diff options
-rw-r--r-- | ChangeLog | 2 | ||||
-rw-r--r-- | auth-passwd.c | 22 |
2 files changed, 18 insertions, 6 deletions
@@ -8,6 +8,8 @@ | |||
8 | - OpenBSD CVS update: | 8 | - OpenBSD CVS update: |
9 | - [sshconnect.c] | 9 | - [sshconnect.c] |
10 | say "REMOTE HOST IDENTIFICATION HAS CHANGED" | 10 | say "REMOTE HOST IDENTIFICATION HAS CHANGED" |
11 | - Fix DISABLE_SHADOW support | ||
12 | - Allow MD5 passwords even if shadow passwords are disabled | ||
11 | 13 | ||
12 | 19991218 | 14 | 19991218 |
13 | - Redhat init script patch from Chun-Chung Chen | 15 | - Redhat init script patch from Chun-Chung Chen |
diff --git a/auth-passwd.c b/auth-passwd.c index d197840e8..fc0809e16 100644 --- a/auth-passwd.c +++ b/auth-passwd.c | |||
@@ -11,7 +11,7 @@ | |||
11 | 11 | ||
12 | #ifndef HAVE_PAM | 12 | #ifndef HAVE_PAM |
13 | 13 | ||
14 | RCSID("$Id: auth-passwd.c,v 1.9 1999/12/16 04:10:45 damien Exp $"); | 14 | RCSID("$Id: auth-passwd.c,v 1.10 1999/12/21 10:03:09 damien Exp $"); |
15 | 15 | ||
16 | #include "packet.h" | 16 | #include "packet.h" |
17 | #include "ssh.h" | 17 | #include "ssh.h" |
@@ -68,7 +68,7 @@ auth_password(struct passwd * pw, const char *password) | |||
68 | if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0) | 68 | if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0) |
69 | return 1; | 69 | return 1; |
70 | 70 | ||
71 | #ifdef HAVE_SHADOW_H | 71 | #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) |
72 | spw = getspnam(pw->pw_name); | 72 | spw = getspnam(pw->pw_name); |
73 | if (spw == NULL) | 73 | if (spw == NULL) |
74 | return(0); | 74 | return(0); |
@@ -94,12 +94,22 @@ auth_password(struct passwd * pw, const char *password) | |||
94 | #endif /* HAVE_MD5_PASSWORDS */ | 94 | #endif /* HAVE_MD5_PASSWORDS */ |
95 | /* Authentication is accepted if the encrypted passwords are identical. */ | 95 | /* Authentication is accepted if the encrypted passwords are identical. */ |
96 | return (strcmp(encrypted_password, spw->sp_pwdp) == 0); | 96 | return (strcmp(encrypted_password, spw->sp_pwdp) == 0); |
97 | #else /* !HAVE_SHADOW_H */ | 97 | #else /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ |
98 | encrypted_password = crypt(password, | 98 | |
99 | (pw->pw_passwd[0] && pw->pw_passwd[1]) ? pw->pw_passwd : "xx"); | 99 | if (strlen(pw->pw_passwd) < 3) |
100 | return(0); | ||
101 | |||
102 | #ifdef HAVE_MD5_PASSWORDS | ||
103 | if (is_md5_salt(pw->pw_passwd)) | ||
104 | encrypted_password = md5_crypt(password, pw->pw_passwd); | ||
105 | else | ||
106 | encrypted_password = crypt(password, pw->pw_passwd); | ||
107 | #else /* HAVE_MD5_PASSWORDS */ | ||
108 | encrypted_password = crypt(password, pw->pw_passwd); | ||
109 | #endif /* HAVE_MD5_PASSWORDS */ | ||
100 | 110 | ||
101 | /* Authentication is accepted if the encrypted passwords are identical. */ | 111 | /* Authentication is accepted if the encrypted passwords are identical. */ |
102 | return (strcmp(encrypted_password, pw->pw_passwd) == 0); | 112 | return (strcmp(encrypted_password, pw->pw_passwd) == 0); |
103 | #endif /* !HAVE_SHADOW_H */ | 113 | #endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ |
104 | } | 114 | } |
105 | #endif /* !HAVE_PAM */ | 115 | #endif /* !HAVE_PAM */ |