diff options
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | auth1.c | 5 | ||||
| -rw-r--r-- | auth2.c | 5 |
3 files changed, 11 insertions, 5 deletions
@@ -23,6 +23,10 @@ - stevesk@cvs.openbsd.org 2002/08/22 20:57:19 [ssh-agent.c] shutdown(SHUT_RDWR) not needed before close here; ok markus@ + - markus@cvs.openbsd.org 2002/08/22 21:33:58 + [auth1.c auth2.c] + auth_root_allowed() is handled by the monitor in the privsep case, + so skip this for use_privsep, ok stevesk@, fixes bugzilla #387/325 20020820 - OpenBSD CVS Sync @@ -1564,4 +1568,4 @@ - (stevesk) entropy.c: typo in debug message - (djm) ssh-keygen -i needs seeded RNG; report from markus@ -$Id: ChangeLog,v 1.2433 2002/09/04 06:33:31 djm Exp $ +$Id: ChangeLog,v 1.2434 2002/09/04 06:37:26 djm Exp $ @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth1.c,v 1.41 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$OpenBSD: auth1.c,v 1.42 2002/08/22 21:33:58 markus Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -301,7 +301,8 @@ do_authloop(Authctxt *authctxt) } #else /* Special handling for root */ - if (authenticated && authctxt->pw->pw_uid == 0 && + if (!use_privsep && + authenticated && authctxt->pw->pw_uid == 0 && !auth_root_allowed(get_authname(type))) authenticated = 0; #endif @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2.c,v 1.94 2002/06/30 21:54:16 deraadt Exp $"); +RCSID("$OpenBSD: auth2.c,v 1.95 2002/08/22 21:33:58 markus Exp $"); #include "ssh2.h" #include "xmalloc.h" @@ -205,7 +205,8 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) authctxt->user); /* Special handling for root */ - if (authenticated && authctxt->pw->pw_uid == 0 && + if (!use_privsep && + authenticated && authctxt->pw->pw_uid == 0 && !auth_root_allowed(method)) authenticated = 0; |