- markus@cvs.openbsd.org 2003/02/16 17:30:33
[monitor.c monitor_wrap.c]
fix permitrootlogin forced-commands-only for privsep; bux #387; ok provos@
diff --git a/monitor_wrap.c b/monitor_wrap.c
index 551bbc1..1395a32 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -25,7 +25,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: monitor_wrap.c,v 1.21 2003/02/04 09:33:22 markus Exp $");
+RCSID("$OpenBSD: monitor_wrap.c,v 1.22 2003/02/16 17:30:33 markus Exp $");
#include <openssl/bn.h>
#include <openssl/dh.h>
@@ -34,6 +34,7 @@
#include "dh.h"
#include "kex.h"
#include "auth.h"
+#include "auth-options.h"
#include "buffer.h"
#include "bufaux.h"
#include "packet.h"
@@ -312,7 +313,7 @@
Buffer m;
u_char *blob;
u_int len;
- int allowed = 0;
+ int allowed = 0, have_forced = 0;
debug3("%s entering", __func__);
@@ -334,6 +335,11 @@
allowed = buffer_get_int(&m);
+ /* fake forced command */
+ auth_clear_options();
+ have_forced = buffer_get_int(&m);
+ forced_command = have_forced ? xstrdup("true") : NULL;
+
/* Send potential debug messages */
mm_send_debug(&m);
@@ -853,7 +859,7 @@
Key *key;
u_char *blob;
u_int blen;
- int allowed = 0;
+ int allowed = 0, have_forced = 0;
debug3("%s entering", __func__);
@@ -865,6 +871,11 @@
allowed = buffer_get_int(&m);
+ /* fake forced command */
+ auth_clear_options();
+ have_forced = buffer_get_int(&m);
+ forced_command = have_forced ? xstrdup("true") : NULL;
+
if (allowed && rkey != NULL) {
blob = buffer_get_string(&m, &blen);
if ((key = key_from_blob(blob, blen)) == NULL)