xenodm uses the libc authentication layer incorrectly. fix by markus or millert Reported by Qualys

author: Theo de Raadt <deraadt@cvs.openbsd.org> 2019-12-04 09:53:48 +0000
committer: Matthieu Herrb <matthieu@herrb.eu> 2020-07-14 15:52:44 +0200
commit: 8ee116ce8625e6180f7ad4d91e675e53df5deaf1 (patch)
tree: 8095dc9312b53beba49e1a91ca314c2c9157d44f
parent: afa13ba4920b104a9846bfb84b88c9bd671664d5 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/greeter/verify.c b/greeter/verify.c
index 69d79e6..2b95cc3 100644
--- a/greeter/verify.c
+++ b/greeter/verify.c
@@ -136,7 +136,7 @@ Verify (struct display *d, struct greet_info *greet, struct verify_info *verify)
 	explicit_bzero(greet->password, passwd_len);
 	/* Build path of the auth script and call it */
 	snprintf(path, sizeof(path), _PATH_AUTHPROG "%s", style);
-	auth_call(as, path, style, "-s", "response", greet->name,
+	auth_call(as, path, style, "-s", "response", "--", greet->name,
 		  lc->lc_class, (void *)NULL);
 	authok = auth_getstate(as);
author	Theo de Raadt <deraadt@cvs.openbsd.org>	2019-12-04 09:53:48 +0000
committer	Matthieu Herrb <matthieu@herrb.eu>	2020-07-14 15:52:44 +0200
commit	8ee116ce8625e6180f7ad4d91e675e53df5deaf1 (patch)
tree	8095dc9312b53beba49e1a91ca314c2c9157d44f
parent	afa13ba4920b104a9846bfb84b88c9bd671664d5 (diff)