2 files changed, 8 insertions, 4 deletions

diff --git a/ChangeLog b/ChangeLog
index 7af3d15f7..7c535eae8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -14,6 +14,10 @@
      [ssh_config.5 ssh.1]
      mention ability to specify bind_address for DynamicForward and -D options;
      bz#1077 spotted by Haruyama Seigo
+   - djm@cvs.openbsd.org 2005/09/19 11:47:09
+     [sshd.c]
+     stop connection abort on rekey with delayed compression enabled when
+     post-auth privsep is disabled (e.g. when root is logged in); ok dtucker@
 
 20050930
  - (dtucker) [openbsd-compat/openbsd-compat.h] Bug #1096: Add prototype
@@ -3054,4 +3058,4 @@
    - (djm) Trim deprecated options from INSTALL. Mention UsePAM
    - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
 
-$Id: ChangeLog,v 1.3905 2005/10/03 08:13:42 dtucker Exp $
+$Id: ChangeLog,v 1.3906 2005/10/03 08:16:02 dtucker Exp $
diff --git a/sshd.c b/sshd.c
index ceb85dd54..6ef2eee13 100644
--- a/sshd.c
+++ b/sshd.c
@@ -42,7 +42,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.313 2005/09/13 23:40:07 djm Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.314 2005/09/19 11:47:09 djm Exp $");
 
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -633,9 +633,8 @@ privsep_postauth(Authctxt *authctxt)
         if (authctxt->pw->pw_uid == 0 || options.use_login) {
 #endif
                 /* File descriptor passing is broken or root login */
-                monitor_apply_keystate(pmonitor);
                 use_privsep = 0;
-                return;
+                goto out;
         }
 
         /* Authentication complete */
@@ -669,6 +668,7 @@ privsep_postauth(Authctxt *authctxt)
         /* Drop privileges */
         do_setusercontext(authctxt->pw);
 
+ out:
         /* It is safe now to apply the key state */
         monitor_apply_keystate(pmonitor);