+ /* If first time or username changed or empty username,
+ setup/reset authentication context. */
+ if ((authctxt->attempt++ == 0) ||
+ (strcmp(user, authctxt->user) != 0) ||
+ (strcmp(user, "") == 0)) {
+ if (authctxt->user) {
+ xfree(authctxt->user);
+ authctxt->user = NULL;
+ }
+ authctxt->valid = 0;
+ authctxt->user = xstrdup(user);
+ if (strcmp(service, "ssh-connection") != 0) {
+ packet_disconnect("Unsupported service %s", service);
+ }
+#ifdef GSSAPI
+ /* If we're going to set the username based on the
+ GSSAPI context later, then wait until then to
+ verify it. Just put in placeholders for now. */
+ if ((strcmp(user, "") == 0) &&
+ (strcmp(method, "gssapi-with-mic") == 0 ||
+ strcmp(method, "gssapi-keyex") == 0)) {
+ authctxt->pw = fakepw();
+ } else {
+#endif