summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2002-09-04 16:37:26 +1000
committerDamien Miller <djm@mindrot.org>2002-09-04 16:37:26 +1000
commitde6f2de8ad528cd8cdfb4b4dc5de9e7ba086c957 (patch)
treeb5665b1ac83d5ec745dba26cb6d000b5686d402f
parent061d5b144f7aaa9ce86838d437790b8e3a46050c (diff)
- markus@cvs.openbsd.org 2002/08/22 21:33:58
[auth1.c auth2.c] auth_root_allowed() is handled by the monitor in the privsep case, so skip this for use_privsep, ok stevesk@, fixes bugzilla #387/325
-rw-r--r--ChangeLog6
-rw-r--r--auth1.c5
-rw-r--r--auth2.c5
3 files changed, 11 insertions, 5 deletions
diff --git a/ChangeLog b/ChangeLog
index 1c00c95c..07699b01 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -23,6 +23,10 @@
- stevesk@cvs.openbsd.org 2002/08/22 20:57:19
[ssh-agent.c]
shutdown(SHUT_RDWR) not needed before close here; ok markus@
+ - markus@cvs.openbsd.org 2002/08/22 21:33:58
+ [auth1.c auth2.c]
+ auth_root_allowed() is handled by the monitor in the privsep case,
+ so skip this for use_privsep, ok stevesk@, fixes bugzilla #387/325
20020820
- OpenBSD CVS Sync
@@ -1564,4 +1568,4 @@
- (stevesk) entropy.c: typo in debug message
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
-$Id: ChangeLog,v 1.2433 2002/09/04 06:33:31 djm Exp $
+$Id: ChangeLog,v 1.2434 2002/09/04 06:37:26 djm Exp $
diff --git a/auth1.c b/auth1.c
index 769fa306..17342a65 100644
--- a/auth1.c
+++ b/auth1.c
@@ -10,7 +10,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.41 2002/06/19 00:27:55 deraadt Exp $");
+RCSID("$OpenBSD: auth1.c,v 1.42 2002/08/22 21:33:58 markus Exp $");
#include "xmalloc.h"
#include "rsa.h"
@@ -301,7 +301,8 @@ do_authloop(Authctxt *authctxt)
}
#else
/* Special handling for root */
- if (authenticated && authctxt->pw->pw_uid == 0 &&
+ if (!use_privsep &&
+ authenticated && authctxt->pw->pw_uid == 0 &&
!auth_root_allowed(get_authname(type)))
authenticated = 0;
#endif
diff --git a/auth2.c b/auth2.c
index 3b47a6d0..1cb9769f 100644
--- a/auth2.c
+++ b/auth2.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.94 2002/06/30 21:54:16 deraadt Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.95 2002/08/22 21:33:58 markus Exp $");
#include "ssh2.h"
#include "xmalloc.h"
@@ -205,7 +205,8 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
authctxt->user);
/* Special handling for root */
- if (authenticated && authctxt->pw->pw_uid == 0 &&
+ if (!use_privsep &&
+ authenticated && authctxt->pw->pw_uid == 0 &&
!auth_root_allowed(method))
authenticated = 0;