
+RCSID("$OpenBSD: auth-chall.c,v 1.8 2001/05/18 14:13:28 markus Exp $");
 
 #include "auth.h"
 #include "log.h"
+#include "xmalloc.h"
 
-#ifdef BSD_AUTH
-char *
-get_challenge(Authctxt *authctxt, char *devs)
-{
-        char *challenge;
+/* limited protocol v1 interface to kbd-interactive authentication */
 
-        if (authctxt->as != NULL) {
-                debug2("try reuse session");
-                challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE);
-                if (challenge != NULL) {
-                        debug2("reuse bsd auth session");
-                        return challenge;
-                }
-                auth_close(authctxt->as);
-                authctxt->as = NULL;
-        }
-        debug2("new bsd auth session");
-        if (devs == NULL || strlen(devs) == 0)
-                devs = authctxt->style;
-        debug3("bsd auth: devs %s", devs ? devs : "<default>");
-        authctxt->as = auth_userchallenge(authctxt->user, devs, "auth-ssh",
-            &challenge);
-        if (authctxt->as == NULL)
-                return NULL;
-        debug2("get_challenge: <%s>", challenge ? challenge : "EMPTY");
-        return challenge;
-}
-int
-verify_response(Authctxt *authctxt, char *response)
-{
-        int authok;
-
-        if (authctxt->as == 0)
-                error("verify_response: no bsd auth session");
-        authok = auth_userresponse(authctxt->as, response, 0);
-        authctxt->as = NULL;
-        debug("verify_response: <%s> = <%d>", response, authok);
-        return authok != 0;
-}
-#else
-#ifdef SKEY
-#include <skey.h>
+extern KbdintDevice *devices[];
+static KbdintDevice *device;
 
 char *
-get_challenge(Authctxt *authctxt, char *devs)
+get_challenge(Authctxt *authctxt)
 {
-        static char challenge[1024];
-        struct skey skey;
-        if (skeychallenge(&skey, authctxt->user, challenge) == -1)
+        char *challenge, *name, *info, **prompts;
+        u_int i, numprompts;
+        u_int *echo_on;
+
+        device = devices[0]; /* we always use the 1st device for protocol 1 */
+        if (device == NULL)
                 return NULL;
-        strlcat(challenge, "\nS/Key Password: ", sizeof challenge);
-        return challenge;
-}
-int
-verify_response(Authctxt *authctxt, char *response)
-{
-        return (authctxt->valid &&
-            skey_haskey(authctxt->pw->pw_name) == 0 &&
-            skey_passcheck(authctxt->pw->pw_name, response) != -1);
-}
-#else
-/* not available */
-char *
-get_challenge(Authctxt *authctxt, char *devs)
-{
-        return NULL;
+        if ((authctxt->kbdintctxt = device->init_ctx(authctxt)) == NULL)
+                return NULL;
+        if (device->query(authctxt->kbdintctxt, &name, &info,
+            &numprompts, &prompts, &echo_on)) {
+                device->free_ctx(authctxt->kbdintctxt);
+                authctxt->kbdintctxt = NULL;
+                return NULL;
+        }
+        if (numprompts < 1)
+                fatal("get_challenge: numprompts < 1");
+        challenge = xstrdup(prompts[0]);
+        for (i = 0; i < numprompts; i++)
+                xfree(prompts[i]);
+        xfree(prompts);
+        xfree(name);
+        xfree(echo_on);
+        xfree(info);
+
+        return (challenge);
 }
 int
-verify_response(Authctxt *authctxt, char *response)
+verify_response(Authctxt *authctxt, const char *response)
 {
-        return 0;
+        char *resp[1];
+        int res;
+
+        if (device == NULL)
+                return 0;
+        if (authctxt->kbdintctxt == NULL)
+                return 0;
+        resp[0] = (char *)response;
+        res = device->respond(authctxt->kbdintctxt, 1, resp);
+        device->free_ctx(authctxt->kbdintctxt);
+        authctxt->kbdintctxt = NULL;
+        return res ? 0 : 1;
 }
-#endif
-#endif
diff --git a/auth.h b/auth.h
index 1e02923c9..20c3ebb78 100644
--- a/auth.h
+++ b/auth.h
@@ -21,7 +21,7 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
- * $OpenBSD: auth.h,v 1.15 2001/04/12 19:15:24 markus Exp $
+ * $OpenBSD: auth.h,v 1.16 2001/05/18 14:13:28 markus Exp $
  */
 #ifndef AUTH_H
 #define AUTH_H
@@ -36,6 +36,8 @@
 #endif
 
