diff options
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | auth-passwd.c | 6 |
2 files changed, 8 insertions, 1 deletions
@@ -7,6 +7,9 @@ keysize warnings talk about identity files - [packet.c] "Connection closed by x.x.x.x": fatal() -> log() + - Correctly handle empty passwords in shadow file. Patch from: + "Chris, the Young One" <cky@pobox.com> + - Released 1.2.1pre18 19991215 - Integrated patchs from Juergen Keil <jk@tools.de> diff --git a/auth-passwd.c b/auth-passwd.c index efae0fd2..d197840e 100644 --- a/auth-passwd.c +++ b/auth-passwd.c @@ -11,7 +11,7 @@ #ifndef HAVE_PAM -RCSID("$Id: auth-passwd.c,v 1.8 1999/12/06 00:47:28 damien Exp $"); +RCSID("$Id: auth-passwd.c,v 1.9 1999/12/16 04:10:45 damien Exp $"); #include "packet.h" #include "ssh.h" @@ -76,6 +76,10 @@ auth_password(struct passwd * pw, const char *password) if ((spw->sp_namp == NULL) || (strcmp(pw->pw_name, spw->sp_namp) != 0)) fatal("Shadow lookup returned garbage."); + /* Check for users with no password. */ + if (strcmp(password, "") == 0 && strcmp(spw->sp_pwdp, "") == 0) + return 1; + if (strlen(spw->sp_pwdp) < 3) return(0); |