No TTY prealloc; Tru64 can't do post-auth privsep

[Ben Lindstrom]

Sorry new patch.. I forgot to add in the actually privsep call.

Index: auth-sia.c
===================================================================
RCS file: /var/cvs/openssh/auth-sia.c,v
retrieving revision 1.7
diff -u -r1.7 auth-sia.c
--- auth-sia.c	12 Apr 2002 15:36:08 -0000	1.7
+++ auth-sia.c	28 Jun 2002 15:17:12 -0000
@@ -77,7 +77,7 @@
 }

 void
-session_setup_sia(char *user, char *tty)
+setup_sia(char *user, char *tty)
 {
 	struct passwd *pw;
 	SIAENTITY *ent = NULL;
@@ -116,6 +116,7 @@

 	sia_ses_release(&ent);

+	/* XXX: Should this be be around a if (!use_privsep) ? */
 	if (setreuid(geteuid(), geteuid()) < 0) {
 		fatal("setreuid: %s", strerror(errno));
 	}
Index: monitor.c
===================================================================
RCS file: /var/cvs/openssh/monitor.c,v
retrieving revision 1.22
diff -u -r1.22 monitor.c
--- monitor.c	27 Jun 2002 00:12:58 -0000	1.22
+++ monitor.c	28 Jun 2002 15:17:18 -0000
@@ -120,6 +120,10 @@
 int mm_answer_pam_start(int, Buffer *);
 #endif

+#ifdef HAVE_OSF_SIA
+int mm_answer_setup_sia(int, Buffer *);
+#endif
+
 static Authctxt *authctxt;
 static BIGNUM *ssh1_challenge = NULL;	/* used for ssh1 rsa auth */

@@ -154,6 +158,9 @@
     {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},
     {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},
     {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
+#ifdef HAVE_OSF_SIA
+    (MONITOR_REQ_SETUP_SIA, MON_ONCE, mm_answer_setup_sia),
+#endif
 #ifdef USE_PAM
     {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start},
 #endif
@@ -196,6 +203,9 @@
     {MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery},
     {MONITOR_REQ_SKEYRESPOND, MON_AUTH, mm_answer_skeyrespond},
 #endif
+#ifdef HAVE_OSF_SIA
+    (MONITOR_REQ_SETUP_SIA, MON_ONCE, mm_answer_setup_sia),
+#endif
 #ifdef USE_PAM
     {MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start},
 #endif
@@ -716,6 +726,22 @@
 	auth_method = "skey";

 	return (authok != 0);
+}
+#endif
+
+#ifdef HAVE_OSF_SIA
+int
+mm_answer_setup_sia(int socket, Buffer *m)
+{
+	char *user, *tty;
+
+	user = buffer_get_string(m, NULL);
+	tty = buffer_get_string(m, NULL);
+
+	setup_sia(user, tty);
+
+	xfree(user);
+	xfree(tty);
 }
 #endif

Index: monitor.h
===================================================================
RCS file: /var/cvs/openssh/monitor.h,v
retrieving revision 1.8
diff -u -r1.8 monitor.h
--- monitor.h	11 Jun 2002 16:42:49 -0000	1.8
+++ monitor.h	28 Jun 2002 15:17:21 -0000
@@ -50,6 +50,7 @@
 	MONITOR_REQ_RSACHALLENGE, MONITOR_ANS_RSACHALLENGE,
 	MONITOR_REQ_RSARESPONSE, MONITOR_ANS_RSARESPONSE,
 	MONITOR_REQ_PAM_START,
+	MONITOR_REQ_SETUP_SIA,
 	MONITOR_REQ_TERM
 };

Index: session.c
===================================================================
RCS file: /var/cvs/openssh/session.c,v
retrieving revision 1.208
diff -u -r1.208 session.c
--- session.c	26 Jun 2002 13:51:06 -0000	1.208
+++ session.c	28 Jun 2002 15:17:30 -0000
@@ -1269,7 +1269,7 @@
 	 */
 	if (!options.use_login) {
 #ifdef HAVE_OSF_SIA
-		session_setup_sia(pw->pw_name, s->ttyfd == -1 ? NULL : s->tty);
+		PRIVSEP(setup_sia(pw->pw_name, s->ttyfd == -1 ? NULL : s->tty));
 		if (!check_quietlogin(s, command))
 			do_motd();
 #else /* HAVE_OSF_SIA */