diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2003-08-26 09:58:44 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2003-08-26 09:58:44 +0000 |
| commit | fda304b5a80ed890fea222257d74e366f160b8dc (patch) | |
| tree | 83b44bab039b08fd6d861409dfe6fa068f9eff91 /usr.bin/ssh/auth2-passwd.c | |
| parent | d583950be9e490d1bb31e20cb010348fcb444fd0 (diff) | |
fix passwd auth for 'username leaks via timing'; with djm@, original patches from solar
Diffstat (limited to 'usr.bin/ssh/auth2-passwd.c')
| -rw-r--r-- | usr.bin/ssh/auth2-passwd.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/usr.bin/ssh/auth2-passwd.c b/usr.bin/ssh/auth2-passwd.c index a6d6b379147..7a659a2e126 100644 --- a/usr.bin/ssh/auth2-passwd.c +++ b/usr.bin/ssh/auth2-passwd.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2-passwd.c,v 1.3 2003/04/08 20:21:28 itojun Exp $"); +RCSID("$OpenBSD: auth2-passwd.c,v 1.4 2003/08/26 09:58:43 markus Exp $"); #include "xmalloc.h" #include "packet.h" @@ -47,8 +47,7 @@ userauth_passwd(Authctxt *authctxt) logit("password change not supported"); password = packet_get_string(&len); packet_check_eom(); - if (authctxt->valid && - PRIVSEP(auth_password(authctxt, password)) == 1) + if (PRIVSEP(auth_password(authctxt, password)) == 1) authenticated = 1; memset(password, 0, len); xfree(password); |