- (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK) if permit_empty_passwd == 0 so null password check cannot be bypassed. jayaraj@amritapuri.com OpenBSD bug 2168

commit: de77b464c6214139ff5ef65521621d9245472c68 [log] [tgz]
author: Kevin Steves <stevesk@pobox.com> Fri Nov 09 20:22:16 2001 +0000
committer: Kevin Steves <stevesk@pobox.com> Fri Nov 09 20:22:16 2001 +0000
tree: 6fb6c050c3b1a789d8d7281ffc4e62040ec8a2ef
parent: e589a299a1c1cf26035cddf3996107500242ba1d [diff] [blame]
diff --git a/auth-pam.c b/auth-pam.c
index 29d3566..0132e47 100644
--- a/auth-pam.c
+++ b/auth-pam.c

@@ -35,7 +35,7 @@
 
 extern char *__progname;
 
-RCSID("$Id: auth-pam.c,v 1.40 2001/10/28 17:32:38 stevesk Exp $");
+RCSID("$Id: auth-pam.c,v 1.41 2001/11/09 20:22:17 stevesk Exp $");
 
 #define NEW_AUTHTOK_MSG \
 	"Warning: Your password has expired, please change it now"
@@ -217,7 +217,8 @@
 	__pampasswd = password;
 
 	pamstate = INITIAL_LOGIN;
-	pam_retval = do_pam_authenticate(0);
+	pam_retval = do_pam_authenticate(
+	    options.permit_empty_passwd == 0 ? PAM_DISALLOW_NULL_AUTHTOK : 0);
 	if (pam_retval == PAM_SUCCESS) {
 		debug("PAM Password authentication accepted for "
 		    "user \"%.100s\"", pw->pw_name);
commit	de77b464c6214139ff5ef65521621d9245472c68	[log] [tgz]
author	Kevin Steves <stevesk@pobox.com>	Fri Nov 09 20:22:16 2001 +0000
committer	Kevin Steves <stevesk@pobox.com>	Fri Nov 09 20:22:16 2001 +0000
tree	6fb6c050c3b1a789d8d7281ffc4e62040ec8a2ef
parent	e589a299a1c1cf26035cddf3996107500242ba1d [diff] [blame]