mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-18 10:35:55 +00:00
Code Issues Releases Activity

If user not exist in OPIE system, return failure immediately instead

Browse Source 
of producing fake prompts with random numbers which can be detected by
potential intruder in two tries and totally confuse non-OPIE users.
This commit is contained in:
Andrey A. Chernov 2002-01-19 10:09:05 +00:00
parent 3195cd6712
commit 6874115893
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=89555
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/libpam/modules/pam_opie/pam_opie.c
View File

@ -115,7 +115,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
opieaccessfile((char *)rhost) &&
opiealways(pwd->pw_dir);
} else
pwok = 1;
PAM_RETURN(PAM_AUTH_ERR);
for (i = 0; i < 2; i++) {
snprintf(prompt, sizeof prompt, promptstr[i], challenge);
retval = pam_get_pass(pamh, &response, prompt, &options);