From ef7df540735d5ee8889f7f87cc74fc4ec5f4e260 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Fri, 19 May 2000 00:03:23 +1000
Subject: [PATCH]  - Include Andre Lucas' fixprogs script. Forgot to "cvs add"
 it yesterday  - OpenBSD CVS updates:   - markus@cvs.openbsd.org    
 [sshconnect.c]     copy only ai_addrlen bytes; misiek@pld.org.pl     [auth.c]
     accept an empty shell in authentication; bug reported by    
 chris@tinker.ucr.edu     [serverloop.c]     we don't have stderr for
 interactive terminal sessions (fcntl errors)

---
 ChangeLog    | 12 ++++++++++++
 auth.c       | 12 ++++++++++--
 sshconnect.c |  2 +-
 3 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index f995dafb9..0628bb08e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,15 @@
+20000518
+ - Include Andre Lucas' fixprogs script. Forgot to "cvs add" it yesterday
+ - OpenBSD CVS updates:
+  - markus@cvs.openbsd.org
+    [sshconnect.c]
+    copy only ai_addrlen bytes; misiek@pld.org.pl
+    [auth.c]
+    accept an empty shell in authentication; bug reported by 
+    chris@tinker.ucr.edu
+    [serverloop.c]
+    we don't have stderr for interactive terminal sessions (fcntl errors)
+
 20000517
  - Fix from Andre Lucas <andre.lucas@dial.pipex.com>
   - Fixes command line printing segfaults (spotter: Bladt Norbert)
diff --git a/auth.c b/auth.c
index c3063e422..c3baa962f 100644
--- a/auth.c
+++ b/auth.c
@@ -5,7 +5,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth.c,v 1.6 2000/04/26 21:28:31 markus Exp $");
+RCSID("$OpenBSD: auth.c,v 1.7 2000/05/17 21:37:24 deraadt Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -48,6 +48,7 @@ allowed_user(struct passwd * pw)
 {
 	struct stat st;
 	struct group *grp;
+	char *shell;
 	int i;
 #ifdef WITH_AIXAUTHENTICATE
 	char *loginmsg;
@@ -58,7 +59,14 @@ allowed_user(struct passwd * pw)
 		return 0;
 
 	/* deny if shell does not exists or is not executable */
-	if (stat(pw->pw_shell, &st) != 0)
+	/*
+	 * Get the shell from the password data.  An empty shell field is
+	 * legal, and means /bin/sh.
+	 */
+	shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell;
+
+	/* deny if shell does not exists or is not executable */
+	if (stat(shell, &st) != 0)
 		return 0;
 	if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP))))
 		return 0;
diff --git a/sshconnect.c b/sshconnect.c
index 40e359ceb..bf00159b3 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -8,7 +8,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.73 2000/05/17 08:20:15 markus Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.74 2000/05/17 16:57:02 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/dsa.h>