From 556f9315a538c9575c2fcaf2a3ca4d9c068ade78 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Mon, 24 Feb 2003 11:59:26 +1100
Subject: [PATCH]    - markus@cvs.openbsd.org 2003/02/06 21:22:43      [auth1.c
 auth2.c]      undo broken fix for #387, fixes #486

---
 ChangeLog | 5 ++++-
 auth1.c   | 5 ++---
 auth2.c   | 5 ++---
 3 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 7db7cf594..206e72501 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -51,6 +51,9 @@
    - markus@cvs.openbsd.org 2003/02/06 09:29:18
      [sftp-server.c]
      fix races in rename/symlink; from Tony Finch; ok djm@
+   - markus@cvs.openbsd.org 2003/02/06 21:22:43
+     [auth1.c auth2.c]
+     undo broken fix for #387, fixes #486
 
 20030211
  - (djm) Cygwin needs libcrypt too. Patch from vinschen@redhat.com
@@ -1151,4 +1154,4 @@
      save auth method before monitor_reset_key_state(); bugzilla bug #284;
      ok provos@
 
-$Id: ChangeLog,v 1.2607 2003/02/24 00:58:44 djm Exp $
+$Id: ChangeLog,v 1.2608 2003/02/24 00:59:26 djm Exp $
diff --git a/auth1.c b/auth1.c
index 2ba411243..c273f2fb6 100644
--- a/auth1.c
+++ b/auth1.c
@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.46 2003/01/23 00:03:00 djm Exp $");
+RCSID("$OpenBSD: auth1.c,v 1.47 2003/02/06 21:22:42 markus Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -328,8 +328,7 @@ do_authloop(Authctxt *authctxt)
 		}
 #else
 		/* Special handling for root */
-		if (!use_privsep &&
-		    authenticated && authctxt->pw->pw_uid == 0 &&
+		if (authenticated && authctxt->pw->pw_uid == 0 &&
 		    !auth_root_allowed(get_authname(type)))
 			authenticated = 0;
 #endif
diff --git a/auth2.c b/auth2.c
index 17c58552a..1b21eb2da 100644
--- a/auth2.c
+++ b/auth2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.95 2002/08/22 21:33:58 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.96 2003/02/06 21:22:43 markus Exp $");
 
 #include "ssh2.h"
 #include "xmalloc.h"
@@ -205,8 +205,7 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
 		    authctxt->user);
 
 	/* Special handling for root */
-	if (!use_privsep &&
-	    authenticated && authctxt->pw->pw_uid == 0 &&
+	if (authenticated && authctxt->pw->pw_uid == 0 &&
 	    !auth_root_allowed(method))
 		authenticated = 0;