#include <krb5.h>

#include <krb5.h>

krb5_error_code ssh_krb5_cc_gen(krb5_context, krb5_ccache *);

krb5_error_code ssh_krb5_cc_gen(krb5_context, krb5_ccache *);

#endif

#endif

#endif

#endif

	}

	}

	/* Configuration may have changed as a result of Match */

	/* Configuration may have changed as a result of Match */

		fatal("AuthenticationMethods is not supported with SSH "

		fatal("AuthenticationMethods is not supported with SSH "

		    "protocol 1");

		    "protocol 1");

#endif

#endif

	}

	}

		if (!auth2_update_methods_lists(authctxt, method, submethod)) {

		if (!auth2_update_methods_lists(authctxt, method, submethod)) {

			authenticated = 0;

			authenticated = 0;

			partial = 1;

			partial = 1;

	 * NB. authctxt->num_auth_methods might be zero as a result of

	 * NB. authctxt->num_auth_methods might be zero as a result of

	 * auth2_setup_methods_lists(), so check the configuration.

	 * auth2_setup_methods_lists(), so check the configuration.

	 */

	 */

		return 1;

		return 1;

	for (i = 0; i < authctxt->num_auth_methods; i++) {

	for (i = 0; i < authctxt->num_auth_methods; i++) {

		if (list_starts_with(authctxt->auth_methods[i], method,

		if (list_starts_with(authctxt->auth_methods[i], method,

{

{

	u_int i;

	u_int i;

		return 0;

		return 0;

	debug3("%s: checking methods", __func__);

	debug3("%s: checking methods", __func__);

	authctxt->auth_methods = xcalloc(options.num_auth_methods,

	authctxt->auth_methods = xcalloc(options.num_auth_methods,

		authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1);

		authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1);

		/* Special handling for multiple required authentications */

		/* Special handling for multiple required authentications */

			if (!compat20)

			if (!compat20)

				fatal("AuthenticationMethods is not supported"

				fatal("AuthenticationMethods is not supported"

				    "with SSH protocol 1");

				    "with SSH protocol 1");

		options->fwd_opts.streamlocal_bind_unlink = 0;

		options->fwd_opts.streamlocal_bind_unlink = 0;

	if (options->fingerprint_hash == -1)

	if (options->fingerprint_hash == -1)

		options->fingerprint_hash = SSH_FP_HASH_DEFAULT;

		options->fingerprint_hash = SSH_FP_HASH_DEFAULT;

	/* Turn privilege separation on by default */

	/* Turn privilege separation on by default */

	if (use_privsep == -1)

	if (use_privsep == -1)

		use_privsep = PRIVSEP_NOSANDBOX;

		use_privsep = PRIVSEP_NOSANDBOX;

		break;

		break;

	case sAuthenticationMethods:

	case sAuthenticationMethods:

		if (options->num_auth_methods == 0) {

		if (options->num_auth_methods == 0) {

			while ((arg = strdelim(&cp)) && *arg != '\0') {

			while ((arg = strdelim(&cp)) && *arg != '\0') {

				if (options->num_auth_methods >=

				if (options->num_auth_methods >=

				    MAX_AUTH_METHODS)

				    MAX_AUTH_METHODS)

	 * daemonisation in the presence of Match block, but this catches

	 * daemonisation in the presence of Match block, but this catches

	 * and warns for trivial misconfigurations that could break login.

	 * and warns for trivial misconfigurations that could break login.

	 */

	 */

		if ((options.protocol & SSH_PROTO_1))

		if ((options.protocol & SSH_PROTO_1))

			fatal("AuthenticationMethods is not supported with "

			fatal("AuthenticationMethods is not supported with "

			    "SSH protocol 1");

			    "SSH protocol 1");