From 456727ae07a7dbd6d6eb9e4fd9521e012d1d0771 Mon Sep 17 00:00:00 2001
From: dtucker <dtucker>
Date: Sun, 7 Mar 2010 12:05:17 +0000
Subject:    - dtucker@cvs.openbsd.org 2010/03/07 11:57:13      [auth-rhosts.c
 monitor.c monitor_wrap.c session.c auth-options.c sshd.c]      Hold
 authentication debug messages until after successful authentication.     
 Fixes an info leak of environment variables specified in authorized_keys,    
  reported by Jacob Appelbaum.  ok djm@

---
 session.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'session.c')

diff --git a/session.c b/session.c
index b384b7d8..639405fe 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.251 2010/01/12 08:33:17 dtucker Exp $ */
+/* $OpenBSD: session.c,v 1.252 2010/03/07 11:57:13 dtucker Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -271,6 +271,8 @@ do_authenticated(Authctxt *authctxt)
 	if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
 		channel_permit_all_opens();
 
+	auth_debug_send();
+
 	if (compat20)
 		do_authenticated2(authctxt);
 	else
-- 
cgit v1.2.1