Fix from upstream to fix logging in with USE=pam via passwords by default.

http://bugs.gentoo.org/170670

ChangeLog:
Move C/R -> kbdint special case to after the defaults have been
loaded, which makes ChallengeResponse default to yes again.  This
was broken by the Match changes and not fixed properly subsequently.
Found by okan at demirmen.com, ok djm@ "please do it" deraadt@

===================================================================
RCS file: /usr/OpenBSD/cvs/src/usr.bin/ssh/servconf.c,v
retrieving revision 1.170
retrieving revision 1.171
diff -u -r1.170 -r1.171
--- src/usr.bin/ssh/servconf.c	2007/03/01 10:28:02	1.170
+++ src/usr.bin/ssh/servconf.c	2007/03/09 05:20:06	1.171
@@ -1344,8 +1344,4 @@
 	if (bad_options > 0)
 		fatal("%s: terminating, %d bad configuration options",
 		    filename, bad_options);
-
-	/* challenge-response is implemented via keyboard interactive */
-	if (options->challenge_response_authentication == 1)
-		options->kbd_interactive_authentication = 1;
 }
===================================================================
RCS file: /usr/OpenBSD/cvs/src/usr.bin/ssh/sshd.c,v
retrieving revision 1.349
retrieving revision 1.350
diff -u -r1.349 -r1.350
--- src/usr.bin/ssh/sshd.c	2007/02/21 11:00:05	1.349
+++ src/usr.bin/ssh/sshd.c	2007/03/09 05:20:06	1.350
@@ -1359,6 +1359,10 @@
 	/* Fill in default values for those options not explicitly set. */
 	fill_default_server_options(&options);
 
+	/* challenge-response is implemented via keyboard interactive */
+	if (options.challenge_response_authentication)
+		options.kbd_interactive_authentication = 1;
+
 	/* set default channel AF */
 	channel_set_af(options.address_family);