- provos@cvs.openbsd.org 2002/03/18 17:50:31
[auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h
auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c
session.h servconf.h serverloop.c session.c sshd.c]
integrate privilege separated openssh; its turned off by default for now.
work done by me and markus@
applied, but outside of ensure that smaller code bits migrated with
their owners.. no work was tried to 'fix' it to work. =) Later project!
diff --git a/auth2-chall.c b/auth2-chall.c
index 9f1d932..38f955a 100644
--- a/auth2-chall.c
+++ b/auth2-chall.c
@@ -23,7 +23,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
-RCSID("$OpenBSD: auth2-chall.c,v 1.16 2002/01/13 17:57:37 markus Exp $");
+RCSID("$OpenBSD: auth2-chall.c,v 1.17 2002/03/18 17:50:31 provos Exp $");
#include "ssh2.h"
#include "auth.h"
@@ -310,3 +310,22 @@
userauth_finish(authctxt, authenticated, method);
xfree(method);
}
+
+void
+privsep_challenge_enable(void)
+{
+#ifdef BSD_AUTH
+ extern KbdintDevice mm_bsdauth_device;
+#endif
+#ifdef SKEY
+ extern KbdintDevice mm_skey_device;
+#endif
+ /* As long as SSHv1 has devices[0] hard coded this is fine */
+#ifdef BSD_AUTH
+ devices[0] = &mm_bsdauth_device;
+#else
+#ifdef SKEY
+ devices[0] = &mm_skey_device;
+#endif
+#endif
+}