 typedef struct Authctxt Authctxt;
+typedef struct KbdintDevice KbdintDevice;
+
 struct Authctxt {
         int success;
         int postponed;
@@ -46,12 +48,31 @@ struct Authctxt {
         char *service;
         struct passwd *pw;
         char *style;
+        void *kbdintctxt;
 #ifdef BSD_AUTH
         auth_session_t *as;
 #endif
 };
 
 /*
+ * Keyboard interactive device:
+ * init_ctx     returns: non NULL upon success 
+ * query        returns: 0 - success, otherwise failure 
+ * respond      returns: 0 - success, 1 - need further interaction,
+ *              otherwise - failure
+ */
+struct KbdintDevice
+{
+        const char *name;
+        void*   (*init_ctx)     __P((Authctxt*));
+        int     (*query)        __P((void *ctx, char **name, char **infotxt,
+                                u_int *numprompts, char ***prompts,
+                                u_int **echo_on));
+        int     (*respond)      __P((void *ctx, u_int numresp, char **responses));
+        void    (*free_ctx)     __P((void *ctx));
+};
+
+/*
  * Tries to authenticate the user using the .rhosts file.  Returns true if
  * authentication succeeds.  If ignore_rhosts is non-zero, this will not
  * consider .rhosts and .shosts (/etc/hosts.equiv will still be used).
@@ -133,8 +154,8 @@ int	auth2_challenge(Authctxt *authctxt, char *devs);
 
 int     allowed_user(struct passwd * pw);
 
-char    *get_challenge(Authctxt *authctxt, char *devs);
-int     verify_response(Authctxt *authctxt, char *response);
+char    *get_challenge(Authctxt *authctxt);
+int     verify_response(Authctxt *authctxt, const char *response);
 
 struct passwd * auth_get_user(void);
 
diff --git a/auth1.c b/auth1.c
index abf2437fa..5ab6b06f1 100644
--- a/auth1.c
+++ b/auth1.c
@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.22 2001/03/23 12:02:49 markus Exp $");
+RCSID("$OpenBSD: auth1.c,v 1.23 2001/05/18 14:13:28 markus Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -271,12 +271,13 @@ do_authloop(Authctxt *authctxt)
 
                 case SSH_CMSG_AUTH_TIS:
                         debug("rcvd SSH_CMSG_AUTH_TIS");
-                        if (options.challenge_reponse_authentication == 1) {
-                                char *challenge = get_challenge(authctxt, authctxt->style);
+                        if (options.challenge_response_authentication == 1) {
+                                char *challenge = get_challenge(authctxt);
                                 if (challenge != NULL) {
                                         debug("sending challenge '%s'", challenge);
                                         packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE);
                                         packet_put_cstring(challenge);
+                                        xfree(challenge);
                                         packet_send();
                                         packet_write_wait();
                                         continue;
@@ -285,7 +286,7 @@ do_authloop(Authctxt *authctxt)
                         break;
                 case SSH_CMSG_AUTH_TIS_RESPONSE:
                         debug("rcvd SSH_CMSG_AUTH_TIS_RESPONSE");
-                        if (options.challenge_reponse_authentication == 1) {
+                        if (options.challenge_response_authentication == 1) {
                                 char *response = packet_get_string(&dlen);
                                 debug("got response '%s'", response);
                                 packet_integrity_check(plen, 4 + dlen, type);
diff --git a/auth2-chall.c b/auth2-chall.c
index 5af60e42f..ad4f7ac42 100644
--- a/auth2-chall.c
+++ b/auth2-chall.c
@@ -1,5 +1,6 @@
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
+ * Copyright (c) 2001 Per Allansson.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -22,91 +23,285 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: auth2-chall.c,v 1.4 2001/03/28 22:43:31 markus Exp $");
+RCSID("$OpenBSD: auth2-chall.c,v 1.5 2001/05/18 14:13:28 markus Exp $");
 
