- markus@cvs.openbsd.org 2001/11/11 13:02:31

[servconf.c]
     make AuthorizedKeysFile2 fallback to AuthorizedKeysFile if AuthorizedKeysFile is specified.

ChangeLog

@@ -67,6 +67,9 @@
    - markus@cvs.openbsd.org 2001/11/10 13:37:20
      [packet.c]
      remove extra debug()
+   - markus@cvs.openbsd.org 2001/11/11 13:02:31
+     [servconf.c]
+     make AuthorizedKeysFile2 fallback to AuthorizedKeysFile if AuthorizedKeysFile is specified.
 
 20011109
  - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK)
@@ -6879,4 +6882,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1655 2001/11/12 00:07:58 djm Exp $
+$Id: ChangeLog,v 1.1656 2001/11/12 00:14:35 djm Exp $

servconf.c

@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.89 2001/08/16 19:18:34 jakob Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.90 2001/11/11 13:02:31 markus Exp $");
 
 #if defined(KRB4) || defined(KRB5)
 #include <krb.h>
@@ -213,8 +213,15 @@ fill_default_server_options(ServerOptions *options)
 		options->client_alive_count_max = 3;
 	if (options->authorized_keys_file == NULL)
 		options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
-	if (options->authorized_keys_file2 == NULL)
-		options->authorized_keys_file2 = _PATH_SSH_USER_PERMITTED_KEYS2;
+	if (options->authorized_keys_file2 == NULL) {
+		/* authorized_keys_file2 falls back to authorized_keys_file */
+		if (options->authorized_keys_file != NULL)
+			options->authorized_keys_file2 = options->authorized_keys_file;
+		else
+			options->authorized_keys_file2 = _PATH_SSH_USER_PERMITTED_KEYS2;
+	}
+	if (options->authorized_keys_file == NULL)
+		options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
 	if (options->pam_authentication_via_kbd_int == -1)
 		options->pam_authentication_via_kbd_int = 0;
 }