auth_root_allowed() is handled by the monitor in the privsep case,

so skip this for use_privsep, ok stevesk@, fixes bugzilla #387/325

2 files changed, 6 insertions, 4 deletions

diff --git a/usr.bin/ssh/auth1.c b/usr.bin/ssh/auth1.c
index 4858aaebaf5..661ed5a176c 100644
--- a/usr.bin/ssh/auth1.c
+++ b/usr.bin/ssh/auth1.c
@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.41 2002/06/19 00:27:55 deraadt Exp $");
+RCSID("$OpenBSD: auth1.c,v 1.42 2002/08/22 21:33:58 markus Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -295,7 +295,8 @@ do_authloop(Authctxt *authctxt)
 			    authctxt->user);
 
 		/* Special handling for root */
-		if (authenticated && authctxt->pw->pw_uid == 0 &&
+		if (!use_privsep &&
+		    authenticated && authctxt->pw->pw_uid == 0 &&
 		    !auth_root_allowed(get_authname(type)))
 			authenticated = 0;
 
diff --git a/usr.bin/ssh/auth2.c b/usr.bin/ssh/auth2.c
index eb9254f8e56..d5a504369fc 100644
--- a/usr.bin/ssh/auth2.c
+++ b/usr.bin/ssh/auth2.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.94 2002/06/30 21:54:16 deraadt Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.95 2002/08/22 21:33:58 markus Exp $");
 
 #include "ssh2.h"
 #include "xmalloc.h"
@@ -195,7 +195,8 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
 		    authctxt->user);
 
 	/* Special handling for root */
-	if (authenticated && authctxt->pw->pw_uid == 0 &&
+	if (!use_privsep &&
+	    authenticated && authctxt->pw->pw_uid == 0 &&
 	    !auth_root_allowed(method))
 		authenticated = 0;