From 47655ee03a67ed89ef55c957e5a8183ca3113d2c Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 26 Jul 2005 21:54:11 +1000 Subject: [PATCH] - (djm) OpenBSD CVS Sync - otto@cvs.openbsd.org 2005/07/19 15:32:26 [auth-passwd.c] auth_usercheck(3) can return NULL, so check for that. Report from mpech@. ok markus@ --- ChangeLog | 7 ++++++- auth-passwd.c | 4 +++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 78a67e6b7..8387604d1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,11 @@ 20050726 - (dtucker) [configure.ac] Update zlib warning message too, pointed out by tim@. + - (djm) OpenBSD CVS Sync + - otto@cvs.openbsd.org 2005/07/19 15:32:26 + [auth-passwd.c] + auth_usercheck(3) can return NULL, so check for that. Report from + mpech@. ok markus@ 20050725 - (dtucker) [configure.ac] Update zlib version check for CAN-2005-2096. @@ -2865,4 +2870,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3855 2005/07/26 02:00:42 dtucker Exp $ +$Id: ChangeLog,v 1.3856 2005/07/26 11:54:11 djm Exp $ diff --git a/auth-passwd.c b/auth-passwd.c index 654e0b821..6e6d0d76a 100644 --- a/auth-passwd.c +++ b/auth-passwd.c @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-passwd.c,v 1.33 2005/01/24 11:47:13 dtucker Exp $"); +RCSID("$OpenBSD: auth-passwd.c,v 1.34 2005/07/19 15:32:26 otto Exp $"); #include "packet.h" #include "buffer.h" @@ -163,6 +163,8 @@ sys_auth_passwd(Authctxt *authctxt, const char *password) as = auth_usercheck(pw->pw_name, authctxt->style, "auth-ssh", (char *)password); + if (as == NULL) + return (0); if (auth_getstate(as) & AUTH_PWEXPIRED) { auth_close(as); disable_forwarding();