===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/Attic/auth-krb4.c,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- src/usr.bin/ssh/Attic/auth-krb4.c	2000/09/07 20:27:49	1.18
+++ src/usr.bin/ssh/Attic/auth-krb4.c	2000/10/03 18:03:02	1.19
@@ -28,7 +28,7 @@
 #include "ssh.h"
 #include "servconf.h"
 
-RCSID("$OpenBSD: auth-krb4.c,v 1.18 2000/09/07 20:27:49 deraadt Exp $");
+RCSID("$OpenBSD: auth-krb4.c,v 1.19 2000/10/03 18:03:02 markus Exp $");
 
 #ifdef KRB4
 char *ticket = NULL;
@@ -280,6 +280,8 @@
 {
 	CREDENTIALS creds;
 
+	if (pw == NULL)
+		goto auth_kerberos_tgt_failure;
 	if (!radix_to_creds(string, &creds)) {
 		log("Protocol error decoding Kerberos V4 tgt");
 		packet_send_debug("Protocol error decoding Kerberos V4 tgt");
@@ -334,8 +336,16 @@
 auth_afs_token(struct passwd *pw, const char *token_string)
 {
 	CREDENTIALS creds;
-	uid_t uid = pw->pw_uid;
+	uid_t uid;
 
+	if (pw == NULL) {
+		/* XXX fake protocol error */
+		packet_send_debug("Protocol error decoding AFS token");
+		packet_start(SSH_SMSG_FAILURE);
+		packet_send();
+		packet_write_wait();
+		return 0;
+	}
 	if (!radix_to_creds(token_string, &creds)) {
 		log("Protocol error decoding AFS token");
 		packet_send_debug("Protocol error decoding AFS token");
@@ -349,6 +359,8 @@
 
 	if (strncmp(creds.pname, "AFS ID ", 7) == 0)
 		uid = atoi(creds.pname + 7);
+	else
+		uid = pw->pw_uid;
 
 	if (kafs_settoken(creds.realm, uid, &creds)) {
 		log("AFS token (%s@%s) rejected for %s", creds.pname, creds.realm,