Mercurial > dropbear
diff svr-authpasswd.c @ 677:55b84e59aaad
Fix empty password immediate login
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Wed, 09 May 2012 22:51:59 +0800 |
| parents | 0edf08895a33 |
| children | c58a15983808 |
line wrap: on
line diff
--- a/svr-authpasswd.c Wed May 09 22:37:04 2012 +0800 +++ b/svr-authpasswd.c Wed May 09 22:51:59 2012 +0800 @@ -39,7 +39,6 @@ char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */ char * testcrypt = NULL; /* crypt generated from the user's password sent */ unsigned char * password; - int success_blank = 0; unsigned int passwordlen; unsigned int changepw; @@ -68,19 +67,13 @@ /* check for empty password */ if (passwdcrypt[0] == '\0') { -#ifdef ALLOW_BLANK_PASSWORD - if (passwordlen == 0) { - success_blank = 1; - } -#else dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected", ses.authstate.pw_name); send_msg_userauth_failure(0, 1); return; -#endif } - if (success_blank || strcmp(testcrypt, passwdcrypt) == 0) { + if (strcmp(testcrypt, passwdcrypt) == 0) { /* successful authentication */ dropbear_log(LOG_NOTICE, "Password auth succeeded for '%s' from %s",