Skip to content

Commit

Permalink
Fix big security hole: Authentication succeeded when no password
Browse files Browse the repository at this point in the history 
was given, unless use_first_pass was being used.
This is fatal if pam_yubico is considered 'sufficient' in the PAM
configuration.

Signed-off-by: Nanakos Chrysostomos <nanakos@wired-net.gr>
  • Loading branch information
Nanakos Chrysostomos committed Aug 26, 2011
1 parent 2bf1a9b commit 4712da7
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions pam_yubico.c
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -747,6 +747,7 @@ pam_sm_authenticate (pam_handle_t * pamh,
if (resp->resp == NULL) if (resp->resp == NULL)
{ {
DBG (("conv returned NULL passwd?")); DBG (("conv returned NULL passwd?"));
retval = PAM_AUTH_ERR;
goto done; goto done;
} }


Expand Down

0 comments on commit 4712da7

Please sign in to comment.