[Bug 749] Connection is dropped for invalid user
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Wed Oct 29 00:47:34 EST 2003
http://bugzilla.mindrot.org/show_bug.cgi?id=749
Summary: Connection is dropped for invalid user
Product: Portable OpenSSH
Version: -current
Platform: Alpha
OS/Version: AIX
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: Heinrich.Mislik at univie.ac.at
If connecting to a server with an illegal userid und an rsa1 key, the connection
is dropped immediatly. Normaly, a wrong username will stay in the auth_loop and
keep requesting authentication from the user. The reason is in auth-rsa.c in
line 293:
/* no user given */
if (pw == NULL)
return 0;
Invalid users nolonger are passwd as NULL-pointers, a faked pw struct is used
instead. This results in a call to temporarily_use_uid(pw) with the faked pw
struct, which fails with fatal().
As a patch I tried
/* no user given */
if (pw == fakepw())
return 0;
which worked, but maybe is not the best solution.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list