 #include "ssh2.h"
 #include "auth.h"
 #include "packet.h"
 #include "xmalloc.h"
 #include "dispatch.h"
+#include "auth.h"
 #include "log.h"
 
-void send_userauth_into_request(Authctxt *authctxt, char *challenge, int echo);
-void input_userauth_info_response(int type, int plen, void *ctxt);
+static int auth2_challenge_start(Authctxt *authctxt);
+static int send_userauth_info_request(Authctxt *authctxt);
+static void input_userauth_info_response(int type, int plen, void *ctxt);
+
+#ifdef BSD_AUTH
+extern KbdintDevice bsdauth_device;
+#else
+#ifdef SKEY
+extern KbdintDevice skey_device;
+#endif
+#endif
+
+KbdintDevice *devices[] = {
+#ifdef BSD_AUTH
+        &bsdauth_device,
+#else
+#ifdef SKEY
+        &skey_device,
+#endif
+#endif
+        NULL
+};
+
+typedef struct KbdintAuthctxt KbdintAuthctxt;
+struct KbdintAuthctxt
+{
+        char *devices;
+        void *ctxt;
+        KbdintDevice *device;
+};
+
+KbdintAuthctxt *
+kbdint_alloc(const char *devs)
+{
+        KbdintAuthctxt *kbdintctxt;
+        int i;
+        char buf[1024];
+
+        kbdintctxt = xmalloc(sizeof(KbdintAuthctxt));
+        if (strcmp(devs, "") == 0) {
+                buf[0] = '\0';
+                for (i = 0; devices[i]; i++) {
+                        if (i != 0)
+                                strlcat(buf, ",", sizeof(buf));
+                        strlcat(buf, devices[i]->name, sizeof(buf));
+                }
+                debug("kbdint_alloc: devices '%s'", buf);
+                kbdintctxt->devices = xstrdup(buf);
+        } else {
+                kbdintctxt->devices = xstrdup(devs);
+        }
+        kbdintctxt->ctxt = NULL;
+        kbdintctxt->device = NULL;
+
+        return kbdintctxt;
+}
+void
+kbdint_reset_device(KbdintAuthctxt *kbdintctxt)
+{
+        if (kbdintctxt->ctxt) {
+                kbdintctxt->device->free_ctx(kbdintctxt->ctxt);
+                kbdintctxt->ctxt = NULL;
+        }
+        kbdintctxt->device = NULL;
+}
+void
+kbdint_free(KbdintAuthctxt *kbdintctxt)
+{
+        if (kbdintctxt->device)
+                kbdint_reset_device(kbdintctxt);
+        if (kbdintctxt->devices) {
+                xfree(kbdintctxt->devices);
+                kbdintctxt->devices = NULL;
+        }
+        xfree(kbdintctxt);
+}
+/* get next device */
+int
+kbdint_next_device(KbdintAuthctxt *kbdintctxt)
+{
+        size_t len;
+        char *t;
+        int i;
+
+        if (kbdintctxt->device)
+                kbdint_reset_device(kbdintctxt);
+        do {
+                len = kbdintctxt->devices ?
+                    strcspn(kbdintctxt->devices, ",") : 0;
+
+                if (len == 0)
+                        break;
+                for (i = 0; devices[i]; i++)
+                        if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0)
+                                kbdintctxt->device = devices[i];
+                t = kbdintctxt->devices;
+                kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL;
+                xfree(t);
+                debug2("kbdint_next_device: devices %s", kbdintctxt->devices ?
+                   kbdintctxt->devices : "<empty>");
+        } while (kbdintctxt->devices && !kbdintctxt->device);
+
+        return kbdintctxt->device ? 1 : 0;
+}
 
