summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog2
-rw-r--r--auth-passwd.c22
2 files changed, 18 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index 5cfeef7f7..61e54c226 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -8,6 +8,8 @@
8 - OpenBSD CVS update: 8 - OpenBSD CVS update:
9 - [sshconnect.c] 9 - [sshconnect.c]
10 say "REMOTE HOST IDENTIFICATION HAS CHANGED" 10 say "REMOTE HOST IDENTIFICATION HAS CHANGED"
11 - Fix DISABLE_SHADOW support
12 - Allow MD5 passwords even if shadow passwords are disabled
11 13
1219991218 1419991218
13 - Redhat init script patch from Chun-Chung Chen 15 - Redhat init script patch from Chun-Chung Chen
diff --git a/auth-passwd.c b/auth-passwd.c
index d197840e8..fc0809e16 100644
--- a/auth-passwd.c
+++ b/auth-passwd.c
@@ -11,7 +11,7 @@
11 11
12#ifndef HAVE_PAM 12#ifndef HAVE_PAM
13 13
14RCSID("$Id: auth-passwd.c,v 1.9 1999/12/16 04:10:45 damien Exp $"); 14RCSID("$Id: auth-passwd.c,v 1.10 1999/12/21 10:03:09 damien Exp $");
15 15
16#include "packet.h" 16#include "packet.h"
17#include "ssh.h" 17#include "ssh.h"
@@ -68,7 +68,7 @@ auth_password(struct passwd * pw, const char *password)
68 if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0) 68 if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0)
69 return 1; 69 return 1;
70 70
71#ifdef HAVE_SHADOW_H 71#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
72 spw = getspnam(pw->pw_name); 72 spw = getspnam(pw->pw_name);
73 if (spw == NULL) 73 if (spw == NULL)
74 return(0); 74 return(0);
@@ -94,12 +94,22 @@ auth_password(struct passwd * pw, const char *password)
94#endif /* HAVE_MD5_PASSWORDS */ 94#endif /* HAVE_MD5_PASSWORDS */
95 /* Authentication is accepted if the encrypted passwords are identical. */ 95 /* Authentication is accepted if the encrypted passwords are identical. */
96 return (strcmp(encrypted_password, spw->sp_pwdp) == 0); 96 return (strcmp(encrypted_password, spw->sp_pwdp) == 0);
97#else /* !HAVE_SHADOW_H */ 97#else /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */
98 encrypted_password = crypt(password, 98
99 (pw->pw_passwd[0] && pw->pw_passwd[1]) ? pw->pw_passwd : "xx"); 99 if (strlen(pw->pw_passwd) < 3)
100 return(0);
101
102#ifdef HAVE_MD5_PASSWORDS
103 if (is_md5_salt(pw->pw_passwd))
104 encrypted_password = md5_crypt(password, pw->pw_passwd);
105 else
106 encrypted_password = crypt(password, pw->pw_passwd);
107#else /* HAVE_MD5_PASSWORDS */
108 encrypted_password = crypt(password, pw->pw_passwd);
109#endif /* HAVE_MD5_PASSWORDS */
100 110
101 /* Authentication is accepted if the encrypted passwords are identical. */ 111 /* Authentication is accepted if the encrypted passwords are identical. */
102 return (strcmp(encrypted_password, pw->pw_passwd) == 0); 112 return (strcmp(encrypted_password, pw->pw_passwd) == 0);
103#endif /* !HAVE_SHADOW_H */ 113#endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */
104} 114}
105#endif /* !HAVE_PAM */ 115#endif /* !HAVE_PAM */