Merge changes I934c73d4,I28cdc9a0,I9e734da9,I3c079d86

* changes:
  UPSTREAM: depend
  UPSTREAM: upstream: avoid possible NULL deref; from Pedro Martelletto
  Revert "upstream: fix compilation with DEBUG_KEXDH; bz#3160 ok dtucker@"
  Merge upstream-master into master

1 files changed, 7 insertions, 4 deletions

diff --git a/openbsd-compat/port-uw.c b/openbsd-compat/port-uw.c
index db24dbb9..13221313 100644
--- a/openbsd-compat/port-uw.c
+++ b/openbsd-compat/port-uw.c
@@ -38,8 +38,6 @@
 
 #include "xmalloc.h"
 #include "packet.h"
-#include "buffer.h"
-#include "key.h"
 #include "auth-options.h"
 #include "log.h"
 #include "misc.h"	/* servconf.h needs misc.h for struct ForwardOptions */
@@ -47,12 +45,14 @@
 #include "hostfile.h"
 #include "auth.h"
 #include "ssh.h"
+#include "ssh_api.h"
 
 int nischeck(char *);
 
 int
-sys_auth_passwd(Authctxt *authctxt, const char *password)
+sys_auth_passwd(struct ssh *ssh, const char *password)
 {
+	Authctxt *authctxt = ssh->authctxt;
 	struct passwd *pw = authctxt->pw;
 	char *salt;
 	int result;
@@ -60,6 +60,9 @@ sys_auth_passwd(Authctxt *authctxt, const char *password)
 	/* Just use the supplied fake password if authctxt is invalid */
 	char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd;
 
+	if (pw_password == NULL)
+		return 0;
+
 	/* Check for users with no password. */
 	if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0)
 		return (1);
@@ -97,7 +100,7 @@ nischeck(char *namep)
 
 	if ((fd = fopen (password_file, "r")) == NULL) {
 		/*
-		 * If the passwd file has dissapeared we are in a bad state.
+		 * If the passwd file has disappeared we are in a bad state.
 		 * However, returning 0 will send us back through the
 		 * authentication scheme that has checked the ia database for
 		 * passwords earlier.