Mercurial > dropbear
diff svr-authpasswd.c @ 58:5edf356295af
merge of 3b1edf7489e1de452e30aaaec37d647db44e4328
and 6cdb6b2c0e0e0a600eeb5975e499c9303fe2d4d4
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Mon, 09 Aug 2004 03:21:20 +0000 |
parents | a48ba599292a |
children | eee77ac31ccc |
line wrap: on
line diff
--- a/svr-authpasswd.c Fri Aug 06 16:37:59 2004 +0000 +++ b/svr-authpasswd.c Mon Aug 09 03:21:20 2004 +0000 @@ -50,7 +50,7 @@ passwdcrypt = ses.authstate.pw->pw_passwd; #ifdef HAVE_SHADOW_H /* get the shadow password if possible */ - spasswd = getspnam(ses.authstate.pw->pw_name); + spasswd = getspnam(ses.authstate.printableuser); if (spasswd != NULL && spasswd->sp_pwdp != NULL) { passwdcrypt = spasswd->sp_pwdp; } @@ -87,6 +87,8 @@ /* the first bytes of passwdcrypt are the salt */ testcrypt = crypt((char*)password, passwdcrypt); + m_burn(password, passwordlen); + m_free(password); if (strcmp(testcrypt, passwdcrypt) == 0) { /* successful authentication */ @@ -101,8 +103,6 @@ send_msg_userauth_failure(0, 1); } - m_burn(password, passwordlen); - m_free(password); } #endif /* DROPBEAR_PASSWORD_AUTH */