diff options
Diffstat (limited to 'auth1.c')
-rw-r--r-- | auth1.c | 8 |
1 files changed, 3 insertions, 5 deletions
@@ -10,7 +10,7 @@ | |||
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include "includes.h" | 12 | #include "includes.h" |
13 | RCSID("$OpenBSD: auth1.c,v 1.44 2002/09/26 11:38:43 markus Exp $"); | 13 | RCSID("$OpenBSD: auth1.c,v 1.47 2003/02/06 21:22:42 markus Exp $"); |
14 | 14 | ||
15 | #include "xmalloc.h" | 15 | #include "xmalloc.h" |
16 | #include "rsa.h" | 16 | #include "rsa.h" |
@@ -150,7 +150,7 @@ do_authloop(Authctxt *authctxt) | |||
150 | snprintf(info, sizeof(info), | 150 | snprintf(info, sizeof(info), |
151 | " tktuser %.100s", | 151 | " tktuser %.100s", |
152 | client_user); | 152 | client_user); |
153 | 153 | ||
154 | /* Send response to client */ | 154 | /* Send response to client */ |
155 | packet_start( | 155 | packet_start( |
156 | SSH_SMSG_AUTH_KERBEROS_RESPONSE); | 156 | SSH_SMSG_AUTH_KERBEROS_RESPONSE); |
@@ -285,7 +285,6 @@ do_authloop(Authctxt *authctxt) | |||
285 | debug("rcvd SSH_CMSG_AUTH_TIS_RESPONSE"); | 285 | debug("rcvd SSH_CMSG_AUTH_TIS_RESPONSE"); |
286 | if (options.challenge_response_authentication == 1) { | 286 | if (options.challenge_response_authentication == 1) { |
287 | char *response = packet_get_string(&dlen); | 287 | char *response = packet_get_string(&dlen); |
288 | debug("got response '%s'", response); | ||
289 | packet_check_eom(); | 288 | packet_check_eom(); |
290 | authenticated = verify_response(authctxt, response); | 289 | authenticated = verify_response(authctxt, response); |
291 | memset(response, 'r', dlen); | 290 | memset(response, 'r', dlen); |
@@ -329,8 +328,7 @@ do_authloop(Authctxt *authctxt) | |||
329 | } | 328 | } |
330 | #else | 329 | #else |
331 | /* Special handling for root */ | 330 | /* Special handling for root */ |
332 | if (!use_privsep && | 331 | if (authenticated && authctxt->pw->pw_uid == 0 && |
333 | authenticated && authctxt->pw->pw_uid == 0 && | ||
334 | !auth_root_allowed(get_authname(type))) | 332 | !auth_root_allowed(get_authname(type))) |
335 | authenticated = 0; | 333 | authenticated = 0; |
336 | #endif | 334 | #endif |