 /*
- * try challenge-reponse, return -1 (= postponed) if we have to
+ * try challenge-reponse, set authctxt->postponed if we have to
  * wait for the response.
  */
 int
 auth2_challenge(Authctxt *authctxt, char *devs)
 {
-        char *challenge;
+        debug("auth2_challenge: user=%s devs=%s",
+            authctxt->user ? authctxt->user : "<nouser>",
+            devs ? devs : "<no devs>");
+
+        if (!authctxt->valid || authctxt->user == NULL || !devs)
+                return 0;
+        if (authctxt->kbdintctxt == NULL) 
+                authctxt->kbdintctxt = kbdint_alloc(devs);
+        return auth2_challenge_start(authctxt);
+}
+
+/* side effect: sets authctxt->postponed if a reply was sent*/
+static int
+auth2_challenge_start(Authctxt *authctxt)
+{
+        KbdintAuthctxt *kbdintctxt = authctxt->kbdintctxt;
+
+        debug2("auth2_challenge_start: devices %s",
+            kbdintctxt->devices ?  kbdintctxt->devices : "<empty>");
+
+        if (kbdint_next_device(kbdintctxt) == 0) {
+                kbdint_free(kbdintctxt);
+                authctxt->kbdintctxt = NULL;
+                return 0;
+        }
+        debug("auth2_challenge_start: trying authentication method '%s'",
+            kbdintctxt->device->name);
 
-        if (!authctxt->valid || authctxt->user == NULL)
+        if ((kbdintctxt->ctxt = kbdintctxt->device->init_ctx(authctxt)) == NULL) {
+                kbdint_free(kbdintctxt);
+                authctxt->kbdintctxt = NULL;
                 return 0;
-        if ((challenge = get_challenge(authctxt, devs)) == NULL)
+        }
+        if (send_userauth_info_request(authctxt) == 0) {
+                kbdint_free(kbdintctxt);
+                authctxt->kbdintctxt = NULL;
                 return 0;
-        send_userauth_into_request(authctxt, challenge, 0);
+        }
         dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE,
             &input_userauth_info_response);
+
         authctxt->postponed = 1;
         return 0;
 }
 
-void
-send_userauth_into_request(Authctxt *authctxt, char *challenge, int echo)
+static int
+send_userauth_info_request(Authctxt *authctxt)
 {
-        int nprompts = 1;
+        KbdintAuthctxt *kbdintctxt;
+        char *name, *instr, **prompts;
+        int i;
+        u_int numprompts, *echo_on;
+
+        kbdintctxt = authctxt->kbdintctxt;
+        if (kbdintctxt->device->query(kbdintctxt->ctxt,
+            &name, &instr, &numprompts, &prompts, &echo_on))
+                return 0;
 
         packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST);
-        /* name, instruction and language are unused */
-        packet_put_cstring("");
-        packet_put_cstring("");
-        packet_put_cstring("");
-        packet_put_int(nprompts);
-        packet_put_cstring(challenge);
-        packet_put_char(echo);
+        packet_put_cstring(name);
+        packet_put_cstring(instr);
+        packet_put_cstring("");         /* language not used */
+        packet_put_int(numprompts);
+        for (i = 0; i < numprompts; i++) {
+                packet_put_cstring(prompts[i]);
+                packet_put_char(echo_on[i]);
+        }
         packet_send();
         packet_write_wait();
+
+        for (i = 0; i < numprompts; i++)
+                xfree(prompts[i]);
+        xfree(prompts);
+        xfree(echo_on);
+        xfree(name);
+        xfree(instr);
+        return 1;
 }
 
-void
+static void
 input_userauth_info_response(int type, int plen, void *ctxt)
 {
         Authctxt *authctxt = ctxt;
-        int authenticated = 0;
-        u_int nresp, rlen;
-        char *response, *method = "challenge-reponse";
+        KbdintAuthctxt *kbdintctxt;
+        int i, authenticated = 0, res, len;
+        u_int nresp;
+        char **response = NULL, *method;
 
         if (authctxt == NULL)
                 fatal("input_userauth_info_response: no authctxt");
+        kbdintctxt = authctxt->kbdintctxt;
+        if (kbdintctxt == NULL || kbdintctxt->ctxt == NULL)
+                fatal("input_userauth_info_response: no kbdintctxt");
+        if (kbdintctxt->device == NULL)
+                fatal("input_userauth_info_response: no device");
 
