diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 1996-10-23 01:28:58 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 1996-10-23 01:28:58 +0000 |
| commit | 9dd286b201198121b4a0b91288443512e135b29a (patch) | |
| tree | c4bef882d9d7495abae93ad1f8fa8950fba3fcfc /usr.bin/login/login.c | |
| parent | 86e13c178dcc5898756d014bdfe3a7277cf63dc5 (diff) | |
skey_authenticate() now fakes up a challenge if user does not
have an entry in the keys file. Don't want to give info to
information gathering attack.
Diffstat (limited to 'usr.bin/login/login.c')
| -rw-r--r-- | usr.bin/login/login.c | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/usr.bin/login/login.c b/usr.bin/login/login.c index 21f527a5ec3..c8d48ad7a09 100644 --- a/usr.bin/login/login.c +++ b/usr.bin/login/login.c @@ -1,4 +1,4 @@ -/* $OpenBSD: login.c,v 1.7 1996/09/18 20:39:06 deraadt Exp $ */ +/* $OpenBSD: login.c,v 1.8 1996/10/23 01:28:56 millert Exp $ */ /* $NetBSD: login.c,v 1.13 1996/05/15 23:50:16 jtc Exp $ */ /*- @@ -44,7 +44,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)login.c 8.4 (Berkeley) 4/2/94"; #endif -static char rcsid[] = "$OpenBSD: login.c,v 1.7 1996/09/18 20:39:06 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: login.c,v 1.8 1996/10/23 01:28:56 millert Exp $"; #endif /* not lint */ /* @@ -478,11 +478,8 @@ pwcheck(user, p, salt, passwd) char *user, *p, *salt, *passwd; { #ifdef SKEY - if (strcasecmp(p, "s/key") == 0) { - if (skey_haskey(user)) - return 1; + if (strcasecmp(p, "s/key") == 0) return skey_authenticate(user); - } #endif return strcmp(crypt(p, salt), passwd); } |