patch: openssh empty password fail with pam/sshv1
Darren Tucker
dtucker at zip.com.au
Wed Jun 23 09:20:06 EST 2004
David Wu wrote:
> We've encountered a bug with OpenSSH 3.8.1p1 on Linux. With an account
> that has an empty password and with PAM and Privilege Separation turned
> on through the SSH1 protocol, the login fails with:
>
> fatal: mm_request_receive_expect: read: rtype 24 != type 46
>
> I believe the problem is a missing do_pam_account() call. The patch below
> to auth1.c fixes the problem. If this is correct, can someone please
> commit this?
Applied to both 3.8.1 branch and HEAD. Thanks.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list