--- sshd.old	Wed Apr 12 23:47:04 2000
+++ sshd.c	Thu Apr 13 00:35:54 2000
@@ -1121,6 +1121,7 @@
 	struct stat st;
 	struct group *grp;
 	int i;
+	char *shell;
 #ifdef WITH_AIXAUTHENTICATE
 	char *loginmsg;
 #endif /* WITH_AIXAUTHENTICATE */
@@ -1130,7 +1131,12 @@
 		return 0;
 
 	/* deny if shell does not exists or is not executable */
-	if (stat(pw->pw_shell, &st) != 0)
+	/* first make sure that "" == "/bin/sh", as specified in passwd(5) */
+	if (!pw->pw_shell || !strlen(pw->pw_shell))
+		shell = _PATH_BSHELL;
+	else
+		shell = pw->pw_shell;
+	if (stat(shell, &st) != 0)
 		return 0;
 	if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP))))
 		return 0;