- markus@cvs.openbsd.org 2002/03/19 14:27:39

[auth.c auth1.c auth2.c]
     make getpwnamallow() allways call pwcopy()

ChangeLog

@@ -94,6 +94,9 @@
       sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c
       ttymodes.c]
      KNF whitespace
+   - markus@cvs.openbsd.org 2002/03/19 14:27:39
+     [auth.c auth1.c auth2.c]
+     make getpwnamallow() allways call pwcopy()
 
 20020317
  - (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted,
@@ -7940,4 +7943,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1951 2002/03/22 02:54:23 mouring Exp $
+$Id: ChangeLog,v 1.1952 2002/03/22 03:04:08 mouring Exp $

auth.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth.c,v 1.39 2002/03/19 10:49:35 markus Exp $");
+RCSID("$OpenBSD: auth.c,v 1.40 2002/03/19 14:27:39 markus Exp $");
 
 #ifdef HAVE_LOGIN_H
 #include <login.h>
@@ -48,6 +48,7 @@ RCSID("$OpenBSD: auth.c,v 1.39 2002/03/19 10:49:35 markus Exp $");
 #include "bufaux.h"
 #include "uidswap.h"
 #include "tildexpand.h"
+#include "misc.h"
 
 /* import */
 extern ServerOptions options;
@@ -469,5 +470,5 @@ getpwnamallow(const char *user)
 		auth_close(as);
 #endif
 #endif
-	return (pw);
+	return (pwcopy(pw));
 }

auth1.c

@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.38 2002/03/18 17:50:31 provos Exp $");
+RCSID("$OpenBSD: auth1.c,v 1.39 2002/03/19 14:27:39 markus Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -24,7 +24,6 @@ RCSID("$OpenBSD: auth1.c,v 1.38 2002/03/18 17:50:31 provos Exp $");
 #include "auth.h"
 #include "channels.h"
 #include "session.h"
-#include "misc.h"
 #include "uidswap.h"
 #include "monitor_wrap.h"
 
@@ -359,7 +358,6 @@ Authctxt *
 do_authentication(void)
 {
 	Authctxt *authctxt;
-	struct passwd *pw = NULL, *pwent;
 	u_int ulen;
 	char *p, *user, *style = NULL;
 
@@ -382,21 +380,12 @@ do_authentication(void)
 	authctxt->style = style;
 
 	/* Verify that the user is a valid user. */
-	pwent = PRIVSEP(getpwnamallow(user));
+	if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL)
-	if (pwent) {
 		authctxt->valid = 1;
-		pw = pwcopy(pwent);
+	else
-	} else {
 		debug("do_authentication: illegal user %s", user);
-		pw = NULL;
-	}
-	/* Free memory */
-	if (use_privsep && pwent != NULL)
-		pwfree(pwent);
 
-	authctxt->pw = pw;
+	setproctitle("%s%s", authctxt->pw ? user : "unknown",
-
-	setproctitle("%s%s", pw ? user : "unknown",
 	    use_privsep ? " [net]" : "");
 
 #ifdef USE_PAM
@@ -408,7 +397,8 @@ do_authentication(void)
 	 * the server. (Unless you are running Windows)
 	 */
 #ifndef HAVE_CYGWIN
-	if (!use_privsep && getuid() != 0 && pw && pw->pw_uid != getuid())
+	if (!use_privsep && getuid() != 0 && authctxt->pw &&
+	    authctxt->pw->pw_uid != getuid())
 		packet_disconnect("Cannot change user when server not running as root.");
 #endif
 

auth2.c

@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.88 2002/03/18 17:50:31 provos Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.89 2002/03/19 14:27:39 markus Exp $");
 
 #include <openssl/evp.h>
 
@@ -47,7 +47,6 @@ RCSID("$OpenBSD: auth2.c,v 1.88 2002/03/18 17:50:31 provos Exp $");
 #include "pathnames.h"
 #include "uidswap.h"
 #include "auth-options.h"
-#include "misc.h"
 #include "hostfile.h"
 #include "canohost.h"
 #include "match.h"
@@ -200,16 +199,11 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
 			start_pam("NOUSER");
 #endif
 		}
-		/* Free memory */
+		setproctitle("%s%s", authctxt->pw ? user : "unknown",
-		if (use_privsep && pw != NULL)
-			pwfree(pw);
-
-		setproctitle("%s%s", pw ? user : "unknown",
 		    use_privsep ? " [net]" : "");
 		authctxt->user = xstrdup(user);
 		authctxt->service = xstrdup(service);
 		authctxt->style = style ? xstrdup(style) : NULL;
-
 		if (use_privsep)
 			mm_inform_authserv(service, style);
 	} else if (strcmp(user, authctxt->user) != 0 ||