diff options
author | Ed Maste <emaste@FreeBSD.org> | 2019-11-20 16:30:37 +0000 |
---|---|---|
committer | Ed Maste <emaste@FreeBSD.org> | 2019-11-20 16:30:37 +0000 |
commit | e8c56fba2926cfdaf7759edf3d53af8823db9dbc (patch) | |
tree | 5682f8744167d0cefa57a1c757b937f2310cdf61 /crypto | |
parent | 53c772bbd7bb74423e9eda16701a711dd793dede (diff) | |
download | src-test-e8c56fba2926cfdaf7759edf3d53af8823db9dbc.tar.gz src-test-e8c56fba2926cfdaf7759edf3d53af8823db9dbc.zip |
sshd: make getpwclass wrapper MON_ISAUTH not MON_AUTH
In r339216 a privsep wrapper was added for login_getpwclass to address
PR 231172. Unfortunately the change used the MON_AUTH flag in the
wrapper, and MON_AUTH includes MON_AUTHDECIDE which triggers an
auth_log() on each invocation. getpwclass() does not participate in the
authentication decision, so should be MON_ISAUTH instead.
PR: 234793
Submitted by: Henry Hu
Reviewed by: Yuichiro NAITO
MFC after: 1 week
Notes
Notes:
svn path=/head/; revision=354897
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/openssh/monitor.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/openssh/monitor.c b/crypto/openssh/monitor.c index 1913b1f8a1e92..c5e3708c2563c 100644 --- a/crypto/openssh/monitor.c +++ b/crypto/openssh/monitor.c @@ -193,7 +193,7 @@ struct mon_table mon_dispatch_proto20[] = { #endif {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, #ifdef HAVE_LOGIN_CAP - {MONITOR_REQ_GETPWCLASS, MON_AUTH, mm_answer_login_getpwclass}, + {MONITOR_REQ_GETPWCLASS, MON_ISAUTH, mm_answer_login_getpwclass}, #endif {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, |