3.6.1p2, Spurious PAM failure messages WITH "PermitEmptyPasswords no", and a (micro) fix
Frank Cusack
fcusack at fcusack.com
Thu May 8 05:59:52 EST 2003
On Wed, May 07, 2003 at 10:01:03AM -0500, Douglas E. Engert wrote:
> Is this related to the problem I still see on the HP_UX 11.0 with
> PAM when the password=""
yep
> The HP pam module failes. So I added back
> the check for password == '\0' in auth-pam.c and everything works now.
>
> It is still not clear why a password="" is being passed to PAM,
> other then to have the PAM exits get a look at the login.
In a few days, I'll post a summary of how I think the PAM flow should go,
along with a patch to make that happen. (I have to extract the patch from
my other local-isms.) Solar Designer has at least some of the same
thoughts I did, but doesn't go "all the way". (The Solar Designer
stuff made its way into 3.6.1p2 which is why folks are seeing this
change in behavior now.)
/fc
More information about the openssh-unix-dev
mailing list