diff options
| author | Damien Miller <djm@mindrot.org> | 2010-06-26 10:01:33 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2010-06-26 10:01:33 +1000 |
| commit | bda3ecafcafd85856c6ffd0ba54b85afe6d71a84 (patch) | |
| tree | d178623178ba625c2880c0ee62cc0ddf9d75e524 | |
| parent | 8853ca5fc46b7b71c74baeefb9b0899c7fcfdb9a (diff) | |
- djm@cvs.openbsd.org 2010/06/25 08:46:17
[auth1.c auth2-none.c]
skip the initial check for access with an empty password when
PermitEmptyPasswords=no; bz#1638; ok markus@
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | auth1.c | 4 | ||||
| -rw-r--r-- | auth2-none.c | 4 |
3 files changed, 8 insertions, 4 deletions
| @@ -63,6 +63,10 @@ | |||
| 63 | internal-sftp accidentally introduced in r1.253 by removing the code | 63 | internal-sftp accidentally introduced in r1.253 by removing the code |
| 64 | that opens and dup /dev/null to stderr and modifying the channels code | 64 | that opens and dup /dev/null to stderr and modifying the channels code |
| 65 | to read stderr but discard it instead; ok markus@ | 65 | to read stderr but discard it instead; ok markus@ |
| 66 | - djm@cvs.openbsd.org 2010/06/25 08:46:17 | ||
| 67 | [auth1.c auth2-none.c] | ||
| 68 | skip the initial check for access with an empty password when | ||
| 69 | PermitEmptyPasswords=no; bz#1638; ok markus@ | ||
| 66 | 70 | ||
| 67 | 20100622 | 71 | 20100622 |
| 68 | - (djm) [loginrec.c] crank LINFO_NAMESIZE (username length) to 512 | 72 | - (djm) [loginrec.c] crank LINFO_NAMESIZE (username length) to 512 |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth1.c,v 1.73 2008/07/04 23:30:16 djm Exp $ */ | 1 | /* $OpenBSD: auth1.c,v 1.74 2010/06/25 08:46:17 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| 4 | * All rights reserved | 4 | * All rights reserved |
| @@ -244,7 +244,7 @@ do_authloop(Authctxt *authctxt) | |||
| 244 | authctxt->valid ? "" : "invalid user ", authctxt->user); | 244 | authctxt->valid ? "" : "invalid user ", authctxt->user); |
| 245 | 245 | ||
| 246 | /* If the user has no password, accept authentication immediately. */ | 246 | /* If the user has no password, accept authentication immediately. */ |
| 247 | if (options.password_authentication && | 247 | if (options.permit_empty_passwd && options.password_authentication && |
| 248 | #ifdef KRB5 | 248 | #ifdef KRB5 |
| 249 | (!options.kerberos_authentication || options.kerberos_or_local_passwd) && | 249 | (!options.kerberos_authentication || options.kerberos_or_local_passwd) && |
| 250 | #endif | 250 | #endif |
diff --git a/auth2-none.c b/auth2-none.c index 08f2f935f..c8c6c74a9 100644 --- a/auth2-none.c +++ b/auth2-none.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth2-none.c,v 1.15 2008/07/02 12:36:39 djm Exp $ */ | 1 | /* $OpenBSD: auth2-none.c,v 1.16 2010/06/25 08:46:17 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -61,7 +61,7 @@ userauth_none(Authctxt *authctxt) | |||
| 61 | { | 61 | { |
| 62 | none_enabled = 0; | 62 | none_enabled = 0; |
| 63 | packet_check_eom(); | 63 | packet_check_eom(); |
| 64 | if (options.password_authentication) | 64 | if (options.permit_empty_passwd && options.password_authentication) |
| 65 | return (PRIVSEP(auth_password(authctxt, ""))); | 65 | return (PRIVSEP(auth_password(authctxt, ""))); |
| 66 | return (0); | 66 | return (0); |
| 67 | } | 67 | } |