summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@cvs.openbsd.org>2010-06-25 08:46:18 +0000
committerDamien Miller <djm@cvs.openbsd.org>2010-06-25 08:46:18 +0000
commitb29caff21c41b2f079a6fe8729aa65a54ccaf1b5 (patch)
tree83238c39668d04053346b4198d483c64d3116076
parent5391d7a0f83d8a9499059a78ad8939ed9e58757f (diff)
skip the initial check for access with an empty password when
PermitEmptyPasswords=no;
-rw-r--r--usr.bin/ssh/auth1.c4
-rw-r--r--usr.bin/ssh/auth2-none.c4
2 files changed, 4 insertions, 4 deletions
diff --git a/usr.bin/ssh/auth1.c b/usr.bin/ssh/auth1.c
index bd4ea1b6333..73361042084 100644
--- a/usr.bin/ssh/auth1.c
+++ b/usr.bin/ssh/auth1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth1.c,v 1.73 2008/07/04 23:30:16 djm Exp $ */
+/* $OpenBSD: auth1.c,v 1.74 2010/06/25 08:46:17 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -239,7 +239,7 @@ do_authloop(Authctxt *authctxt)
authctxt->valid ? "" : "invalid user ", authctxt->user);
/* If the user has no password, accept authentication immediately. */
- if (options.password_authentication &&
+ if (options.permit_empty_passwd && options.password_authentication &&
#ifdef KRB5
(!options.kerberos_authentication || options.kerberos_or_local_passwd) &&
#endif
diff --git a/usr.bin/ssh/auth2-none.c b/usr.bin/ssh/auth2-none.c
index 9ce38457a52..b282d470bef 100644
--- a/usr.bin/ssh/auth2-none.c
+++ b/usr.bin/ssh/auth2-none.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-none.c,v 1.15 2008/07/02 12:36:39 djm Exp $ */
+/* $OpenBSD: auth2-none.c,v 1.16 2010/06/25 08:46:17 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -51,7 +51,7 @@ userauth_none(Authctxt *authctxt)
{
none_enabled = 0;
packet_check_eom();
- if (options.password_authentication)
+ if (options.permit_empty_passwd && options.password_authentication)
return (PRIVSEP(auth_password(authctxt, "")));
return (0);
}