Commit b3247885 authored by Niels Möller's avatar Niels Möller
Browse files

(do_lookup_user): Just ignore shadow database if

getspnam returns NULL.

Rev: src/unix_user.c:1.66
parent 77983e93
...@@ -1134,15 +1134,19 @@ do_lookup_user(struct user_db *s, ...@@ -1134,15 +1134,19 @@ do_lookup_user(struct user_db *s,
/* Check for root login */ /* Check for root login */
if (!passwd->pw_uid && !self->allow_root) if (!passwd->pw_uid && !self->allow_root)
goto fail; goto fail;
#if HAVE_GETSPNAM #if HAVE_GETSPNAM
{
struct spwd *shadowpwd;
/* FIXME: What's the most portable way to test for shadow /* FIXME: What's the most portable way to test for shadow
* passwords? For now, we look up shadow database if and only if * passwords? For now, we look up shadow database if and only if
* the passwd field equals "x". */ * the passwd field equals "x". If there's no shadow record, we
if (!strcmp(crypted, "x")) * just keep the value from the passwd-database, the user may be
* able to login using a publickey, or the password helper. */
if (strcmp(crypted, "x") == 0
&& (shadowpwd = getspnam(cname)))
{ {
struct spwd *shadowpwd;
/* Current day number since January 1, 1970. /* Current day number since January 1, 1970.
* *
* FIXME: Which timezone is used in the /etc/shadow file? */ * FIXME: Which timezone is used in the /etc/shadow file? */
...@@ -1190,6 +1194,7 @@ do_lookup_user(struct user_db *s, ...@@ -1190,6 +1194,7 @@ do_lookup_user(struct user_db *s,
crypted = shadowpwd->sp_pwdp; crypted = shadowpwd->sp_pwdp;
} }
}
#endif /* HAVE_GETSPNAM */ #endif /* HAVE_GETSPNAM */
/* Check again for empty passwd field (as it may have been /* Check again for empty passwd field (as it may have been
* replaced by the shadow one). */ * replaced by the shadow one). */
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment