Resolve conflicts. Known issues:

 - sshd fails to set TERM correctly.
 - privilege separation may break PAM and is currently turned off.
 - man pages have not yet been updated

I will have these issues resolved, and privilege separation turned on by
default, in time for DP2.

Sponsored by:	DARPA, NAI Labs

1 files changed, 21 insertions, 2 deletions

diff --git a/crypto/openssh/auth2-chall.c b/crypto/openssh/auth2-chall.c
index 34fc8f3..1db7a81 100644
--- a/crypto/openssh/auth2-chall.c
+++ b/crypto/openssh/auth2-chall.c
@@ -23,7 +23,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include "includes.h"
-RCSID("$OpenBSD: auth2-chall.c,v 1.16 2002/01/13 17:57:37 markus Exp $");
+RCSID("$OpenBSD: auth2-chall.c,v 1.18 2002/06/19 00:27:55 deraadt Exp $");
 RCSID("$FreeBSD$");
 
 #include "ssh2.h"
@@ -220,7 +220,7 @@ send_userauth_info_request(Authctxt *authctxt)
 	packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST);
 	packet_put_cstring(name);
 	packet_put_cstring(instr);
-	packet_put_cstring(""); 	/* language not used */
+	packet_put_cstring("");		/* language not used */
 	packet_put_int(numprompts);
 	for (i = 0; i < numprompts; i++) {
 		packet_put_cstring(prompts[i]);
@@ -311,3 +311,22 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt)
 	userauth_finish(authctxt, authenticated, method);
 	xfree(method);
 }
+
+void
+privsep_challenge_enable(void)
+{
+#ifdef BSD_AUTH
+	extern KbdintDevice mm_bsdauth_device;
+#endif
+#ifdef SKEY
+	extern KbdintDevice mm_skey_device;
+#endif
+	/* As long as SSHv1 has devices[0] hard coded this is fine */
+#ifdef BSD_AUTH
+	devices[0] = &mm_bsdauth_device;
+#else
+#ifdef SKEY
+	devices[0] = &mm_skey_device;
+#endif
+#endif
+}