Date: Fri, 2 Aug 2002 03:14:19 -0700 (PDT) From: Dag-Erling Smorgrav <des@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/lib/libpam/modules/pam_unix pam_unix.c Message-ID: <200208021014.g72AEJt8089068@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
des 2002/08/02 03:14:19 PDT
Modified files: (Branch: RELENG_4)
lib/libpam/modules/pam_unix pam_unix.c
Log:
Fix an inverted test that, instead of checking for a null password, checked
for a null response. This caused pam_sm_authenticate() to always succeed
if the user's password was null (which in itself isn't so bad, except it
didn't honor the PAM_DISALLOW_NULL_AUTHTOK flag).
Merge some more code from -CURRENT that adds the "nullok" option and checks
both that and the PAM_DISALLOW_NULL_AUTHTOK flag before allowing a user
with a null password to log in.
Revision Changes Path
1.4.2.4 +18 -23 src/lib/libpam/modules/pam_unix/pam_unix.c
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208021014.g72AEJt8089068>