- provos@cvs.openbsd.org 2002/03/18 17:50:31
[auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h
auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c
session.h servconf.h serverloop.c session.c sshd.c]
integrate privilege separated openssh; its turned off by default for now.
work done by me and markus@
applied, but outside of ensure that smaller code bits migrated with
their owners.. no work was tried to 'fix' it to work. =) Later project!
diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c
index 2a88e18..c940ec5 100644
--- a/auth-rh-rsa.c
+++ b/auth-rh-rsa.c
@@ -13,7 +13,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth-rh-rsa.c,v 1.31 2002/03/16 17:22:09 markus Exp $");
+RCSID("$OpenBSD: auth-rh-rsa.c,v 1.32 2002/03/18 17:50:31 provos Exp $");
#include "packet.h"
#include "uidswap.h"
@@ -25,6 +25,8 @@
#include "auth.h"
#include "canohost.h"
+#include "monitor_wrap.h"
+
/* import */
extern ServerOptions options;
@@ -69,7 +71,7 @@
chost = (char *)get_canonical_hostname(options.verify_reverse_mapping);
debug("Rhosts RSA authentication: canonical host %.900s", chost);
- if (!auth_rhosts_rsa_key_allowed(pw, cuser, chost, client_host_key)) {
+ if (!PRIVSEP(auth_rhosts_rsa_key_allowed(pw, cuser, chost, client_host_key))) {
debug("Rhosts with RSA host authentication denied: unknown or invalid host key");
packet_send_debug("Your host key cannot be verified: unknown or invalid host key.");
return 0;