From: djm@openbsd.org Date: Fri, 6 Feb 2026 01:24:36 +0000 (+0000) Subject: upstream: remove vestige of when we supported running without privsep X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=91c4d422cc0af2ae592f5e6c0cc505a5d8d7a6d2;p=thirdparty%2Fopenssh-portable.git upstream: remove vestige of when we supported running without privsep OpenBSD-Commit-ID: 5342c24d2330ef5ce357c294056f72b8123122c0 --- diff --git a/auth-bsdauth.c b/auth-bsdauth.c index d124e994e..d2fe51ae2 100644 --- a/auth-bsdauth.c +++ b/auth-bsdauth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-bsdauth.c,v 1.15 2018/07/09 21:35:50 markus Exp $ */ +/* $OpenBSD: auth-bsdauth.c,v 1.16 2026/02/06 01:24:36 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -125,14 +125,6 @@ bsdauth_free_ctx(void *ctx) } } -KbdintDevice bsdauth_device = { - "bsdauth", - bsdauth_init_ctx, - bsdauth_query, - bsdauth_respond, - bsdauth_free_ctx -}; - KbdintDevice mm_bsdauth_device = { "bsdauth", bsdauth_init_ctx, diff --git a/auth.h b/auth.h index 98bb23d4c..634a84aa8 100644 --- a/auth.h +++ b/auth.h @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.h,v 1.108 2024/05/17 06:42:04 jsg Exp $ */ +/* $OpenBSD: auth.h,v 1.109 2026/02/06 01:24:36 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -182,8 +182,6 @@ int auth2_update_methods_lists(Authctxt *, const char *, const char *); int auth2_setup_methods_lists(Authctxt *); int auth2_method_allowed(Authctxt *, const char *, const char *); -void privsep_challenge_enable(void); - int auth2_challenge(struct ssh *, char *); void auth2_challenge_stop(struct ssh *); int bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **); diff --git a/auth2-chall.c b/auth2-chall.c index a6d916598..dc63091cf 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-chall.c,v 1.57 2025/10/02 08:38:43 dtucker Exp $ */ +/* $OpenBSD: auth2-chall.c,v 1.58 2026/02/06 01:24:36 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Per Allansson. All rights reserved. @@ -54,19 +54,19 @@ static int send_userauth_info_request(struct ssh *); static int input_userauth_info_response(int, u_int32_t, struct ssh *); #ifdef BSD_AUTH -extern KbdintDevice bsdauth_device; +extern KbdintDevice mm_bsdauth_device; #else #ifdef USE_PAM -extern KbdintDevice sshpam_device; +extern KbdintDevice mm_sshpam_device; #endif #endif KbdintDevice *devices[] = { #ifdef BSD_AUTH - &bsdauth_device, + &mm_bsdauth_device, #else #ifdef USE_PAM - &sshpam_device, + &mm_sshpam_device, #endif #endif NULL @@ -362,25 +362,3 @@ input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh) devicename); return 0; } - -void -privsep_challenge_enable(void) -{ -#if defined(BSD_AUTH) || defined(USE_PAM) - int n = 0; -#endif -#ifdef BSD_AUTH - extern KbdintDevice mm_bsdauth_device; -#endif -#ifdef USE_PAM - extern KbdintDevice mm_sshpam_device; -#endif - -#ifdef BSD_AUTH - devices[n++] = &mm_bsdauth_device; -#else -#ifdef USE_PAM - devices[n++] = &mm_sshpam_device; -#endif -#endif -} diff --git a/sshd-auth.c b/sshd-auth.c index 0fff1b33f..0f238e1b3 100644 --- a/sshd-auth.c +++ b/sshd-auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd-auth.c,v 1.10 2025/11/13 10:35:14 dtucker Exp $ */ +/* $OpenBSD: sshd-auth.c,v 1.11 2026/02/06 01:24:36 djm Exp $ */ /* * SSH2 implementation: * Privilege Separation: @@ -750,9 +750,6 @@ main(int ac, char **av) fatal("sshbuf_new loginmsg failed"); auth_debug_reset(); - /* Enable challenge-response authentication for privilege separation */ - privsep_challenge_enable(); - #ifdef GSSAPI /* Cache supported mechanism OIDs for later use */ ssh_gssapi_prepare_supported_oids();