summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@zip.com.au>2006-11-07 11:28:40 +1100
committerDarren Tucker <dtucker@zip.com.au>2006-11-07 11:28:40 +1100
commitdf0e438a2e4efe0422f6e0deb732d819d5938437 (patch)
tree74981130ad80db1cde7c81a662dcde2013124c40
parent570c2ab1b619ea36a06bfbf21d88a82683cc4213 (diff)
- (dtucker) [sshd.c] Use privsep_pw if we have it, but only require it
if we absolutely need it. Pointed out by Corinna, ok djm@
-rw-r--r--ChangeLog6
-rw-r--r--sshd.c19
2 files changed, 16 insertions, 9 deletions
diff --git a/ChangeLog b/ChangeLog
index 1fbc6a20..9bbf02be 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+20061107
+ - (dtucker) [sshd.c] Use privsep_pw if we have it, but only require it
+ if we absolutely need it. Pointed out by Corinna, ok djm@
+
20061105
- (djm) OpenBSD CVS Sync
- otto@cvs.openbsd.org 2006/10/28 18:08:10
@@ -2588,4 +2592,4 @@
OpenServer 6 and add osr5bigcrypt support so when someone migrates
passwords between UnixWare and OpenServer they will still work. OK dtucker@
-$Id: ChangeLog,v 1.4583 2006/11/04 18:32:02 djm Exp $
+$Id: ChangeLog,v 1.4584 2006/11/07 00:28:40 dtucker Exp $
diff --git a/sshd.c b/sshd.c
index 06ec03b2..a5fa9e4e 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1431,14 +1431,17 @@ main(int ac, char **av)
debug("sshd version %.100s", SSH_RELEASE);
- /* Store privilege separation user for later use */
- if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL)
- fatal("Privilege separation user %s does not exist",
- SSH_PRIVSEP_USER);
- memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd));
- privsep_pw = pwcopy(privsep_pw);
- xfree(privsep_pw->pw_passwd);
- privsep_pw->pw_passwd = xstrdup("*");
+ /* Store privilege separation user for later use if required. */
+ if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) {
+ if (use_privsep || options.kerberos_authentication)
+ fatal("Privilege separation user %s does not exist",
+ SSH_PRIVSEP_USER);
+ } else {
+ memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd));
+ privsep_pw = pwcopy(privsep_pw);
+ xfree(privsep_pw->pw_passwd);
+ privsep_pw->pw_passwd = xstrdup("*");
+ }
endpwent();
/* load private host keys */