         authctxt->postponed = 0;        /* reset */
         nresp = packet_get_int();
-        if (nresp == 1) {
-                response = packet_get_string(&rlen);
-                packet_done();
-                if (strlen(response) == 0) {
-                        /*
-                         * if we received an empty response, resend challenge
-                         * with echo enabled
-                         */
-                        char *challenge = get_challenge(authctxt, NULL);
-                        if (challenge != NULL) {
-                                send_userauth_into_request(authctxt,
-                                    challenge, 1);
-                                authctxt->postponed = 1;
-                        }
-                } else if (authctxt->valid) {
-                        authenticated = verify_response(authctxt, response);
-                        memset(response, 'r', rlen);
-                }
+        if (nresp > 0) {
+                response = xmalloc(nresp * sizeof(char*));
+                for (i = 0; i < nresp; i++)
+                        response[i] = packet_get_string(NULL);
+        }
+        packet_done();
+
+        if (authctxt->valid) {
+                res = kbdintctxt->device->respond(kbdintctxt->ctxt,
+                    nresp, response);
+        } else {
+                res = -1;
+        }
+
+        for (i = 0; i < nresp; i++) {
+                memset(response[i], 'r', strlen(response[i]));
+                xfree(response[i]);
+        }
+        if (response)
                 xfree(response);
+
+        switch (res) {
+        case 0:
+                /* Success! */
+                authenticated = 1;
+                break;
+        case 1:
+                /* Authentication needs further interaction */
+                authctxt->postponed = 1;
+                if (send_userauth_info_request(authctxt) == 0) {
+                        authctxt->postponed = 0;
+                }
+                break;
+        default:
+                /* Failure! */
+                break;
         }
-        /* unregister callback */
-        if (!authctxt->postponed)
+
+        len = strlen("keyboard-interactive") + 2 +
+                strlen(kbdintctxt->device->name);
+        method = xmalloc(len);
+        method[0] = '\0';
+        strlcat(method, "keyboard-interactive", len);
+        strlcat(method, "/", len);
+        strlcat(method, kbdintctxt->device->name, len);
+
+        if (!authctxt->postponed) {
+                /* unregister callback */
                 dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);
 
+                if (authenticated) {
+                        kbdint_free(kbdintctxt);
+                        authctxt->kbdintctxt = NULL;
+                } else {
+                        /* start next device */
+                        /* may set authctxt->postponed */
+                        auth2_challenge_start(authctxt);
+                }
+        }
         userauth_finish(authctxt, authenticated, method);
+        xfree(method);
 }
diff --git a/auth2.c b/auth2.c
index f357b5826..e800c0587 100644
--- a/auth2.c
+++ b/auth2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.56 2001/04/19 00:05:11 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.57 2001/05/18 14:13:28 markus Exp $");
 
 #include <openssl/evp.h>
 
@@ -51,6 +51,7 @@ RCSID("$OpenBSD: auth2.c,v 1.56 2001/04/19 00:05:11 markus Exp $");
 #include "hostfile.h"
 #include "canohost.h"
 #include "tildexpand.h"
+#include "match.h"
 
 /* import */
 extern ServerOptions options;
@@ -125,7 +126,7 @@ do_authentication2()
         x_authctxt = authctxt;          /*XXX*/
 
         /* challenge-reponse is implemented via keyboard interactive */
-        if (options.challenge_reponse_authentication)
+        if (options.challenge_response_authentication)
                 options.kbd_interactive_authentication = 1;
         if (options.pam_authentication_via_kbd_int)
                 options.kbd_interactive_authentication = 1;
@@ -400,24 +401,23 @@ int
 userauth_kbdint(Authctxt *authctxt)
 {
         int authenticated = 0;
-        char *lang = NULL;
-        char *devs = NULL;
+        char *lang, *devs;
 
         lang = packet_get_string(NULL);
         devs = packet_get_string(NULL);
         packet_done();
 
