update patch version

[gssapi-openssh.git] / openssh / auth.c

diff --git a/openssh/auth.c b/openssh/auth.c
index 3585daadc1c66d5af310cc29b42d299ad2e824b8..010e550ac7dcdd1ce1d596c8b034442a95ecbe8a 100644 (file)
--- a/openssh/auth.c
+++ b/openssh/auth.c
@@ -269,7 +269,8 @@ auth_log(Authctxt *authctxt, int authenticated, char *method, char *info)
            authmsg,
            method,
            authctxt->valid ? "" : "invalid user ",
-           authctxt->user,
+           (authctxt->user && authctxt->user[0]) ?
+               authctxt->user : "unknown",
            get_remote_ipaddr(),
            get_remote_port(),
            info);
@@ -325,7 +326,7 @@ auth_root_allowed(char *method)
  *
  * This returns a buffer allocated by xmalloc.
  */
-static char *
+char *
 expand_authorized_keys(const char *filename, struct passwd *pw)
 {
        char *file, ret[MAXPATHLEN];
@@ -526,9 +527,14 @@ getpwnamallow(const char *user)
            get_canonical_hostname(options.use_dns), get_remote_ipaddr());
 
        pw = getpwnam(user);
+#ifdef USE_PAM
+       if (options.use_pam && options.permit_pam_user_change && pw == NULL)
+               pw = sshpam_getpw(user);
+#endif
        if (pw == NULL) {
                logit("Invalid user %.100s from %.100s",
-                   user, get_remote_ipaddr());
+                     (user && user[0]) ? user : "unknown",
+                     get_remote_ipaddr());
 #ifdef CUSTOM_FAILED_LOGIN
                record_failed_login(user,
                    get_canonical_hostname(options.use_dns), "ssh");