From a2cdbda2de465c9f14984fb988fb1c679f69ea69 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 3 Oct 2005 18:16:02 +1000 Subject: - djm@cvs.openbsd.org 2005/09/19 11:47:09 [sshd.c] stop connection abort on rekey with delayed compression enabled when post-auth privsep is disabled (e.g. when root is logged in); ok dtucker@ --- ChangeLog | 6 +++++- sshd.c | 6 +++--- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index 7af3d15f7..7c535eae8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -14,6 +14,10 @@ [ssh_config.5 ssh.1] mention ability to specify bind_address for DynamicForward and -D options; bz#1077 spotted by Haruyama Seigo + - djm@cvs.openbsd.org 2005/09/19 11:47:09 + [sshd.c] + stop connection abort on rekey with delayed compression enabled when + post-auth privsep is disabled (e.g. when root is logged in); ok dtucker@ 20050930 - (dtucker) [openbsd-compat/openbsd-compat.h] Bug #1096: Add prototype @@ -3054,4 +3058,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3905 2005/10/03 08:13:42 dtucker Exp $ +$Id: ChangeLog,v 1.3906 2005/10/03 08:16:02 dtucker Exp $ diff --git a/sshd.c b/sshd.c index ceb85dd54..6ef2eee13 100644 --- a/sshd.c +++ b/sshd.c @@ -42,7 +42,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.313 2005/09/13 23:40:07 djm Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.314 2005/09/19 11:47:09 djm Exp $"); #include #include @@ -633,9 +633,8 @@ privsep_postauth(Authctxt *authctxt) if (authctxt->pw->pw_uid == 0 || options.use_login) { #endif /* File descriptor passing is broken or root login */ - monitor_apply_keystate(pmonitor); use_privsep = 0; - return; + goto out; } /* Authentication complete */ @@ -669,6 +668,7 @@ privsep_postauth(Authctxt *authctxt) /* Drop privileges */ do_setusercontext(authctxt->pw); + out: /* It is safe now to apply the key state */ monitor_apply_keystate(pmonitor); -- cgit v1.2.3