-        debug("keyboard-interactive language %s devs %s", lang, devs);
+        debug("keyboard-interactive devs %s", devs);
 
-        if (options.challenge_reponse_authentication)
+        if (options.challenge_response_authentication)
                 authenticated = auth2_challenge(authctxt, devs);
 
 #ifdef USE_PAM
         if (authenticated == 0 && options.pam_authentication_via_kbd_int)
                 authenticated = auth2_pam(authctxt);
 #endif
-        xfree(lang);
         xfree(devs);
+        xfree(lang);
 #ifdef HAVE_CYGWIN
         if (check_nt_auth(0, authctxt->pw->pw_uid) == 0)
                 return(0);
diff --git a/readconf.c b/readconf.c
index 75005b3fe..542c76f33 100644
--- a/readconf.c
+++ b/readconf.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.77 2001/04/30 11:18:51 markus Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.78 2001/05/18 14:13:28 markus Exp $");
 
 #include "ssh.h"
 #include "xmalloc.h"
@@ -333,7 +333,7 @@ parse_flag:
                 goto parse_flag;
 
         case oChallengeResponseAuthentication:
-                intptr = &options->challenge_reponse_authentication;
+                intptr = &options->challenge_response_authentication;
                 goto parse_flag;
 
 #ifdef KRB4
@@ -723,7 +723,7 @@ initialize_options(Options * options)
         options->rhosts_authentication = -1;
         options->rsa_authentication = -1;
         options->pubkey_authentication = -1;
-        options->challenge_reponse_authentication = -1;
+        options->challenge_response_authentication = -1;
 #ifdef KRB4
         options->kerberos_authentication = -1;
 #endif
@@ -797,8 +797,8 @@ fill_default_options(Options * options)
                 options->rsa_authentication = 1;
         if (options->pubkey_authentication == -1)
                 options->pubkey_authentication = 1;
-        if (options->challenge_reponse_authentication == -1)
-                options->challenge_reponse_authentication = 0;
+        if (options->challenge_response_authentication == -1)
+                options->challenge_response_authentication = 0;
 #ifdef KRB4
         if (options->kerberos_authentication == -1)
                 options->kerberos_authentication = 1;
diff --git a/readconf.h b/readconf.h
index 4b20c93bf..489ffc8c1 100644
--- a/readconf.h
+++ b/readconf.h
@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: readconf.h,v 1.31 2001/04/30 11:18:52 markus Exp $"); */
+/* RCSID("$OpenBSD: readconf.h,v 1.32 2001/05/18 14:13:29 markus Exp $"); */
 
 #ifndef READCONF_H
 #define READCONF_H
@@ -39,7 +39,7 @@ typedef struct {
         int     rsa_authentication;     /* Try RSA authentication. */
         int     pubkey_authentication;  /* Try ssh2 pubkey authentication. */
         int     hostbased_authentication;       /* ssh2's rhosts_rsa */
-        int     challenge_reponse_authentication;
+        int     challenge_response_authentication;
                                         /* Try S/Key or TIS, authentication. */
 #ifdef KRB4
         int     kerberos_authentication;        /* Try Kerberos
diff --git a/servconf.c b/servconf.c
index 37f607772..02d06bdad 100644
--- a/servconf.c
+++ b/servconf.c
@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.79 2001/05/03 21:43:01 stevesk Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.80 2001/05/18 14:13:29 markus Exp $");
 
 #ifdef KRB4
 #include <krb.h>
@@ -81,7 +81,7 @@ initialize_server_options(ServerOptions *options)
 #endif
         options->password_authentication = -1;
         options->kbd_interactive_authentication = -1;
-        options->challenge_reponse_authentication = -1;
+        options->challenge_response_authentication = -1;
         options->permit_empty_passwd = -1;
         options->use_login = -1;
         options->allow_tcp_forwarding = -1;
@@ -186,8 +186,8 @@ fill_default_server_options(ServerOptions *options)
                 options->password_authentication = 1;
         if (options->kbd_interactive_authentication == -1)
                 options->kbd_interactive_authentication = 0;
-        if (options->challenge_reponse_authentication == -1)
-                options->challenge_reponse_authentication = 1;
+        if (options->challenge_response_authentication == -1)
+                options->challenge_response_authentication = 1;
         if (options->permit_empty_passwd == -1)
                 options->permit_empty_passwd = 0;
         if (options->use_login == -1)
@@ -603,7 +603,7 @@ parse_flag:
                         goto parse_flag;
 
