fix passwd auth for 'username leaks via timing'; with djm@, original patches from solar

author: markus <markus@openbsd.org> 2003-08-26 09:58:43 +0000
committer: markus <markus@openbsd.org> 2003-08-26 09:58:43 +0000
commit: d830d5a5cf2daa6c586952ff616c991583956b8d (patch)
tree: 7dc38fa0ae15fbb005bffc665cce7aa3b6720319 /usr.bin/ssh/auth1.c
parent: mark cloned route with RTF_CLONED. remove RTF_CLONED route when clone parent (diff)
download: wireguard-openbsd-d830d5a5cf2daa6c586952ff616c991583956b8d.tar.xz
wireguard-openbsd-d830d5a5cf2daa6c586952ff616c991583956b8d.zip
1 files changed, 4 insertions, 2 deletions
diff --git a/usr.bin/ssh/auth1.c b/usr.bin/ssh/auth1.c
index dea027f3023..bcd4ab01411 100644
--- a/usr.bin/ssh/auth1.c
+++ b/usr.bin/ssh/auth1.c
@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.50 2003/08/13 08:46:30 markus Exp $");
+RCSID("$OpenBSD: auth1.c,v 1.51 2003/08/26 09:58:43 markus Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -315,8 +315,10 @@ do_authentication(void)
 	/* Verify that the user is a valid user. */
 	if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL)
 		authctxt->valid = 1;
-	else
+	else {
 		debug("do_authentication: illegal user %s", user);
+		authctxt->pw = fakepw();
+	}
 
 	setproctitle("%s%s", authctxt->pw ? user : "unknown",
 	    use_privsep ? " [net]" : "");
author	markus <markus@openbsd.org>	2003-08-26 09:58:43 +0000
committer	markus <markus@openbsd.org>	2003-08-26 09:58:43 +0000
commit	d830d5a5cf2daa6c586952ff616c991583956b8d (patch)
tree	7dc38fa0ae15fbb005bffc665cce7aa3b6720319 /usr.bin/ssh/auth1.c
parent	mark cloned route with RTF_CLONED. remove RTF_CLONED route when clone parent (diff)
download	wireguard-openbsd-d830d5a5cf2daa6c586952ff616c991583956b8d.tar.xz wireguard-openbsd-d830d5a5cf2daa6c586952ff616c991583956b8d.zip