From b29caff21c41b2f079a6fe8729aa65a54ccaf1b5 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@cvs.openbsd.org>
Date: Fri, 25 Jun 2010 08:46:18 +0000
Subject: skip the initial check for access with an empty password when
 PermitEmptyPasswords=no;

---
 usr.bin/ssh/auth1.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'usr.bin/ssh/auth1.c')

diff --git a/usr.bin/ssh/auth1.c b/usr.bin/ssh/auth1.c
index bd4ea1b6333..73361042084 100644
--- a/usr.bin/ssh/auth1.c
+++ b/usr.bin/ssh/auth1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth1.c,v 1.73 2008/07/04 23:30:16 djm Exp $ */
+/* $OpenBSD: auth1.c,v 1.74 2010/06/25 08:46:17 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -239,7 +239,7 @@ do_authloop(Authctxt *authctxt)
 	    authctxt->valid ? "" : "invalid user ", authctxt->user);
 
 	/* If the user has no password, accept authentication immediately. */
-	if (options.password_authentication &&
+	if (options.permit_empty_passwd && options.password_authentication &&
 #ifdef KRB5
 	    (!options.kerberos_authentication || options.kerberos_or_local_passwd) &&
 #endif
-- 
cgit v1.2.3