summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2000-05-17 21:37:25 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2000-05-17 21:37:25 +0000
commit715ea59f6afe197fac80665471b4b6bda447ed21 (patch)
treee4a4cfd94d070ba4482cc854a217c061c99e9c75 /usr.bin/ssh
parent275ee2782bed05bdb22f30e36af6b55529cb99dd (diff)
accept an empty shell in authentication; bug reported by chris@tinker.ucr.edu
Diffstat (limited to 'usr.bin/ssh')
-rw-r--r--usr.bin/ssh/auth.c11
1 files changed, 9 insertions, 2 deletions
diff --git a/usr.bin/ssh/auth.c b/usr.bin/ssh/auth.c
index d3425a237a7..20e9760c428 100644
--- a/usr.bin/ssh/auth.c
+++ b/usr.bin/ssh/auth.c
@@ -5,7 +5,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth.c,v 1.6 2000/04/26 21:28:31 markus Exp $");
+RCSID("$OpenBSD: auth.c,v 1.7 2000/05/17 21:37:24 deraadt Exp $");
#include "xmalloc.h"
#include "rsa.h"
@@ -45,14 +45,21 @@ allowed_user(struct passwd * pw)
{
struct stat st;
struct group *grp;
+ char *shell;
int i;
/* Shouldn't be called if pw is NULL, but better safe than sorry... */
if (!pw)
return 0;
+ /*
+ * Get the shell from the password data. An empty shell field is
+ * legal, and means /bin/sh.
+ */
+ shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell;
+
/* deny if shell does not exists or is not executable */
- if (stat(pw->pw_shell, &st) != 0)
+ if (stat(shell, &st) != 0)
return 0;
if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP))))
return 0;