diff options
| author |   dtucker <dtucker@openbsd.org> | 2003-12-31 00:24:50 +0000 |
|---|---|---|
| committer | dtucker <dtucker@openbsd.org> | 2003-12-31 00:24:50 +0000 |
| commit | bfef019d3c399d0b6ef2f297b0c55e8f48e9337e (patch) | |
| tree | 85d858931e98850b25ab2a4e447a2e7d26bc660d | |
| parent | regen (diff) | |
| download | wireguard-openbsd-bfef019d3c399d0b6ef2f297b0c55e8f48e9337e.tar.xz wireguard-openbsd-bfef019d3c399d0b6ef2f297b0c55e8f48e9337e.zip | |
Ignore password change request during password auth (which we currently don't
support) and discard proposed new password. corrections/ok markus@
| -rw-r--r-- | usr.bin/ssh/auth2-passwd.c | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/usr.bin/ssh/auth2-passwd.c b/usr.bin/ssh/auth2-passwd.c index 7a659a2e126..67d43db42e6 100644 --- a/usr.bin/ssh/auth2-passwd.c +++ b/usr.bin/ssh/auth2-passwd.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2-passwd.c,v 1.4 2003/08/26 09:58:43 markus Exp $"); +RCSID("$OpenBSD: auth2-passwd.c,v 1.5 2003/12/31 00:24:50 dtucker Exp $"); #include "xmalloc.h" #include "packet.h" @@ -38,16 +38,24 @@ extern ServerOptions options; static int userauth_passwd(Authctxt *authctxt) { - char *password; + char *password, *newpass; int authenticated = 0; int change; - u_int len; + u_int len, newlen; + change = packet_get_char(); - if (change) - logit("password change not supported"); password = packet_get_string(&len); + if (change) { + /* discard new password from packet */ + newpass = packet_get_string(&newlen); + memset(newpass, 0, newlen); + xfree(newpass); + } packet_check_eom(); - if (PRIVSEP(auth_password(authctxt, password)) == 1) + + if (change) + logit("password change not supported"); + else if (PRIVSEP(auth_password(authctxt, password)) == 1) authenticated = 1; memset(password, 0, len); xfree(password); |