]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c36d459) | patch
openssh: avoid checking empty passwords to mess up with PAM modules ChenQi/openssh-pam
authorChen Qi <Qi.Chen@windriver.com>
Wed, 2 Jul 2014 06:04:49 +0000 (02:04 -0400)
committerChen Qi <Qi.Chen@windriver.com>
Wed, 2 Jul 2014 06:19:29 +0000 (14:19 +0800)
commitf10b0de652bff0cfeb473eae9d31ebe7ed2e933d
treefa80b46279ed5a46d0e9643cc1236ba0bc96f528tree
parentc36d459f0d40bdbd3ba809835e0475e8992bc778commit | diff
openssh: avoid checking empty passwords to mess up with PAM modules

Previously, even if PAM is enabled for ssh, the daemon still tries to
authenticate an empty password. This leads to authentication failure
which would mess up with PAM modules.

As a result, if 'UsePAM', 'PermitEmptyPasswords' and 'PasswordAuthentication'
are enabled, no user can login correctly. We would meet the following error
message at the client side.

Write failed: Broken Pipe

This patch fixes the above problem by checking whether PAM is enabled before
authenticating an empty password. After all, if PAM is enabled, the task of
authenticating passwords should be handled to PAM modules.

[YOCTO #6466]

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
meta/recipes-connectivity/openssh/openssh/auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch [new file with mode: 0644] blob
meta/recipes-connectivity/openssh/openssh_6.6p1.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib