diff options
author | Darren Tucker <dtucker@zip.com.au> | 2006-11-07 11:28:40 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2006-11-07 11:28:40 +1100 |
commit | df0e438a2e4efe0422f6e0deb732d819d5938437 (patch) | |
tree | 74981130ad80db1cde7c81a662dcde2013124c40 /sshd.c | |
parent | 570c2ab1b619ea36a06bfbf21d88a82683cc4213 (diff) |
- (dtucker) [sshd.c] Use privsep_pw if we have it, but only require it
if we absolutely need it. Pointed out by Corinna, ok djm@
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 19 |
1 files changed, 11 insertions, 8 deletions
@@ -1431,14 +1431,17 @@ main(int ac, char **av) | |||
1431 | 1431 | ||
1432 | debug("sshd version %.100s", SSH_RELEASE); | 1432 | debug("sshd version %.100s", SSH_RELEASE); |
1433 | 1433 | ||
1434 | /* Store privilege separation user for later use */ | 1434 | /* Store privilege separation user for later use if required. */ |
1435 | if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) | 1435 | if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) { |
1436 | fatal("Privilege separation user %s does not exist", | 1436 | if (use_privsep || options.kerberos_authentication) |
1437 | SSH_PRIVSEP_USER); | 1437 | fatal("Privilege separation user %s does not exist", |
1438 | memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd)); | 1438 | SSH_PRIVSEP_USER); |
1439 | privsep_pw = pwcopy(privsep_pw); | 1439 | } else { |
1440 | xfree(privsep_pw->pw_passwd); | 1440 | memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd)); |
1441 | privsep_pw->pw_passwd = xstrdup("*"); | 1441 | privsep_pw = pwcopy(privsep_pw); |
1442 | xfree(privsep_pw->pw_passwd); | ||
1443 | privsep_pw->pw_passwd = xstrdup("*"); | ||
1444 | } | ||
1442 | endpwent(); | 1445 | endpwent(); |
1443 | 1446 | ||
1444 | /* load private host keys */ | 1447 | /* load private host keys */ |