diff options
author | Damien Miller <djm@mindrot.org> | 2003-09-03 07:32:45 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2003-09-03 07:32:45 +1000 |
commit | 856f0be66908352828bb595f7ad5213623c0c610 (patch) | |
tree | 607c8df162abc4a5aa61cbaad86f9a4aaf71718a /auth1.c | |
parent | 39638b6aebf5ca69ba75c79c0cc0572e1f396258 (diff) |
- markus@cvs.openbsd.org 2003/08/26 09:58:43
[auth-passwd.c auth.c auth.h auth1.c auth2-none.c auth2-passwd.c]
[auth2.c monitor.c]
fix passwd auth for 'username leaks via timing'; with djm@, original
patches from solar
Diffstat (limited to 'auth1.c')
-rw-r--r-- | auth1.c | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -299,8 +299,10 @@ do_authentication(void) | |||
299 | /* Verify that the user is a valid user. */ | 299 | /* Verify that the user is a valid user. */ |
300 | if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL) | 300 | if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL) |
301 | authctxt->valid = 1; | 301 | authctxt->valid = 1; |
302 | else | 302 | else { |
303 | debug("do_authentication: illegal user %s", user); | 303 | debug("do_authentication: illegal user %s", user); |
304 | authctxt->pw = fakepw(); | ||
305 | } | ||
304 | 306 | ||
305 | setproctitle("%s%s", authctxt->pw ? user : "unknown", | 307 | setproctitle("%s%s", authctxt->pw ? user : "unknown", |
306 | use_privsep ? " [net]" : ""); | 308 | use_privsep ? " [net]" : ""); |