diff options
| author | stevesk <stevesk> | 2001-11-09 20:22:16 +0000 |
|---|---|---|
| committer | stevesk <stevesk> | 2001-11-09 20:22:16 +0000 |
| commit | 69680211c5957c137be9c3b3751be53a66fe54c0 (patch) | |
| tree | 964b4e9555ebebade4ef4626536a09d57096f0f6 /auth-pam.c | |
| parent | 9233f7db4da75abc855b3f2ce838f3559f6217ec (diff) | |
| download | openssh-69680211c5957c137be9c3b3751be53a66fe54c0.tar.gz | |
- (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK)
if permit_empty_passwd == 0 so null password check cannot be bypassed.
jayaraj@amritapuri.com OpenBSD bug 2168
Diffstat (limited to 'auth-pam.c')
| -rw-r--r-- | auth-pam.c | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -35,7 +35,7 @@ extern char *__progname; -RCSID("$Id: auth-pam.c,v 1.40 2001/10/28 17:32:38 stevesk Exp $"); +RCSID("$Id: auth-pam.c,v 1.41 2001/11/09 20:22:17 stevesk Exp $"); #define NEW_AUTHTOK_MSG \ "Warning: Your password has expired, please change it now" @@ -217,7 +217,8 @@ int auth_pam_password(struct passwd *pw, const char *password) __pampasswd = password; pamstate = INITIAL_LOGIN; - pam_retval = do_pam_authenticate(0); + pam_retval = do_pam_authenticate( + options.permit_empty_passwd == 0 ? PAM_DISALLOW_NULL_AUTHTOK : 0); if (pam_retval == PAM_SUCCESS) { debug("PAM Password authentication accepted for " "user \"%.100s\"", pw->pw_name); |