rooty/yubico-pam
1
0
Fork 0
mirror of https://github.com/Yubico/yubico-pam.git synced 2025-02-20 12:54:16 +01:00
Code Issues Projects Releases Wiki Activity

Fix big security hole: Authentication succeeded when no password

Browse Source 
was given, unless use_first_pass was being used.
This is fatal if pam_yubico is considered 'sufficient' in the PAM
configuration.

Signed-off-by: Nanakos Chrysostomos <nanakos@wired-net.gr>
This commit is contained in:
Nanakos Chrysostomos 2011-08-26 14:32:03 +03:00
parent 2bf1a9b645
commit 4712da70ca
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
pam_yubico.c
View File

@ -747,6 +747,7 @@ pam_sm_authenticate (pam_handle_t * pamh,
if (resp->resp == NULL) if (resp->resp == NULL)
{ {
DBG (("conv returned NULL passwd?")); DBG (("conv returned NULL passwd?"));
retval = PAM_AUTH_ERR;
goto done; goto done;
} }