diff options
| author | Kevin Steves <stevesk@pobox.com> | 2001-11-09 20:22:16 +0000 |
|---|---|---|
| committer | Kevin Steves <stevesk@pobox.com> | 2001-11-09 20:22:16 +0000 |
| commit | de77b464c6214139ff5ef65521621d9245472c68 (patch) | |
| tree | 6fb6c050c3b1a789d8d7281ffc4e62040ec8a2ef /auth-pam.c | |
| parent | e589a299a1c1cf26035cddf3996107500242ba1d (diff) | |
| download | openssh-git-de77b464c6214139ff5ef65521621d9245472c68.tar.gz | |
- (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK)
if permit_empty_passwd == 0 so null password check cannot be bypassed.
jayaraj@amritapuri.com OpenBSD bug 2168
Diffstat (limited to 'auth-pam.c')
| -rw-r--r-- | auth-pam.c | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -35,7 +35,7 @@ extern char *__progname; -RCSID("$Id: auth-pam.c,v 1.40 2001/10/28 17:32:38 stevesk Exp $"); +RCSID("$Id: auth-pam.c,v 1.41 2001/11/09 20:22:17 stevesk Exp $"); #define NEW_AUTHTOK_MSG \ "Warning: Your password has expired, please change it now" @@ -217,7 +217,8 @@ int auth_pam_password(struct passwd *pw, const char *password) __pampasswd = password; pamstate = INITIAL_LOGIN; - pam_retval = do_pam_authenticate(0); + pam_retval = do_pam_authenticate( + options.permit_empty_passwd == 0 ? PAM_DISALLOW_NULL_AUTHTOK : 0); if (pam_retval == PAM_SUCCESS) { debug("PAM Password authentication accepted for " "user \"%.100s\"", pw->pw_name); |