diff options
author | Damien Miller <djm@mindrot.org> | 2003-09-03 07:32:45 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2003-09-03 07:32:45 +1000 |
commit | 856f0be66908352828bb595f7ad5213623c0c610 (patch) | |
tree | 607c8df162abc4a5aa61cbaad86f9a4aaf71718a /monitor.c | |
parent | 39638b6aebf5ca69ba75c79c0cc0572e1f396258 (diff) |
- markus@cvs.openbsd.org 2003/08/26 09:58:43
[auth-passwd.c auth.c auth.h auth1.c auth2-none.c auth2-passwd.c]
[auth2.c monitor.c]
fix passwd auth for 'username leaks via timing'; with djm@, original
patches from solar
Diffstat (limited to 'monitor.c')
-rw-r--r-- | monitor.c | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -649,7 +649,7 @@ mm_answer_authpassword(int socket, Buffer *m) | |||
649 | passwd = buffer_get_string(m, &plen); | 649 | passwd = buffer_get_string(m, &plen); |
650 | /* Only authenticate if the context is valid */ | 650 | /* Only authenticate if the context is valid */ |
651 | authenticated = options.password_authentication && | 651 | authenticated = options.password_authentication && |
652 | auth_password(authctxt, passwd) && authctxt->valid; | 652 | auth_password(authctxt, passwd); |
653 | memset(passwd, 0, strlen(passwd)); | 653 | memset(passwd, 0, strlen(passwd)); |
654 | xfree(passwd); | 654 | xfree(passwd); |
655 | 655 | ||