bug-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

System password authentication


From: Brian Murphy
Subject: System password authentication
Date: Fri, 11 Apr 2003 11:45:36 +0200
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020623 Debian/1.0.0-0.woody.1

I am currently in the process of implimenting pam authentication for
cvs and I came across this code:

   if (*found_passwd)
       {
       /* user exists and has a password */
       host_user = ((! strcmp (found_passwd,
                                   crypt (password, found_passwd)))
                        ? xstrdup (username) : NULL);
           goto handle_return;
       }
   else if (password && *password)
       {
       /* user exists and has no system password, but we got
          one as parameter */
       host_user = xstrdup (username);
           goto handle_return;
       }
   else
       {
       /* user exists but has no password at all */
       host_user = NULL;
           goto handle_return;
       }
   }

The "else if" here authenticates a user if she has supplied a (non blank)
password but the system password is blank, Why?

/Brian





reply via email to

[Prev in Thread] Current Thread [Next in Thread]