diff options
author | Todd C. Miller <Todd.Miller@courtesan.com> | 2015-02-19 14:18:13 -0700 |
---|---|---|
committer | Todd C. Miller <Todd.Miller@courtesan.com> | 2015-02-19 14:18:13 -0700 |
commit | 5df79ffe4c37071ef71107879f1696aab6659e56 (patch) | |
tree | 78bc192c044d8007c067b8ac0446694d0e0508a0 | |
parent | 8332e9244fea29a89d509b046c3d7102add90388 (diff) | |
download | sudo-5df79ffe4c37071ef71107879f1696aab6659e56.tar.gz |
Historically, crypt() returned the empty string on error, which
ensured that crypt("", "") would return "", which supported matcing
empty encrypted passwords with no additional code. Some modern
versions of crypt() (such as glibc) return NULL on error so we need
an explicit test to match an empty plaintext password and an empty
encrypted password.
-rw-r--r-- | auth/passwd.c | 5 | ||||
-rw-r--r-- | auth/secureware.c | 4 |
2 files changed, 8 insertions, 1 deletions
diff --git a/auth/passwd.c b/auth/passwd.c index bea1ac051..36a438cbb 100644 --- a/auth/passwd.c +++ b/auth/passwd.c @@ -75,7 +75,9 @@ passwd_verify(pw, pass, auth) size_t pw_len; int matched = 0; - pw_len = strlen(pw_epasswd); + /* An empty plain-text password must match an empty encrypted password. */ + if (pass[0] == '\0') + return pw_epasswd[0] ? AUTH_FAILURE : AUTH_SUCCESS; #ifdef HAVE_GETAUTHUID /* Ultrix shadow passwords may use crypt16() */ @@ -89,6 +91,7 @@ passwd_verify(pw, pass, auth) * If this turns out not to be safe we will have to use OS #ifdef's (sigh). */ sav = pass[8]; + pw_len = strlen(pw_epasswd); if (pw_len == DESLEN || HAS_AGEINFO(pw_epasswd, pw_len)) pass[8] = '\0'; diff --git a/auth/secureware.c b/auth/secureware.c index bf9aa7720..4296d646f 100644 --- a/auth/secureware.c +++ b/auth/secureware.c @@ -80,6 +80,10 @@ secureware_verify(pw, pass, auth) #ifdef __alpha extern int crypt_type; + /* An empty plain-text password must match an empty encrypted password. */ + if (pass[0] == '\0') + return pw_epasswd[0] ? AUTH_FAILURE : AUTH_SUCCESS; + # ifdef HAVE_DISPCRYPT epass = dispcrypt(pass, pw_epasswd, crypt_type); # else |