diff options
author | Darren Tucker <dtucker@zip.com.au> | 2005-11-22 19:42:42 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2005-11-22 19:42:42 +1100 |
commit | f4732f647572f40d93f4fbd1e65d744ed10b2620 (patch) | |
tree | e26808c082fcbca769626081462a9e8f764f4d22 /auth-krb5.c | |
parent | e8400da9d53700872c9dea6b9d52af98c59022b9 (diff) |
- dtucker@cvs.openbsd.org 2005/11/21 09:42:10
[auth-krb5.c]
Perform Kerberos calls even for invalid users to prevent leaking
information about account validity. bz #975, patch originally from
Senthil Kumar, sanity checked by Simon Wilkinson, tested by djm@, biorn@,
ok markus@
Diffstat (limited to 'auth-krb5.c')
-rw-r--r-- | auth-krb5.c | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/auth-krb5.c b/auth-krb5.c index a84e5401c..64d613543 100644 --- a/auth-krb5.c +++ b/auth-krb5.c | |||
@@ -28,7 +28,7 @@ | |||
28 | */ | 28 | */ |
29 | 29 | ||
30 | #include "includes.h" | 30 | #include "includes.h" |
31 | RCSID("$OpenBSD: auth-krb5.c,v 1.15 2003/11/21 11:57:02 djm Exp $"); | 31 | RCSID("$OpenBSD: auth-krb5.c,v 1.16 2005/11/21 09:42:10 dtucker Exp $"); |
32 | 32 | ||
33 | #include "ssh.h" | 33 | #include "ssh.h" |
34 | #include "ssh1.h" | 34 | #include "ssh1.h" |
@@ -69,9 +69,6 @@ auth_krb5_password(Authctxt *authctxt, const char *password) | |||
69 | krb5_ccache ccache = NULL; | 69 | krb5_ccache ccache = NULL; |
70 | int len; | 70 | int len; |
71 | 71 | ||
72 | if (!authctxt->valid) | ||
73 | return (0); | ||
74 | |||
75 | temporarily_use_uid(authctxt->pw); | 72 | temporarily_use_uid(authctxt->pw); |
76 | 73 | ||
77 | problem = krb5_init(authctxt); | 74 | problem = krb5_init(authctxt); |
@@ -188,7 +185,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password) | |||
188 | else | 185 | else |
189 | return (0); | 186 | return (0); |
190 | } | 187 | } |
191 | return (1); | 188 | return (authctxt->valid ? 1 : 0); |
192 | } | 189 | } |
193 | 190 | ||
194 | void | 191 | void |