From 8f9d5073d8bed2c15843eb0c374b70b4c9486605 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Thu, 16 Dec 1999 15:10:45 +1100
Subject:  - Correctly handle empty passwords in shadow file. Patch from:   
 "Chris, the Young One" <cky@pobox.com>

---
 auth-passwd.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'auth-passwd.c')

diff --git a/auth-passwd.c b/auth-passwd.c
index efae0fd2b..d197840e8 100644
--- a/auth-passwd.c
+++ b/auth-passwd.c
@@ -11,7 +11,7 @@
 
 #ifndef HAVE_PAM
 
-RCSID("$Id: auth-passwd.c,v 1.8 1999/12/06 00:47:28 damien Exp $");
+RCSID("$Id: auth-passwd.c,v 1.9 1999/12/16 04:10:45 damien Exp $");
 
 #include "packet.h"
 #include "ssh.h"
@@ -76,6 +76,10 @@ auth_password(struct passwd * pw, const char *password)
 	if ((spw->sp_namp == NULL) || (strcmp(pw->pw_name, spw->sp_namp) != 0))
 		fatal("Shadow lookup returned garbage.");
 
+	/* Check for users with no password. */
+	if (strcmp(password, "") == 0 && strcmp(spw->sp_pwdp, "") == 0)
+		return 1;
+
 	if (strlen(spw->sp_pwdp) < 3)
 		return(0);
 
-- 
cgit v1.2.3