1 files changed, 4 insertions, 4 deletions
diff --git a/auth2.c b/auth2.c
index eadaa7135..4c18d232d 100644
--- a/auth2.c
+++ b/auth2.c
@@ -189,12 +189,12 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
                        authctxt->valid = 1;
                        debug2("input_userauth_request: setting up authctxt for %s", user);
 #ifdef USE_PAM
-                        start_pam(authctxt->pw->pw_name);
+                        PRIVSEP(start_pam(authctxt->pw->pw_name));
 #endif
                } else {
                        log("input_userauth_request: illegal user %s", user);
 #ifdef USE_PAM
-                        start_pam("NOUSER");
+                        PRIVSEP(start_pam("NOUSER"));
 #endif
                }
                setproctitle("%s%s", authctxt->pw ? user : "unknown",
@@ -242,8 +242,8 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
                authenticated = 0;
 #ifdef USE_PAM
-        if (authenticated && authctxt->user && !do_pam_account(authctxt->user,
+        if (!use_privsep && authenticated && authctxt->user && 
-            NULL))
+            !do_pam_account(authctxt->user, NULL))
                authenticated = 0;
 #endif /* USE_PAM */

diff --git a/auth2.c b/auth2.c index eadaa7135..4c18d232d 100644 --- a/auth2.c +++ b/auth2.c
@@ -189,12 +189,12 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
189	authctxt->valid = 1;	189	authctxt->valid = 1;
190	debug2("input_userauth_request: setting up authctxt for %s", user);	190	debug2("input_userauth_request: setting up authctxt for %s", user);
191	#ifdef USE_PAM	191	#ifdef USE_PAM
192	start_pam(authctxt->pw->pw_name);	192	PRIVSEP(start_pam(authctxt->pw->pw_name));
193	#endif	193	#endif
194	} else {	194	} else {
195	log("input_userauth_request: illegal user %s", user);	195	log("input_userauth_request: illegal user %s", user);
196	#ifdef USE_PAM	196	#ifdef USE_PAM
197	start_pam("NOUSER");	197	PRIVSEP(start_pam("NOUSER"));
198	#endif	198	#endif
199	}	199	}
200	setproctitle("%s%s", authctxt->pw ? user : "unknown",	200	setproctitle("%s%s", authctxt->pw ? user : "unknown",
@@ -242,8 +242,8 @@ userauth_finish(Authctxt authctxt, int authenticated, char method)
242	authenticated = 0;	242	authenticated = 0;
243		243
244	#ifdef USE_PAM	244	#ifdef USE_PAM
245	if (authenticated && authctxt->user && !do_pam_account(authctxt->user,	245	if (!use_privsep && authenticated && authctxt->user &&
246	NULL))	246	!do_pam_account(authctxt->user, NULL))
247	authenticated = 0;	247	authenticated = 0;
248	#endif /* USE_PAM */	248	#endif /* USE_PAM */
249		249