diff options
| -rw-r--r-- | ChangeLog | 12 | ||||
| -rw-r--r-- | auth.c | 12 | ||||
| -rw-r--r-- | sshconnect.c | 2 |
3 files changed, 23 insertions, 3 deletions
@@ -1,3 +1,15 @@ +20000518 + - Include Andre Lucas' fixprogs script. Forgot to "cvs add" it yesterday + - OpenBSD CVS updates: + - markus@cvs.openbsd.org + [sshconnect.c] + copy only ai_addrlen bytes; misiek@pld.org.pl + [auth.c] + accept an empty shell in authentication; bug reported by + chris@tinker.ucr.edu + [serverloop.c] + we don't have stderr for interactive terminal sessions (fcntl errors) + 20000517 - Fix from Andre Lucas <andre.lucas@dial.pipex.com> - Fixes command line printing segfaults (spotter: Bladt Norbert) @@ -5,7 +5,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth.c,v 1.6 2000/04/26 21:28:31 markus Exp $"); +RCSID("$OpenBSD: auth.c,v 1.7 2000/05/17 21:37:24 deraadt Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -48,6 +48,7 @@ allowed_user(struct passwd * pw) { struct stat st; struct group *grp; + char *shell; int i; #ifdef WITH_AIXAUTHENTICATE char *loginmsg; @@ -58,7 +59,14 @@ allowed_user(struct passwd * pw) return 0; /* deny if shell does not exists or is not executable */ - if (stat(pw->pw_shell, &st) != 0) + /* + * Get the shell from the password data. An empty shell field is + * legal, and means /bin/sh. + */ + shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; + + /* deny if shell does not exists or is not executable */ + if (stat(shell, &st) != 0) return 0; if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)))) return 0; diff --git a/sshconnect.c b/sshconnect.c index 40e359ce..bf00159b 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -8,7 +8,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect.c,v 1.73 2000/05/17 08:20:15 markus Exp $"); +RCSID("$OpenBSD: sshconnect.c,v 1.74 2000/05/17 16:57:02 markus Exp $"); #include <openssl/bn.h> #include <openssl/dsa.h> |