Lines 601-608
_unix_blankpasswd (pam_handle_t *pamh, unsigned long long ctrl, const char *name
Link Here
|
601 |
char *salt = NULL; |
601 |
char *salt = NULL; |
602 |
int daysleft; |
602 |
int daysleft; |
603 |
int retval; |
603 |
int retval; |
604 |
int execloop = 1; |
604 |
int blank = 0; |
605 |
int nonexistent = 1; |
605 |
int execloop; |
|
|
606 |
int nonexistent_check = 1; |
606 |
|
607 |
|
607 |
D(("called")); |
608 |
D(("called")); |
608 |
|
609 |
|
Lines 632-674
_unix_blankpasswd (pam_handle_t *pamh, unsigned long long ctrl, const char *name
Link Here
|
632 |
* are equal, making it more difficult to differentiate existing from |
633 |
* are equal, making it more difficult to differentiate existing from |
633 |
* non-existing users. |
634 |
* non-existing users. |
634 |
*/ |
635 |
*/ |
635 |
while (execloop) { |
636 |
for (execloop = 0; execloop < 2; ++execloop) { |
636 |
retval = get_pwd_hash(pamh, name, &pwd, &salt); |
637 |
retval = get_pwd_hash(pamh, name, &pwd, &salt); |
637 |
|
638 |
|
638 |
if (retval == PAM_UNIX_RUN_HELPER) { |
639 |
if (retval == PAM_UNIX_RUN_HELPER) { |
639 |
execloop = 0; |
|
|
640 |
if(nonexistent) { |
641 |
get_pwd_hash(pamh, "pam_unix_non_existent:", &pwd, &salt); |
642 |
} |
643 |
/* salt will not be set here so we can return immediately */ |
644 |
if (_unix_run_helper_binary(pamh, NULL, ctrl, name) == PAM_SUCCESS) |
640 |
if (_unix_run_helper_binary(pamh, NULL, ctrl, name) == PAM_SUCCESS) |
645 |
return 1; |
641 |
blank = nonexistent_check; |
646 |
else |
|
|
647 |
return 0; |
648 |
} else if (retval == PAM_USER_UNKNOWN) { |
642 |
} else if (retval == PAM_USER_UNKNOWN) { |
649 |
name = "root"; |
643 |
name = "root"; |
650 |
nonexistent = 0; |
644 |
nonexistent_check = 0; |
651 |
} else { |
645 |
continue; |
652 |
execloop = 0; |
646 |
} else if (salt != NULL) { |
|
|
647 |
if (strlen(salt) == 0) |
648 |
blank = nonexistent_check; |
653 |
} |
649 |
} |
654 |
} |
650 |
name = "pam_unix_non_existent:"; |
655 |
|
651 |
/* non-existent user check will not affect the blank value */ |
656 |
/* Does this user have a password? */ |
|
|
657 |
if (salt == NULL) { |
658 |
retval = 0; |
659 |
} else { |
660 |
if (strlen(salt) == 0) |
661 |
retval = 1; |
662 |
else |
663 |
retval = 0; |
664 |
} |
652 |
} |
665 |
|
653 |
|
666 |
/* tidy up */ |
654 |
/* tidy up */ |
667 |
|
|
|
668 |
if (salt) |
655 |
if (salt) |
669 |
_pam_delete(salt); |
656 |
_pam_delete(salt); |
670 |
|
657 |
|
671 |
return retval; |
658 |
return blank; |
672 |
} |
659 |
} |
673 |
|
660 |
|
674 |
int _unix_verify_password(pam_handle_t * pamh, const char *name |
661 |
int _unix_verify_password(pam_handle_t * pamh, const char *name |