diff options
| author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2006-11-10 16:52:41 +0000 |
|---|---|---|
| committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2006-11-10 16:52:41 +0000 |
| commit | 62efe23a828ce21ae4d100dc0fd5331f5582e7df (patch) | |
| tree | 538ffcf6acb6ece62b0734e0707ef5a1e8efbd7a /crypto/openssh/sshd.c | |
| parent | b8e61582feacfd6acace15f1990fc0a5426d184e (diff) | |
| download | src-62efe23a828ce21ae4d100dc0fd5331f5582e7df.tar.gz src-62efe23a828ce21ae4d100dc0fd5331f5582e7df.zip | |
Resolve conflicts.
Notes
Notes:
svn path=/head/; revision=164149
Diffstat (limited to 'crypto/openssh/sshd.c')
| -rw-r--r-- | crypto/openssh/sshd.c | 24 |
1 files changed, 14 insertions, 10 deletions
diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c index 151aa04bc234..583252645b43 100644 --- a/crypto/openssh/sshd.c +++ b/crypto/openssh/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.347 2006/08/18 09:15:20 markus Exp $ */ +/* $OpenBSD: sshd.c,v 1.348 2006/11/06 21:25:28 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1441,13 +1441,17 @@ main(int ac, char **av) debug("sshd version %.100s", SSH_RELEASE); - /* Store privilege separation user for later use */ - if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) - fatal("Privilege separation user %s does not exist", - SSH_PRIVSEP_USER); - memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd)); - privsep_pw->pw_passwd = "*"; - privsep_pw = pwcopy(privsep_pw); + /* Store privilege separation user for later use if required. */ + if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) { + if (use_privsep || options.kerberos_authentication) + fatal("Privilege separation user %s does not exist", + SSH_PRIVSEP_USER); + } else { + memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd)); + privsep_pw = pwcopy(privsep_pw); + xfree(privsep_pw->pw_passwd); + privsep_pw->pw_passwd = xstrdup("*"); + } endpwent(); /* load private host keys */ @@ -2042,10 +2046,10 @@ do_ssh1_kex(void) * key is in the highest bits. */ if (!rsafail) { - BN_mask_bits(session_key_int, sizeof(session_key) * 8); + (void) BN_mask_bits(session_key_int, sizeof(session_key) * 8); len = BN_num_bytes(session_key_int); if (len < 0 || (u_int)len > sizeof(session_key)) { - error("do_connection: bad session key len from %s: " + error("do_ssh1_kex: bad session key len from %s: " "session_key_int %d > sizeof(session_key) %lu", get_remote_ipaddr(), len, (u_long)sizeof(session_key)); rsafail++; |