Resolve conflicts. Known issues:

 - sshd fails to set TERM correctly.
 - privilege separation may break PAM and is currently turned off.
 - man pages have not yet been updated

I will have these issues resolved, and privilege separation turned on by
default, in time for DP2.

Sponsored by:	DARPA, NAI Labs

1 files changed, 14 insertions, 9 deletions

diff --git a/crypto/openssh/auth-passwd.c b/crypto/openssh/auth-passwd.c
index ab7447f..ec1b096 100644
--- a/crypto/openssh/auth-passwd.c
+++ b/crypto/openssh/auth-passwd.c
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth-passwd.c,v 1.24 2002/03/04 12:43:06 markus Exp $");
+RCSID("$OpenBSD: auth-passwd.c,v 1.27 2002/05/24 16:45:16 stevesk Exp $");
 RCSID("$FreeBSD$");
 
 #include "packet.h"
@@ -55,7 +55,6 @@ int
 auth_password(Authctxt *authctxt, const char *password)
 {
 	struct passwd * pw = authctxt->pw;
-	char *encrypted_password;
 
 	/* deny if no user. */
 	if (pw == NULL)
@@ -86,14 +85,20 @@ auth_password(Authctxt *authctxt, const char *password)
 		return 0;
 	else
 		return 1;
-#endif
+#else
 	/* Check for users with no password. */
 	if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0)
 		return 1;
-	/* Encrypt the candidate password using the proper salt. */
-	encrypted_password = crypt(password,
-	    (pw->pw_passwd[0] && pw->pw_passwd[1]) ? pw->pw_passwd : "xx");
-
-	/* Authentication is accepted if the encrypted passwords are identical. */
-	return (strcmp(encrypted_password, pw->pw_passwd) == 0);
+	else {
+		/* Encrypt the candidate password using the proper salt. */
+		char *encrypted_password = crypt(password,
+		    (pw->pw_passwd[0] && pw->pw_passwd[1]) ?
+		    pw->pw_passwd : "xx");
+		/*
+		 * Authentication is accepted if the encrypted passwords
+		 * are identical.
+		 */
+		return (strcmp(encrypted_password, pw->pw_passwd) == 0);
+	}
+#endif
 }