diff options
| author | Damien Miller <djm@mindrot.org> | 1999-12-31 08:49:13 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 1999-12-31 08:49:13 +1100 |
| commit | 8eb0fd6d6fee368ff0c3de479b0c18763fe3ea3a (patch) | |
| tree | 274f73a6e3c7272b0a22892078b564561e886d37 | |
| parent | 8bdeee25f8c0215812cdcdbd24f8c5b308a7b76a (diff) | |
- Fix password support on systems with a mixture of shadowed and
non-shadowed passwords (e.g. NIS). Report and fix from
HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
| -rw-r--r-- | ChangeLog | 9 | ||||
| -rw-r--r-- | auth-passwd.c | 16 |
2 files changed, 17 insertions, 8 deletions
@@ -1,13 +1,22 @@ +19991231 + - Fix password support on systems with a mixture of shadowed and + non-shadowed passwords (e.g. NIS). Report and fix from + HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> + 19991230 - OpenBSD CVS updates: - [auth-passwd.c] check for NULL 1st - Removed most of the pam code into its own file auth-pam.[ch]. This cleaned up sshd.c up significantly. + - PAM authentication was incorrectly interpreting + "PermitRootLogin without-password". Report from Matthias Andree + <ma@dt.e-technik.uni-dortmund.de - Several other cleanups - Merged Dante SOCKS support patch from David Rankin <drankin@bohemians.lexington.ky.us> - Updated documentation with ./configure options + - Released 1.2.1pre23 19991229 - Applied another NetBSD portability patch from David Rankin diff --git a/auth-passwd.c b/auth-passwd.c index e91893ae..c3347030 100644 --- a/auth-passwd.c +++ b/auth-passwd.c @@ -11,7 +11,7 @@ #ifndef USE_PAM -RCSID("$Id: auth-passwd.c,v 1.13 1999/12/29 22:48:15 damien Exp $"); +RCSID("$Id: auth-passwd.c,v 1.14 1999/12/30 21:49:13 damien Exp $"); #include "packet.h" #include "ssh.h" @@ -76,14 +76,14 @@ auth_password(struct passwd * pw, const char *password) #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) spw = getspnam(pw->pw_name); - if (spw == NULL) - return(0); + if (spw != NULL) + { + /* Check for users with no password. */ + if (strcmp(password, "") == 0 && strcmp(spw->sp_pwdp, "") == 0) + return 1; - /* Check for users with no password. */ - if (strcmp(password, "") == 0 && strcmp(spw->sp_pwdp, "") == 0) - return 1; - - pw_password = spw->sp_pwdp; + pw_password = spw->sp_pwdp; + } #endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ if (pw_password[0] != '\0') |