Date: Mon, 28 Aug 2000 16:12:45 -0700 (PDT) From: mkiernan@avantgo.com To: FreeBSD-gnats-submit@freebsd.org Subject: bin/20909: incorrect handling of echo_pass option Message-ID: <20000828231245.D14B1F816@nayarit.avantgo.com>
next in thread | raw e-mail | index | archive | help
>Number: 20909 >Category: bin >Synopsis: The test for the echo_pass option is backwards. >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Aug 28 16:20:01 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Michael Kiernan >Release: FreeBSD 4.1-STABLE i386 >Organization: >Environment: I am running 4.1-STABLE but cvsup'ed the pam_opie.c module from the head of the development branch. >Description: The echo_pass PAM option, if present, is supposed to enable the echoing of passwords when the user types them in. The test for this option in the pam_opie module is backwards. That is it echos passwords when the option is not present in the PAM configuration file and fails to echo passwords when the option is present. >How-To-Repeat: 1. Make sure your account is setup to use Opie (i.e. you've used opiegen); 2. enable the pam_opie module in your PAM configuration file for the login service; 3. add/subtract the "echo_pass" option from the pam_module's configuration line in the PAM configuration file; 3. type your login name at the "login:" prompt; 4. type <return> at the "Password:" prompt; 5. you will get a "Password [echo on]:" prompt if the echo_pass option is not on, but you won't get it if the echo_pass option is turned on; 6. go back to step 3 and try it the other way around. >Fix: Index: pam_opie.c =================================================================== RCS file: /sbox/freebsd/cvs/root/src/lib/libpam/modules/pam_opie/pam_opie.c,v retrieving revision 1.1 diff -u -r1.1 pam_opie.c --- pam_opie.c 2000/04/17 00:14:42 1.1 +++ pam_opie.c 2000/08/28 22:40:35 @@ -79,7 +79,7 @@ opieunlock(); return retval; } - if (response[0] == '\0' && !(options & PAM_OPT_ECHO_PASS)) { + if (response[0] == '\0' && (options & PAM_OPT_ECHO_PASS)) { options |= PAM_OPT_ECHO_PASS; snprintf(prompt, sizeof prompt, "%s\nPassword [echo on]: ", challenge); >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000828231245.D14B1F816>