From 9dd286b201198121b4a0b91288443512e135b29a Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <millert@cvs.openbsd.org>
Date: Wed, 23 Oct 1996 01:28:58 +0000
Subject: skey_authenticate() now fakes up a challenge if user does not have an
 entry in the keys file.  Don't want to give info to information gathering
 attack.

---
 usr.bin/su/su.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

(limited to 'usr.bin/su')

diff --git a/usr.bin/su/su.c b/usr.bin/su/su.c
index 0c58f4c9c36..286c61a46e7 100644
--- a/usr.bin/su/su.c
+++ b/usr.bin/su/su.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: su.c,v 1.13 1996/10/21 19:33:36 deraadt Exp $	*/
+/*	$OpenBSD: su.c,v 1.14 1996/10/23 01:28:57 millert Exp $	*/
 
 /*
  * Copyright (c) 1988 The Regents of the University of California.
@@ -41,7 +41,7 @@ char copyright[] =
 
 #ifndef lint
 /*static char sccsid[] = "from: @(#)su.c	5.26 (Berkeley) 7/6/91";*/
-static char rcsid[] = "$OpenBSD: su.c,v 1.13 1996/10/21 19:33:36 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: su.c,v 1.14 1996/10/23 01:28:57 millert Exp $";
 #endif /* not lint */
 
 #include <sys/param.h>
@@ -174,9 +174,7 @@ main(argc, argv)
 			p = getpass("Password:");
 #ifdef SKEY
 			if (strcasecmp(p, "s/key") == 0) {
-				if (skey_haskey(user))
-					errx(1, "Sorry, you have no s/key.");
-				else if (skey_authenticate(user))
+				if (skey_authenticate(user))
 					goto badlogin;
 			} else
 #endif
-- 
cgit v1.2.3