git: DragonFly_RELEASE_2_10 pam_ssh: pam_ssh: Don't allow a bogus passphrase for unencrypted keys.

Peter Avalos pavalos at crater.dragonflybsd.org
Sat Dec 24 13:24:22 PST 2011


commit 8fb0265f25056f0ed8876d25b5f4598181ed46c4
Author: Peter Avalos <pavalos at dragonflybsd.org>
Date:   Sat Dec 24 13:21:07 2011 -0800

    pam_ssh:  pam_ssh:  Don't allow a bogus passphrase for unencrypted keys.
    
    key_load_private() ignores the passphrase argument if the private
    key is unencrypted.  This defeats the nullok check, because it means
    a non-null passphrase will successfully unlock the key.
    
    Obtained-From:  FreeBSD

Summary of changes:
 lib/pam_module/pam_ssh/pam_ssh.c |   25 ++++++++++++++++++-------
 1 files changed, 18 insertions(+), 7 deletions(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/8fb0265f25056f0ed8876d25b5f4598181ed46c4


-- 
DragonFly BSD source repository





More information about the Commits mailing list