Mercurial > dropbear

comparison svr-authpasswd.c @ 677:55b84e59aaad

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix empty password immediate login
author Matt Johnston <matt@ucc.asn.au>
date Wed, 09 May 2012 22:51:59 +0800
parents 0edf08895a33
children c58a15983808
comparison
equal deleted inserted replaced
676:0edf08895a33 677:55b84e59aaad
37 void svr_auth_password() { 37 void svr_auth_password() {
38 38
39 char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */ 39 char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */
40 char * testcrypt = NULL; /* crypt generated from the user's password sent */ 40 char * testcrypt = NULL; /* crypt generated from the user's password sent */
41 unsigned char * password; 41 unsigned char * password;
42 int success_blank = 0;
43 unsigned int passwordlen; 42 unsigned int passwordlen;
44 43
45 unsigned int changepw; 44 unsigned int changepw;
46 45
47 passwdcrypt = ses.authstate.pw_passwd; 46 passwdcrypt = ses.authstate.pw_passwd;
66 m_burn(password, passwordlen); 65 m_burn(password, passwordlen);
67 m_free(password); 66 m_free(password);
68 67
69 /* check for empty password */ 68 /* check for empty password */
70 if (passwdcrypt[0] == '\0') { 69 if (passwdcrypt[0] == '\0') {
71 #ifdef ALLOW_BLANK_PASSWORD
72 if (passwordlen == 0) {
73 success_blank = 1;
74 }
75 #else
76 dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected", 70 dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected",
77 ses.authstate.pw_name); 71 ses.authstate.pw_name);
78 send_msg_userauth_failure(0, 1); 72 send_msg_userauth_failure(0, 1);
79 return; 73 return;
80 #endif
81 } 74 }
82 75
83 if (success_blank || strcmp(testcrypt, passwdcrypt) == 0) { 76 if (strcmp(testcrypt, passwdcrypt) == 0) {
84 /* successful authentication */ 77 /* successful authentication */
85 dropbear_log(LOG_NOTICE, 78 dropbear_log(LOG_NOTICE,
86 "Password auth succeeded for '%s' from %s", 79 "Password auth succeeded for '%s' from %s",
87 ses.authstate.pw_name, 80 ses.authstate.pw_name,
88 svr_ses.addrstring); 81 svr_ses.addrstring);