diff options
author | dtucker <dtucker> | 2010-03-07 12:05:17 +0000 |
---|---|---|
committer | dtucker <dtucker> | 2010-03-07 12:05:17 +0000 |
commit | 456727ae07a7dbd6d6eb9e4fd9521e012d1d0771 (patch) | |
tree | 3fc4d5387db7fa7c2b54a974cd530c8ae1b4b954 /sshd.c | |
parent | d3d69a5b9aa364abaedfdfac4a434bdbc63cd968 (diff) | |
download | openssh-456727ae07a7dbd6d6eb9e4fd9521e012d1d0771.tar.gz |
- dtucker@cvs.openbsd.org 2010/03/07 11:57:13
[auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c]
Hold authentication debug messages until after successful authentication.
Fixes an info leak of environment variables specified in authorized_keys,
reported by Jacob Appelbaum. ok djm@
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.373 2010/02/26 20:29:54 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.374 2010/03/07 11:57:13 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1939,6 +1939,7 @@ main(int ac, char **av) /* prepare buffer to collect messages to display to user after login */ buffer_init(&loginmsg); + auth_debug_reset(); if (use_privsep) if (privsep_preauth(authctxt) == 1) |