diff options
author | Darren Tucker <dtucker@zip.com.au> | 2004-07-01 14:00:14 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2004-07-01 14:00:14 +1000 |
commit | 1f7e40864faa5632696718ea6950ebdb4df41ce5 (patch) | |
tree | d8633b4319d042717990cf7e8968e669677c2642 /auth-pam.c | |
parent | e2ba9c2e83101eaae3c4e703d4978ff9c0f560c3 (diff) |
- (dtucker) [auth-pam.c] Bug #559 (last piece): Pass DISALLOW_NULL_AUTHTOK
to pam_authenticate for challenge-response auth too. Originally from
fcusack at fcusack.com, ok djm@
Diffstat (limited to 'auth-pam.c')
-rw-r--r-- | auth-pam.c | 6 |
1 files changed, 4 insertions, 2 deletions
@@ -47,7 +47,7 @@ /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ #include "includes.h" -RCSID("$Id: auth-pam.c,v 1.109 2004/07/01 02:38:15 dtucker Exp $"); +RCSID("$Id: auth-pam.c,v 1.110 2004/07/01 04:00:15 dtucker Exp $"); #ifdef USE_PAM #if defined(HAVE_SECURITY_PAM_APPL_H) @@ -356,6 +356,8 @@ sshpam_thread(void *ctxtp) struct pam_ctxt *ctxt = ctxtp; Buffer buffer; struct pam_conv sshpam_conv; + int flags = (options.permit_empty_passwd == 0 ? + PAM_DISALLOW_NULL_AUTHTOK : 0); #ifndef USE_POSIX_THREADS extern char **environ; char **env_from_pam; @@ -378,7 +380,7 @@ sshpam_thread(void *ctxtp) (const void *)&sshpam_conv); if (sshpam_err != PAM_SUCCESS) goto auth_fail; - sshpam_err = pam_authenticate(sshpam_handle, 0); + sshpam_err = pam_authenticate(sshpam_handle, flags); if (sshpam_err != PAM_SUCCESS) goto auth_fail; |