diff options
Diffstat (limited to 'auth2.c')
-rw-r--r-- | auth2.c | 16 |
1 files changed, 4 insertions, 12 deletions
@@ -91,10 +91,6 @@ do_authentication2(void) | |||
91 | /* challenge-response is implemented via keyboard interactive */ | 91 | /* challenge-response is implemented via keyboard interactive */ |
92 | if (options.challenge_response_authentication) | 92 | if (options.challenge_response_authentication) |
93 | options.kbd_interactive_authentication = 1; | 93 | options.kbd_interactive_authentication = 1; |
94 | if (options.pam_authentication_via_kbd_int) | ||
95 | options.kbd_interactive_authentication = 1; | ||
96 | if (use_privsep) | ||
97 | options.pam_authentication_via_kbd_int = 0; | ||
98 | 94 | ||
99 | dispatch_init(&dispatch_protocol_error); | 95 | dispatch_init(&dispatch_protocol_error); |
100 | dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request); | 96 | dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request); |
@@ -163,12 +159,14 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) | |||
163 | authctxt->valid = 1; | 159 | authctxt->valid = 1; |
164 | debug2("input_userauth_request: setting up authctxt for %s", user); | 160 | debug2("input_userauth_request: setting up authctxt for %s", user); |
165 | #ifdef USE_PAM | 161 | #ifdef USE_PAM |
166 | PRIVSEP(start_pam(authctxt->pw->pw_name)); | 162 | if (options.use_pam) |
163 | PRIVSEP(start_pam(authctxt->pw->pw_name)); | ||
167 | #endif | 164 | #endif |
168 | } else { | 165 | } else { |
169 | logit("input_userauth_request: illegal user %s", user); | 166 | logit("input_userauth_request: illegal user %s", user); |
170 | #ifdef USE_PAM | 167 | #ifdef USE_PAM |
171 | PRIVSEP(start_pam(user)); | 168 | if (options.use_pam) |
169 | PRIVSEP(start_pam(user)); | ||
172 | #endif | 170 | #endif |
173 | } | 171 | } |
174 | setproctitle("%s%s", authctxt->pw ? user : "unknown", | 172 | setproctitle("%s%s", authctxt->pw ? user : "unknown", |
@@ -215,12 +213,6 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) | |||
215 | !auth_root_allowed(method)) | 213 | !auth_root_allowed(method)) |
216 | authenticated = 0; | 214 | authenticated = 0; |
217 | 215 | ||
218 | #ifdef USE_PAM | ||
219 | if (!use_privsep && authenticated && authctxt->user && | ||
220 | !do_pam_account(authctxt->user, NULL)) | ||
221 | authenticated = 0; | ||
222 | #endif /* USE_PAM */ | ||
223 | |||
224 | #ifdef _UNICOS | 216 | #ifdef _UNICOS |
225 | if (authenticated && cray_access_denied(authctxt->user)) { | 217 | if (authenticated && cray_access_denied(authctxt->user)) { |
226 | authenticated = 0; | 218 | authenticated = 0; |