                 case sChallengeResponseAuthentication:
-                        intptr = &options->challenge_reponse_authentication;
+                        intptr = &options->challenge_response_authentication;
                         goto parse_flag;
 
                 case sPrintMotd:
diff --git a/servconf.h b/servconf.h
index 78bca97f3..a319a5c69 100644
--- a/servconf.h
+++ b/servconf.h
@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: servconf.h,v 1.41 2001/04/13 22:46:53 beck Exp $"); */
+/* RCSID("$OpenBSD: servconf.h,v 1.42 2001/05/18 14:13:29 markus Exp $"); */
 
 #ifndef SERVCONF_H
 #define SERVCONF_H
@@ -92,7 +92,7 @@ typedef struct {
         int     password_authentication;        /* If true, permit password
                                                  * authentication. */
         int     kbd_interactive_authentication; /* If true, permit */
-        int     challenge_reponse_authentication;
+        int     challenge_response_authentication;
         int     permit_empty_passwd;    /* If false, do not permit empty
                                          * passwords. */
         int     use_login;      /* If true, login(1) is used */
diff --git a/sshconnect1.c b/sshconnect1.c
index d42676676..c0fe86293 100644
--- a/sshconnect1.c
+++ b/sshconnect1.c
@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.31 2001/04/17 08:14:01 markus Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.32 2001/05/18 14:13:29 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/evp.h>
@@ -616,7 +616,7 @@ send_afs_tokens(void)
  * Note that the client code is not tied to s/key or TIS.
  */
 int
-try_challenge_reponse_authentication(void)
+try_challenge_response_authentication(void)
 {
         int type, i;
         int payload_len;
@@ -1024,8 +1024,8 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
         }
         /* Try challenge response authentication if the server supports it. */
         if ((supported_authentications & (1 << SSH_AUTH_TIS)) &&
-            options.challenge_reponse_authentication && !options.batch_mode) {
-                if (try_challenge_reponse_authentication())
+            options.challenge_response_authentication && !options.batch_mode) {
+                if (try_challenge_response_authentication())
                         return;
         }
         /* Try password authentication if the server supports it. */
diff --git a/sshconnect2.c b/sshconnect2.c
index 14e3d401a..75bd53d08 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.72 2001/04/18 23:43:26 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.73 2001/05/18 14:13:29 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/md5.h>
@@ -229,7 +229,7 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
         int type;
         int plen;
 
-        if (options.challenge_reponse_authentication)
+        if (options.challenge_response_authentication)
                 options.kbd_interactive_authentication = 1;
 
         debug("send SSH2_MSG_SERVICE_REQUEST");
@@ -787,6 +787,7 @@ input_userauth_info_req(int type, int plen, void *ctxt)
         packet_start(SSH2_MSG_USERAUTH_INFO_RESPONSE);
         packet_put_int(num_prompts);
 
+        debug2("input_userauth_info_req: num_prompts %d", num_prompts);
         for (i = 0; i < num_prompts; i++) {
                 prompt = packet_get_string(NULL);
                 echo = packet_get_char();
diff --git a/sshd.c b/sshd.c
index 552fa3b27..a20b81cca 100644
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.195 2001/04/15 16:58:03 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.196 2001/05/18 14:13:29 markus Exp $");
 
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -1265,7 +1265,7 @@ do_ssh1_kex(void)
         if (options.afs_token_passing)
                 auth_mask |= 1 << SSH_PASS_AFS_TOKEN;
 #endif
-        if (options.challenge_reponse_authentication == 1)
+        if (options.challenge_response_authentication == 1)
                 auth_mask |= 1 << SSH_AUTH_TIS;
         if (options.password_authentication)
                 auth_mask |= 1 << SSH_AUTH_PASSWORD;