diff options
Diffstat (limited to 'meta/recipes-connectivity/openssh/openssh/auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch')
-rw-r--r-- | meta/recipes-connectivity/openssh/openssh/auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh/auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch b/meta/recipes-connectivity/openssh/openssh/auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch new file mode 100644 index 0000000000..ba13cd1919 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch | |||
@@ -0,0 +1,30 @@ | |||
1 | Upstream-Status: Pending | ||
2 | |||
3 | Subject: auth2-none.c: avoid authenticate empty passwords to mess up with PAM | ||
4 | |||
5 | If UsePAM, PermitEmptyPasswords, PasswordAuthentication are enabled. The ssh daemon | ||
6 | will try to authenticate an empty password, resulting in login failures of any user. | ||
7 | If PAM is enabled, then we should leave the task of password authentication to PAM. | ||
8 | |||
9 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | ||
10 | |||
11 | --- | ||
12 | auth2-none.c | 2 +- | ||
13 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
14 | |||
15 | diff --git a/auth2-none.c b/auth2-none.c | ||
16 | index c8c6c74..b48b2fd 100644 | ||
17 | --- a/auth2-none.c | ||
18 | +++ b/auth2-none.c | ||
19 | @@ -61,7 +61,7 @@ userauth_none(Authctxt *authctxt) | ||
20 | { | ||
21 | none_enabled = 0; | ||
22 | packet_check_eom(); | ||
23 | - if (options.permit_empty_passwd && options.password_authentication) | ||
24 | + if (options.permit_empty_passwd && options.password_authentication && !options.use_pam) | ||
25 | return (PRIVSEP(auth_password(authctxt, ""))); | ||
26 | return (0); | ||
27 | } | ||
28 | -- | ||
29 | 1.7.9.5 | ||
30 | |||