2 files changed, 21 insertions, 0 deletions

diff --git a/crypto/openssh/auth-chall.c b/crypto/openssh/auth-chall.c
index 45e0c34..b9c2efd 100644
--- a/crypto/openssh/auth-chall.c
+++ b/crypto/openssh/auth-chall.c
@@ -24,6 +24,7 @@
 
 #include "includes.h"
 RCSID("$OpenBSD: auth-chall.c,v 1.8 2001/05/18 14:13:28 markus Exp $");
+RCSID("$FreeBSD$");
 
 #include "auth.h"
 #include "log.h"
@@ -76,6 +77,24 @@ verify_response(Authctxt *authctxt, const char *response)
 		return 0;
 	resp[0] = (char *)response;
 	res = device->respond(authctxt->kbdintctxt, 1, resp);
+	if (res == 1) {
+		/* postponed - send a null query just in case */
+		char *name, *info, **prompts;
+		u_int i, numprompts, *echo_on;
+
+		res = device->query(authctxt->kbdintctxt, &name, &info,
+		    &numprompts, &prompts, &echo_on);
+		if (res == 0) {
+			for (i = 0; i < numprompts; i++)
+				xfree(prompts[i]);
+			xfree(prompts);
+			xfree(name);
+			xfree(echo_on);
+			xfree(info);
+		}
+		/* if we received more prompts, we're screwed */
+		res = (numprompts != 0);
+	}
 	device->free_ctx(authctxt->kbdintctxt);
 	authctxt->kbdintctxt = NULL;
 	return res ? 0 : 1;
diff --git a/crypto/openssh/monitor.c b/crypto/openssh/monitor.c
index 5a597ef..b75c285 100644
--- a/crypto/openssh/monitor.c
+++ b/crypto/openssh/monitor.c
@@ -797,6 +797,8 @@ mm_answer_pam_query(int socket, Buffer *m)
 	debug3("%s", __func__);
 	pam_authok = NULL;
 	ret = (pam_device.query)(pam_ctxt, &name, &info, &num, &prompts, &echo_on);
+	if (ret == 0 && num == 0)
+		pam_authok = pam_ctxt;
 	if (num > 1 || name == NULL || info == NULL)
 		ret = -1;
 	buffer_clear(m);