upstream: remove vestige of when we supported running without privsep

djmdjm · djmdjm · commit 91c4d422cc0a · 2026-02-06T12:26:23.000+11:00
OpenBSD-Commit-ID: 5342c24d2330ef5ce357c294056f72b8123122c0
diff --git a/auth-bsdauth.c b/auth-bsdauth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-bsdauth.c,v 1.15 2018/07/09 21:35:50 markus Exp $ */
+/* $OpenBSD: auth-bsdauth.c,v 1.16 2026/02/06 01:24:36 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -125,14 +125,6 @@ bsdauth_free_ctx(void *ctx)
 	}
 }
 
-KbdintDevice bsdauth_device = {
-	"bsdauth",
-	bsdauth_init_ctx,
-	bsdauth_query,
-	bsdauth_respond,
-	bsdauth_free_ctx
-};
-
 KbdintDevice mm_bsdauth_device = {
 	"bsdauth",
 	bsdauth_init_ctx,
diff --git a/auth.h b/auth.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.h,v 1.108 2024/05/17 06:42:04 jsg Exp $ */
+/* $OpenBSD: auth.h,v 1.109 2026/02/06 01:24:36 djm Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -182,8 +182,6 @@ int	 auth2_update_methods_lists(Authctxt *, const char *, const char *);
 int	 auth2_setup_methods_lists(Authctxt *);
 int	 auth2_method_allowed(Authctxt *, const char *, const char *);
 
-void	privsep_challenge_enable(void);
-
 int	auth2_challenge(struct ssh *, char *);
 void	auth2_challenge_stop(struct ssh *);
 int	bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **);
diff --git a/auth2-chall.c b/auth2-chall.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-chall.c,v 1.57 2025/10/02 08:38:43 dtucker Exp $ */
+/* $OpenBSD: auth2-chall.c,v 1.58 2026/02/06 01:24:36 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2001 Per Allansson.  All rights reserved.
@@ -54,19 +54,19 @@ static int send_userauth_info_request(struct ssh *);
 static int input_userauth_info_response(int, u_int32_t, struct ssh *);
 
 #ifdef BSD_AUTH
-extern KbdintDevice bsdauth_device;
+extern KbdintDevice mm_bsdauth_device;
 #else
 #ifdef USE_PAM
-extern KbdintDevice sshpam_device;
+extern KbdintDevice mm_sshpam_device;
 #endif
 #endif
 
 KbdintDevice *devices[] = {
 #ifdef BSD_AUTH
-	&bsdauth_device,
+	&mm_bsdauth_device,
 #else
 #ifdef USE_PAM
-	&sshpam_device,
+	&mm_sshpam_device,
 #endif
 #endif
 	NULL
@@ -362,25 +362,3 @@ input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh)
 	    devicename);
 	return 0;
 }
-
-void
-privsep_challenge_enable(void)
-{
-#if defined(BSD_AUTH) || defined(USE_PAM)
-	int n = 0;
-#endif
-#ifdef BSD_AUTH
-	extern KbdintDevice mm_bsdauth_device;
-#endif
-#ifdef USE_PAM
-	extern KbdintDevice mm_sshpam_device;
-#endif
-
-#ifdef BSD_AUTH
-	devices[n++] = &mm_bsdauth_device;
-#else
-#ifdef USE_PAM
-	devices[n++] = &mm_sshpam_device;
-#endif
-#endif
-}
diff --git a/sshd-auth.c b/sshd-auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd-auth.c,v 1.10 2025/11/13 10:35:14 dtucker Exp $ */
+/* $OpenBSD: sshd-auth.c,v 1.11 2026/02/06 01:24:36 djm Exp $ */
 /*
  * SSH2 implementation:
  * Privilege Separation:
@@ -750,9 +750,6 @@ main(int ac, char **av)
 		fatal("sshbuf_new loginmsg failed");
 	auth_debug_reset();
 
-	/* Enable challenge-response authentication for privilege separation */
-	privsep_challenge_enable();
-
 #ifdef GSSAPI
 	/* Cache supported mechanism OIDs for later use */
 	ssh_gssapi_prepare_supported_oids();

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-/* $OpenBSD: auth-bsdauth.c,v 1.15 2018/07/09 21:35:50 markus Exp $ */`
	`1`	`+/* $OpenBSD: auth-bsdauth.c,v 1.16 2026/02/06 01:24:36 djm Exp $ */`
`2`	`2`	`/*`
`3`	`3`	`* Copyright (c) 2001 Markus Friedl. All rights reserved.`
`4`	`4`	`*`
`@@ -125,14 +125,6 @@ bsdauth_free_ctx(void *ctx)`
`125`	`125`	`}`
`126`	`126`	`}`
`127`	`127`
`128`		`-KbdintDevice bsdauth_device = {`
`129`		`- "bsdauth",`
`130`		`- bsdauth_init_ctx,`
`131`		`- bsdauth_query,`
`132`		`- bsdauth_respond,`
`133`		`- bsdauth_free_ctx`
`134`		`-};`
`135`		`-`
`136`	`128`	`KbdintDevice mm_bsdauth_device = {`
`137`	`129`	`"bsdauth",`
`138`	`130`	`bsdauth_init_ctx,`