From 5d0d99723d3f15362ec54c0a9c830b328d3b7e5b Mon Sep 17 00:00:00 2001
From: ache <ache@FreeBSD.org>
Date: Sat, 19 Jan 2002 03:18:33 +0000
Subject: Remove conditional 'pwok' fallback for PAM which now is implemented
 in pam_opie module

For non-PAM variant rewrite empty password checking code to do the right thing
and not disallow empty passwords in all cases.
---
 libexec/ftpd/ftpd.c | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

(limited to 'libexec')

diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c
index e421142..15dcd20 100644
--- a/libexec/ftpd/ftpd.c
+++ b/libexec/ftpd/ftpd.c
@@ -1252,23 +1252,21 @@ pass(passwd)
 #ifdef USE_PAM
 		rval = auth_pam(&pw, passwd);
 		opieunlock();   /* XXX */
-		if (rval == 0 || (!pwok && rval > 0))
+		if (rval >= 0)
 			goto skip;
-		xpasswd = crypt(passwd, pw->pw_passwd);
-#else /* !USE_PAM */
+#endif
 		if (opieverify(&opiedata, passwd) == 0)
 			xpasswd = pw->pw_passwd;
-		else if (pwok)
+		else if (pwok) {
 			xpasswd = crypt(passwd, pw->pw_passwd);
-		else {
+			if (passwd[0] == '\0' && pw->pw_passwd[0] != '\0')
+				xpasswd = ":";
+		} else {
 			rval = 1;
 			goto skip;
 		}
-#endif /* !USE_PAM */
 		rval = strcmp(pw->pw_passwd, xpasswd);
-		/* The strcmp does not catch null passwords! */
-		if (*pw->pw_passwd == '\0' ||
-		    (pw->pw_expire && time(NULL) >= pw->pw_expire))
+		if (pw->pw_expire && time(NULL) >= pw->pw_expire)
 			rval = 1;	/* failure */
 skip:
 		/*
-- 
cgit v1.1