diff options
author | ache <ache@FreeBSD.org> | 2002-01-19 10:09:05 +0000 |
---|---|---|
committer | ache <ache@FreeBSD.org> | 2002-01-19 10:09:05 +0000 |
commit | f9d407de0bacb5f0ef6f4cd0482ca25ba8c25076 (patch) | |
tree | 74e78ba32111f2632fe7f40efd772c83242fc997 | |
parent | 0262fc4b8f5aaf8e67e90f8ff3b43520b4905bf6 (diff) | |
download | FreeBSD-src-f9d407de0bacb5f0ef6f4cd0482ca25ba8c25076.zip FreeBSD-src-f9d407de0bacb5f0ef6f4cd0482ca25ba8c25076.tar.gz |
If user not exist in OPIE system, return failure immediately instead
of producing fake prompts with random numbers which can be detected by
potential intruder in two tries and totally confuse non-OPIE users.
-rw-r--r-- | lib/libpam/modules/pam_opie/pam_opie.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/libpam/modules/pam_opie/pam_opie.c b/lib/libpam/modules/pam_opie/pam_opie.c index e030194..a33c422 100644 --- a/lib/libpam/modules/pam_opie/pam_opie.c +++ b/lib/libpam/modules/pam_opie/pam_opie.c @@ -115,7 +115,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) opieaccessfile((char *)rhost) && opiealways(pwd->pw_dir); } else - pwok = 1; + PAM_RETURN(PAM_AUTH_ERR); for (i = 0; i < 2; i++) { snprintf(prompt, sizeof prompt, promptstr[i], challenge); retval = pam_get_pass(pamh, &response, prompt, &options); |