- (dtucker) [sshd.c] Use privsep_pw if we have it, but only require it

if we absolutely need it. Pointed out by Corinna, ok djm@
author: Darren Tucker <dtucker@zip.com.au> 2006-11-07 11:28:40 +1100
committer: Darren Tucker <dtucker@zip.com.au> 2006-11-07 11:28:40 +1100
commit: df0e438a2e4efe0422f6e0deb732d819d5938437 (patch)
tree: 74981130ad80db1cde7c81a662dcde2013124c40 /sshd.c
parent: 570c2ab1b619ea36a06bfbf21d88a82683cc4213 (diff)
1 files changed, 11 insertions, 8 deletions
diff --git a/sshd.c b/sshd.c
index 06ec03b20..a5fa9e4eb 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1431,14 +1431,17 @@ main(int ac, char **av)
        debug("sshd version %.100s", SSH_RELEASE);
-        /* Store privilege separation user for later use */
+        /* Store privilege separation user for later use if required. */
-        if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL)
+        if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) {
-                fatal("Privilege separation user %s does not exist",
+                if (use_privsep || options.kerberos_authentication)
-                    SSH_PRIVSEP_USER);
+                        fatal("Privilege separation user %s does not exist",
-        memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd));
+                            SSH_PRIVSEP_USER);
-        privsep_pw = pwcopy(privsep_pw);
+        } else {
-        xfree(privsep_pw->pw_passwd);
+                memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd));
-        privsep_pw->pw_passwd = xstrdup("*");
+                privsep_pw = pwcopy(privsep_pw);
+                xfree(privsep_pw->pw_passwd);
+                privsep_pw->pw_passwd = xstrdup("*");
+        }
        endpwent();
        /* load private host keys */
author	Darren Tucker <dtucker@zip.com.au>	2006-11-07 11:28:40 +1100
committer	Darren Tucker <dtucker@zip.com.au>	2006-11-07 11:28:40 +1100
commit	df0e438a2e4efe0422f6e0deb732d819d5938437 (patch)
tree	74981130ad80db1cde7c81a662dcde2013124c40 /sshd.c
parent	570c2ab1b619ea36a06bfbf21d88a82683cc4213 (diff)

diff --git a/sshd.c b/sshd.c index 06ec03b20..a5fa9e4eb 100644 --- a/sshd.c +++ b/sshd.c
@@ -1431,14 +1431,17 @@ main(int ac, char **av)
1431		1431
1432	debug("sshd version %.100s", SSH_RELEASE);	1432	debug("sshd version %.100s", SSH_RELEASE);
1433		1433
1434	/* Store privilege separation user for later use */	1434	/* Store privilege separation user for later use if required. */
1435	if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL)	1435	if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) {
1436	fatal("Privilege separation user %s does not exist",	1436	if (use_privsep \|\| options.kerberos_authentication)
1437	SSH_PRIVSEP_USER);	1437	fatal("Privilege separation user %s does not exist",
1438	memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd));	1438	SSH_PRIVSEP_USER);
1439	privsep_pw = pwcopy(privsep_pw);	1439	} else {
1440	xfree(privsep_pw->pw_passwd);	1440	memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd));
1441	privsep_pw->pw_passwd = xstrdup("*");	1441	privsep_pw = pwcopy(privsep_pw);
		1442	xfree(privsep_pw->pw_passwd);
		1443	privsep_pw->pw_passwd = xstrdup("*");
		1444	}
1442	endpwent();	1445	endpwent();
1443		1446
1444	/* load private host keys */	1447	/* load private host keys */