- djm@cvs.openbsd.org 2012/04/11 13:17:54

[auth.c] Support "none" as an argument for AuthorizedPrincipalsFile to indicate no file should be read.
author: Damien Miller <djm@mindrot.org> 2012-04-22 11:21:43 +1000
committer: Damien Miller <djm@mindrot.org> 2012-04-22 11:21:43 +1000
commit: 9fed161e67b23977a1070419b356084295422f0c (patch)
tree: 0fd54cc7e3aa515a18c69886c12c054915b084cc
parent: a6508753db3c49910068d8fc324bd284d72ff153 (diff)
2 files changed, 7 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index d19da34ae..7cc597586 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -21,6 +21,10 @@
     [channels.c channels.h clientloop.c serverloop.c]
     don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a
     while; ok deraadt@ markus@
+   - djm@cvs.openbsd.org 2012/04/11 13:17:54
+     [auth.c]
+     Support "none" as an argument for AuthorizedPrincipalsFile to indicate
+     no file should be read.
 20120420
 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
diff --git a/auth.c b/auth.c
index cd95da931..976932887 100644
--- a/auth.c
+++ b/auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.c,v 1.94 2011/05/23 03:33:38 djm Exp $ */
+/* $OpenBSD: auth.c,v 1.95 2012/04/11 13:17:54 djm Exp $ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 *
@@ -357,7 +357,8 @@ expand_authorized_keys(const char *filename, struct passwd *pw)
 char *
 authorized_principals_file(struct passwd *pw)
 {
-        if (options.authorized_principals_file == NULL)
+        if (options.authorized_principals_file == NULL ||
+            strcasecmp(options.authorized_principals_file, "none") == 0)
                return NULL;
        return expand_authorized_keys(options.authorized_principals_file, pw);
 }
author	Damien Miller <djm@mindrot.org>	2012-04-22 11:21:43 +1000
committer	Damien Miller <djm@mindrot.org>	2012-04-22 11:21:43 +1000
commit	9fed161e67b23977a1070419b356084295422f0c (patch)
tree	0fd54cc7e3aa515a18c69886c12c054915b084cc
parent	a6508753db3c49910068d8fc324bd284d72ff153 (diff)