3.6.1p2, Spurious PAM failure messages WITH "PermitEmptyPasswords no", and a (micro) fix
Lars
lhofhansl at yahoo.com
Wed May 7 13:46:51 EST 2003
Hi,
after installing 3.6.1p2 I noticed spurious PAM login failures
even with PermitEmptyPasswords set to "no":
sshd(pam_unix)[1740]: authentication failure; logname=XXX uid=0 euid=0
tty=NODEVssh ruser= rhost=localhost user=XXX
After looking at the code I noticed the following in the portability p2
patch:
+++ openssh-3.6.1p2/auth-passwd.c 2003-04-29 19:12:08.000000000 +1000
...
...
+
+#if defined(USE_PAM)
+ return auth_pam_password(authctxt, password) && ok;
+#elif defined(HAVE_OSF_SIA)
...
...
That should really be
+ return ok && auth_pam_password(authctxt, password);
(Note that ok is checked first, as I said in the subject its a trivial
micro fix)
I changed that and it works fine now. This should be integrated
in the patch.
-- Lars
More information about the openssh-unix-dev
mailing list