Page MenuHomeFreeBSD

Do not prompt for password if it's set to empty password
ClosedPublic

Authored by trasz on Dec 11 2020, 11:35 AM.
Tags
None
Referenced Files
F106070173: D27569.diff
Tue, Dec 24, 9:40 PM
Unknown Object (File)
Fri, Dec 6, 8:13 AM
Unknown Object (File)
Wed, Dec 4, 2:33 PM
Unknown Object (File)
Nov 24 2024, 11:36 AM
Unknown Object (File)
Nov 24 2024, 11:36 AM
Unknown Object (File)
Nov 24 2024, 11:36 AM
Unknown Object (File)
Nov 22 2024, 9:55 PM
Unknown Object (File)
Nov 19 2024, 8:21 AM

Details

Summary

Make pam_unix(8) not prompt for password, if it's set to an empty
one - just like we don't prompt for password if the hash itself
is empty.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 38154
Build 35043: arc lint + arc unit

Event Timeline

Add a separate option, "emptyok", so we can commit it without changing
the default behaviour.

lib/libpam/modules/pam_unix/pam_unix.c
97

Seems this should really be called emptypasswd.

127

Should we check for the option and flag before calling crypt()?

Seems ok to me. It would be best if someone more familiar with PAM would look at this.

This revision is now accepted and ready to land.Mar 31 2021, 4:15 PM