[openssh-commits] [openssh] 01/01: upstream: Do not ban PTY allocation when a sshd session is restricted

git+noreply at mindrot.org git+noreply at mindrot.org
Fri May 25 17:12:13 AEST 2018


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit fbb4b5fd4f8e0bb89732670a01954e18b69e15ba
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri May 25 07:11:01 2018 +0000

    upstream: Do not ban PTY allocation when a sshd session is restricted
    
    because the user password is expired as it breaks password change dialog.
    
    regression in openssh-7.7 reported by Daniel Wagner
    
    OpenBSD-Commit-ID: 9fc09c584c6f1964b00595e3abe7f83db4d90d73
---
 auth.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/auth.c b/auth.c
index 63366768..0b7a335f 100644
--- a/auth.c
+++ b/auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.c,v 1.127 2018/03/12 00:52:01 djm Exp $ */
+/* $OpenBSD: auth.c,v 1.128 2018/05/25 07:11:01 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -1080,6 +1080,7 @@ auth_restrict_session(struct ssh *ssh)
 
 	/* A blank sshauthopt defaults to permitting nothing */
 	restricted = sshauthopt_new();
+	restricted->permit_pty_flag = 1;
 	restricted->restricted = 1;
 
 	if (auth_activate_options(ssh, restricted) != 0)

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list