[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
System password authentication
From: |
Brian Murphy |
Subject: |
System password authentication |
Date: |
Fri, 11 Apr 2003 11:45:36 +0200 |
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020623 Debian/1.0.0-0.woody.1 |
I am currently in the process of implimenting pam authentication for
cvs and I came across this code:
if (*found_passwd)
{
/* user exists and has a password */
host_user = ((! strcmp (found_passwd,
crypt (password, found_passwd)))
? xstrdup (username) : NULL);
goto handle_return;
}
else if (password && *password)
{
/* user exists and has no system password, but we got
one as parameter */
host_user = xstrdup (username);
goto handle_return;
}
else
{
/* user exists but has no password at all */
host_user = NULL;
goto handle_return;
}
}
The "else if" here authenticates a user if she has supplied a (non blank)
password but the system password is blank, Why?
/Brian
- System password authentication,
Brian Murphy <=