Release new patch with fix for

[gssapi-openssh.git] / openssh / auth.c

diff --git a/openssh/auth.c b/openssh/auth.c
index 8ed27b96e3492f31145200b1f749d7e2bdf3eb4f..f35600eed1fe302754c3d40e50f83164dd1b1d3a 100644 (file)
--- a/openssh/auth.c
+++ b/openssh/auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.c,v 1.75 2006/08/03 03:34:41 deraadt Exp $ */
+/* $OpenBSD: auth.c,v 1.78 2007/09/21 08:15:29 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -115,11 +115,11 @@ allowed_user(struct passwd * pw)
        /* grab passwd field for locked account check */
 #ifdef USE_SHADOW
        if (spw != NULL)
-#if defined(HAVE_LIBIAF)  &&  !defined(BROKEN_LIBIAF)
+#ifdef USE_LIBIAF
                passwd = get_iaf_password(pw);
 #else
                passwd = spw->sp_pwdp;
-#endif /* HAVE_LIBIAF  && !BROKEN_LIBIAF */
+#endif /* USE_LIBIAF */
 #else
        passwd = pw->pw_passwd;
 #endif
@@ -141,9 +141,9 @@ allowed_user(struct passwd * pw)
                if (strstr(passwd, LOCKED_PASSWD_SUBSTR))
                        locked = 1;
 #endif
-#if defined(HAVE_LIBIAF)  &&  !defined(BROKEN_LIBIAF)
+#ifdef USE_LIBIAF
                free(passwd);
-#endif /* HAVE_LIBIAF  && !BROKEN_LIBIAF */
+#endif /* USE_LIBIAF */
                if (locked) {
                        logit("User %.100s not allowed because account is locked",
                            pw->pw_name);
@@ -571,8 +571,8 @@ fakepw(void)
        fake.pw_passwd =
            "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK";
        fake.pw_gecos = "NOUSER";
-       fake.pw_uid = privsep_pw->pw_uid;
-       fake.pw_gid = privsep_pw->pw_gid;
+       fake.pw_uid = privsep_pw == NULL ? (uid_t)-1 : privsep_pw->pw_uid;
+       fake.pw_gid = privsep_pw == NULL ? (gid_t)-1 : privsep_pw->pw_gid;
 #ifdef HAVE_PW_CLASS_IN_PASSWD
        fake.pw_class = "";
 #endif