prefer login_getpwclass() to login_getclass()

FreeBSD has login_getpwclass() that does some special magic for
UID=0. Prefer this to login_getclass() as its easier to emulate
the former with the latter.

Based on FreeBSD PR 37416 via Ed Maste; ok dtucker@

diff --git a/auth.c b/auth.c
index 2b77abcadcd9abad0f7809a3f90a913f2beb64b4..a0e3cd6fe481fa3aba0a39f5e5b56298ffaad0c2 100644 (file)
--- a/auth.c
+++ b/auth.c
@@ -604,7 +604,7 @@ getpwnamallow(struct ssh *ssh, const char *user)
        if (!allowed_user(ssh, pw))
                return (NULL);
 #ifdef HAVE_LOGIN_CAP
-       if ((lc = login_getclass(pw->pw_class)) == NULL) {
+       if ((lc = login_getpwclass(pw)) == NULL) {
                debug("unable to get login class: %s", user);
                return (NULL);
        }

diff --git a/configure.ac b/configure.ac
index 63c239e094a12ff3e43e8b2d16f2856837939c2d..6b75cf9714e26e2e9abd20817f9c9aac5f32389c 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -1841,6 +1841,7 @@ AC_CHECK_FUNCS([ \
        llabs \
        localtime_r \
        login_getcapbool \
+       login_getpwclass \
        md5_crypt \
        memmem \
        memmove \

diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index 50bac587d960ad476039225a963121e9e1523e61..542ae58ddc8a4f5ab57e1c20fc6fb10c2e29e5cf 100644 (file)
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -48,6 +48,10 @@
 #include "blf.h"
 #include "fnmatch.h"
 
+#if defined(HAVE_LOGIN_CAP) && !defined(HAVE_LOGIN_GETPWCLASS)
+# define login_getpwclass(pw) login_getclass(pw->pw_class)
+#endif
+
 #ifndef HAVE_BASENAME
 char *basename(const char *path);
 #endif