- Fix password support on systems with a mixture of shadowed and
non-shadowed passwords (e.g. NIS). Report and fix from
HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
diff --git a/ChangeLog b/ChangeLog
index ceddf74..cacdb85 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,13 +1,22 @@
+19991231
+ - Fix password support on systems with a mixture of shadowed and
+ non-shadowed passwords (e.g. NIS). Report and fix from
+ HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
+
19991230
- OpenBSD CVS updates:
- [auth-passwd.c]
check for NULL 1st
- Removed most of the pam code into its own file auth-pam.[ch]. This
cleaned up sshd.c up significantly.
+ - PAM authentication was incorrectly interpreting
+ "PermitRootLogin without-password". Report from Matthias Andree
+ <ma@dt.e-technik.uni-dortmund.de
- Several other cleanups
- Merged Dante SOCKS support patch from David Rankin
<drankin@bohemians.lexington.ky.us>
- Updated documentation with ./configure options
+ - Released 1.2.1pre23
19991229
- Applied another NetBSD portability patch from David Rankin
diff --git a/auth-passwd.c b/auth-passwd.c
index e91893a..c334703 100644
--- a/auth-passwd.c
+++ b/auth-passwd.c
@@ -11,7 +11,7 @@
#ifndef USE_PAM
-RCSID("$Id: auth-passwd.c,v 1.13 1999/12/29 22:48:15 damien Exp $");
+RCSID("$Id: auth-passwd.c,v 1.14 1999/12/30 21:49:13 damien Exp $");
#include "packet.h"
#include "ssh.h"
@@ -76,14 +76,14 @@
#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
spw = getspnam(pw->pw_name);
- if (spw == NULL)
- return(0);
+ if (spw != NULL)
+ {
+ /* Check for users with no password. */
+ if (strcmp(password, "") == 0 && strcmp(spw->sp_pwdp, "") == 0)
+ return 1;
- /* Check for users with no password. */
- if (strcmp(password, "") == 0 && strcmp(spw->sp_pwdp, "") == 0)
- return 1;
-
- pw_password = spw->sp_pwdp;
+ pw_password = spw->sp_pwdp;
+ }
#endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */
if (pw_password[0] != '\0')