summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--auth-pam.c4
-rw-r--r--debian/changelog3
2 files changed, 6 insertions, 1 deletions
diff --git a/auth-pam.c b/auth-pam.c
index ec3b74951..9be57dacd 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -645,7 +645,9 @@ sshpam_respond(void *ctx, u_int num, char **resp)
645 return (-1); 645 return (-1);
646 } 646 }
647 buffer_init(&buffer); 647 buffer_init(&buffer);
648 if (sshpam_authctxt->valid) 648 if (sshpam_authctxt->valid &&
649 (sshpam_authctxt->pw->pw_uid != 0 ||
650 options.permit_root_login == PERMIT_YES))
649 buffer_put_cstring(&buffer, *resp); 651 buffer_put_cstring(&buffer, *resp);
650 else 652 else
651 buffer_put_cstring(&buffer, badpw); 653 buffer_put_cstring(&buffer, badpw);
diff --git a/debian/changelog b/debian/changelog
index 8693c48ef..ba873c472 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,9 @@ openssh (1:3.8.1p1-8.sarge.4) UNRELEASED; urgency=high
3 * Fix timing information leak allowing discovery of invalid usernames in 3 * Fix timing information leak allowing discovery of invalid usernames in
4 PAM keyboard-interactive authentication (backported from a patch by 4 PAM keyboard-interactive authentication (backported from a patch by
5 Darren Tucker; closes: #281595). 5 Darren Tucker; closes: #281595).
6 * Make sure that there's a delay in PAM keyboard-interactive
7 authentication when PermitRootLogin is not set to yes and the correct
8 root password is entered (closes: #248747).
6 9
7 -- Colin Watson <cjwatson@debian.org> Sun, 28 Nov 2004 12:12:55 +0000 10 -- Colin Watson <cjwatson@debian.org> Sun, 28 Nov 2004 12:12:55 +0000
8 11